Selection and storage of policies in network management

US 20030037040A1
Filed: 08/13/2002
Published: 02/20/2003
Est. Priority Date: 08/14/2001
Status: Active Grant

First Claim

Patent Images

1. A method of identifying a plurality of customer network devices over a connecting network, the method comprising:

identifying the plurality of customer network devices in a file having a format that is directly viewable on a user GUI and is directly transportable over the connecting network; and

thereafter transporting the file over the connecting network.

View all claims

13 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

User interface and policy loading aspects of a policy-based, outsourced, network management system. In one aspect, a user selects policies using a graphical user interface (GUI) with a two paned window having a tree view of the policies in one pane. In another aspect, the policies are (1) created in the GUI format (e.g., XML), (2) sent over a network (e.g., the internet) to a service center in the same format, and (3) are loaded, manipulated and stored in the same format. In another aspect, the initial loading of the policies is done using a bulk loader in a logic layer. In another aspect, the logic layer also includes a configuration checker which handles changes or additions to policies in a finished network management system. Any aspects of the new or changed policy that are inconsistent with the finished system are parsed and stripped out. In another aspect, where the details of a new policy or change aren'"'"'t specified, a base configuration creator creates a policy with minimal attributes. In another aspect, the logic layer also contains a device control console, which allows bypassing the policy creating and configuring to allow a user to directly access a device for configuration.

Citations

21 Claims

1. A method of identifying a plurality of customer network devices over a connecting network, the method comprising:
- identifying the plurality of customer network devices in a file having a format that is directly viewable on a user GUI and is directly transportable over the connecting network; and
  
  thereafter transporting the file over the connecting network.
- View Dependent Claims (5)
- - 5. The method of claim 1 further comprising bulk loading said file into a network management directory by:
    - receiving the file over the network;
      
      thereafter converting the file format to a hierarchical format; and
      
      thereafter transferring the converted file to a directory in a single file transfer session.

2. The method of claim 2 wherein said connecting network is the internet.
- View Dependent Claims (3, 4)
- - 3. The method of claim 2 wherein said user GUI is an internet browser.
  - 4. The method of claim 3 wherein said file format is XML.

6. A method of selecting network policies for a plurality of customer network devices over a connecting network, the method comprising:
- displaying lists of network policies and their associated attributes over the connecting network to the customer viewable on the customer'"'"'s GUI, wherein said policies and their associated attributes are stored in a directory;
  
  presenting said network policies in a tree structure such that branches of the tree can be selectively accessed for viewing; and
  
  selecting a set of policies from the displayed policy lists for the plurality of customer network devices.
- View Dependent Claims (7, 8, 9)
- - 7. The method of claim 6 wherein said directory is displayed in said tree structure in a first pane of a window and wherein the lists of policies and their associated attributes are displayed in a second pane of the window.
  - 8. The method of claim 6 wherein said connecting network is the internet.
  - 9. The method of claim 8 wherein said user GUI is an internet browser.

10. A method of automatically configuring a network device which is subject to a customized user policy, using a base configuration checker, the method comprising:
- receiving configuration data for the network device;
  
  identifying configuration elements that are in conflict with said customized user policy;
  
  correcting or reporting to a user said configuration elements in conflict.
- View Dependent Claims (11, 12, 13)
- - 11. The method of claim 10 further comprising:
    - providing a database manager object for retrieving base configuration data for said network device;
      
      providing a rule set object for instantiating different rule objects based upon said base configuration data; and
      
      managing and maintaining a set of step objects with each of said rule objects.
  - 12. The method of claim 10 further comprising:
    - providing a management system for applying said customized user policy to a plurality of networked devices; and
      
      providing an initial configuration if said network device is not under active management by said management system.
  - 13. The method of claim 12 further comprising:
    - determining a device ID for said device;
      
      fetching a base configuration for said device based on said device ID and an ID for said customized user policy.

14. A method of automatically configuring a network device which is subject to a customized user policy, the method comprising:
- receiving configuration data for the network device;
  
  identifying configuration elements that are in conflict with said customized user policy;
  
  correcting or reporting to a user said configuration elements in conflict;
  
  providing a management system for applying said customized user policy to a plurality of networked devices; and
  
  providing an initial configuration if said network device is not under active management by said management system.

15. A method of bulk loading data into a directory for a customized user network management system, comprising:
- receiving a flat XML file with device configurations for a plurality of devices;
  
  converting said flat XML file into a hierarchical format; and
  
  loading said XML file in hierarchical format into said directory.
- View Dependent Claims (16)
- - 16. The method of claim 15 further comprising:
    - initiating a thread for said flat XML file;
      
      invoking a plurality of COM components with said thread, each of said COM components corresponding to a different type of configuration data.

17. A method of accessing a network device under control of a network management system, the method comprising:
- disengaging the network device from the network management system so that the network device is not under the control of the network management system without disrupting the control of a plurality of other network devices being controlled by the network management system;
  
  thereafter establishing a communication link to the network device; and
  
  thereafter issuing commands to the network device via the communication link to control the network device.
- View Dependent Claims (18, 19)
- - 18. The method of claim 17 wherein the communication link is an encrypted link.
  - 19. The method of claim 17 further comprising:
    - removing the communication link following the act of issuing commands to terminate access to the network device; and
      
      thereafter engaging the network device with the network management system so as to bring the network device under the control of the network management system.

20. A method of remotely accessing a network device under control of a network management system, using a telnet proxy tool, the method of operating said telnet proxy tool comprising:
- authenticating a user with a login and password registered with said network management system;
  
  disengaging the network device from the network management system so that the network device is not under the control of the network management system without disrupting the control of a plurality of other network devices being controlled by the network management system;
  
  thereafter establishing an encrypted communication link to the network device;
  
  limiting said communication link to a single network device;
  
  providing a limited set of commands for said user to use with the network device via the communication link;
  
  eliminating said communication link after completion of a session by said user.

21. A method of identifying a plurality of network entities disposed in a communications network comprising:
- providing a modular network management system wherein device configurations are manipulated using COM objects;
  
  assigning a mini-GUID to each one of the plurality of the network entities, said mini-GUID having less than 32 bits.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sophos Limited (Sophos Group Ltd.)
Original Assignee
SmartPipes, Incorporated (Sophos Group Ltd.)
Inventors
Bell, Raymond J., Russo, Kevin A., Emerick, William S., Mulh, Kenneth E., Beadles, Mark A.

Granted Patent

US 7,130,854 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/1
CPC Class Codes

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/22   comprising specially adapte...

Selection and storage of policies in network management

First Claim

13 Assignments

0 Petitions

Accused Products

Abstract

Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Selection and storage of policies in network management

First Claim

13 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links