Automated establishment of addressability of a network device for a target network enviroment
First Claim
1. A method comprising:
- detecting, by a boot time process of a network device in a factory default configuration, the presence of a storage device containing therein addressability data that allows the network device to communicate and be addressable within a network environment in which it will be functioning;
after detecting the presence of the storage device, receiving at the network device the addressability data by using a protocol associated with the storage device to transport the addressability data from the storage device to the network device; and
establishing addressability of the network device, by the boot time process, to enable it to communicate with and be addressed by other nodes in the network environment by configuring one or more address parameters of the network device based upon the addressability data.
1 Assignment
0 Petitions
Accused Products
Abstract
Apparatus and methods are provided for remote, automated, and secure network device provisioning over a pre-existing communications network. According to one embodiment, automated establishment of addressability of a network device is supported for a target network environment. A boot time process of a network device in a factory default configuration detects the presence of a storage device containing therein addressability data that allows the network device to communicate and be addressable within the target network environment. After detecting the presence of the storage device, the network device receives the addressability data from the storage device by using a communication protocol associated with the storage device. Finally, addressability of the network device is established to enable it to communicate with and be addressed by other nodes in the target network environment by configuring one or more address parameters of the network device based upon the addressability data.
-
Citations
60 Claims
-
1. A method comprising:
-
detecting, by a boot time process of a network device in a factory default configuration, the presence of a storage device containing therein addressability data that allows the network device to communicate and be addressable within a network environment in which it will be functioning;
after detecting the presence of the storage device, receiving at the network device the addressability data by using a protocol associated with the storage device to transport the addressability data from the storage device to the network device; and
establishing addressability of the network device, by the boot time process, to enable it to communicate with and be addressed by other nodes in the network environment by configuring one or more address parameters of the network device based upon the addressability data. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 19, 20)
-
-
18. A method comprising the steps of:
-
a step for establishing addressability of a network device that takes the network device from a factory default state to an initial operating state in which the network device can communicate and is addressable within a predetermined network environment; and
a step, responsive to completion of the step for establishing addressability, for provisioning the network device that takes the network device from the initial operating state to a fully defined, functional state in which the network device is configured and ready to process network traffic in the predetermined network environment by acquiring remaining configuration data by way of one or more data transfers over a network from a remote device configuration server.
-
-
21. A method comprising:
-
detecting, by a boot time process of a first virtual private network (VPN) device in a factory default configuration, the presence of a hardware token coupled to a designated provisioning port of the first VPN network device, the hardware token including a non-volatile, programmable memory having stored therein addressability data that allows the first VPN device to communicate and be addressable within a predetermined network environment;
after detecting the presence of the storage device, receiving at the first VPN device the addressability data by using a protocol associated with the hardware token to read the addressability data from the non-volatile, programmable memory of the hardware token;
establishing addressability of the first VPN device, by the boot time process, to enable it to communicate with other network devices in the predetermined network environment by setting one or more address parameters of the first VPN device based upon the addressability data;
transmitting a configuration request to a remote device configuration server from the boot time process, the configuration request including security data read from the hardware token or encrypted based upon the security data;
receiving, in response to the configuration request, tunnel configuration data from the remote device configuration server, the tunnel configuration data including an Internet Protocol (IP) address of a second VPN device associated with the predetermined network environment; and
causing a tunnel to be established between the first VPN device and the second VPN device through a transit network based upon the tunnel configuration data. - View Dependent Claims (22, 23, 24, 26, 27, 28, 30, 31, 32, 33, 35, 36, 37, 39, 40, 41, 42, 43, 44, 46, 47, 48, 49, 50, 51)
-
-
25. A network device provisioning system comprising:
-
a first network device to be placed in an initial operating configuration in which the first network device can communicate and be addressable within a predetermined network environment;
a hardware token to interface with a designated provisioning port of the first network device, the hardware token including a non-volatile, programmable memory having stored therein addressability data for the first network device; and
whereinthe first network device is capable of automatically initiating an addressability phase in response to detecting the presence of the hardware token on the designated provisioning port, during the addressability phase, the first network device receives the addressability data from the hardware token and transitions from a current configuration to the initial operating configuration.
-
-
29. A network device comprising:
-
a provisioning interface to receive addressability data from a storage device, the addressability data allowing the network device to communicate and be addressable within a target network environment;
one or more flash memory modules having stored therein firmware to;
check for the presence of the storage device during boot time processing, cause the addressability data to be received from the storage device using a protocol associated with the storage device if the storage device is present, and establish addressability of the network device by configuring one or more address parameters of the network device based upon the addressability data; and
a processor coupled to the one or more flash memory modules to execute the firmware in response to reset or power up.
-
-
34. A machine-readable medium having stored thereon data representing instructions that, if executed by a processor of a network device, cause the processor to:
-
detect the presence of a storage device containing therein addressability data that allows the network device to communicate and be addressable within a network environment in which it will be functioning;
receive the addressability data by using a protocol associated with the storage device to transport the addressability data from the storage device to the network device; and
establish addressability of the network device to enable it to communicate with and be addressed by other nodes in the network environment by configuring one or more address parameters of the network device based upon the addressability data.
-
-
38. A method of deploying a network device comprising:
-
providing a network device;
providing a hardware token to interface with a designated provisioning port of the network device;
programming a non-volatile memory of the hardware token with addressability data for the network device, which is capable of automatically initiating an addressability phase in response to detecting the presence of the hardware token on the designated provisioning port, the addressability phase causing the network device to receive the addressability data from the hardware token and transition from a current configuration to an initial operating configuration in which the network device can communicate and be addressable within a predetermined network environment; and
separately shipping the network device and the programmed storage device to a network site at which the network device will be installed within the predetermined network environment.
-
-
45. A method of installing a network device comprising:
-
receiving delivery of a network device that is capable of automatically initiating an addressability phase in response to detecting the presence of a hardware token on a designated provisioning port of the network device;
receiving delivery of a hardware token, the hardware token to interface with the designated provisioning port of the network device, the hardware token including a non-volatile, programmable memory having stored therein addressability data to place the network device in an initial operating state in which the network device can communicate and be addressable within a predetermined network environment;
communicatively coupling the network device with the predetermined network environment; and
initiating the addressability phase by coupling the hardware token to the designated provisioning port of the network device and causing the network device to boot, the addressability phase causing the network device to receive the addressability data from the hardware token and transition from a current configuration to the initial operating configuration.
-
-
52. A method of delivering a network device comprising:
-
shipping a fully operational network device in a factory default configuration to a customer network site at which the network device will be installed within a predetermined network environment, the network device capable of automatically initiating an addressability phase in response to detecting the presence of an external, user-serviceable smart hardware storage device on a designated provisioning port of the network device; and
if the customer has requested an automated provisioning feature, then programming an external, user-serviceable smart hardware storage device with addressability data for the network device, the smart hardware storage device to interface with the designated provisioning port of the network device and cause the addressability phase to be initiated, the addressability phase causing the addressability data to be transferred from the smart hardware storage device to the network device and enabling the network device to transition from the factory default configuration to an initial operating configuration in which the network device can communicate and be addressable within the predetermined network environment, and shipping the programmed smart hardware storage device to the customer network site. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60)
-
Specification