Device plug-in system for configuring network device over a public network
First Claim
1. A method for configuring a network device over a public network, comprising:
- establishing a communication link to said network device;
downloading to said network device over said public network a bootstrap partial configuration to enable establishment of a secure channel;
establishing a secure channel over said public network with said network device using said bootstrap partial configuration; and
downloading full configuration data over said secure channel to said network device.
12 Assignments
0 Petitions
Accused Products
Abstract
The present invention provides device configuration and policy configuration data to network devices over a public network, e.g., the internet. A secure communication link is first established over the public network to the network device. Next, policy and configuration information is downloaded to the network device using that secure communication link. In one embodiment, the communication link is an IPSec tunnel. In particular, the network policy may include a virtual private network (VPN) policy. The invention addresses the secure downloading of configuration and policy information, which has not been an issue in prior art devices where there was an ability to provide such information internally to a network, without the need to go over the internet.
70 Citations
13 Claims
-
1. A method for configuring a network device over a public network, comprising:
-
establishing a communication link to said network device;
downloading to said network device over said public network a bootstrap partial configuration to enable establishment of a secure channel;
establishing a secure channel over said public network with said network device using said bootstrap partial configuration; and
downloading full configuration data over said secure channel to said network device. - View Dependent Claims (2, 3, 4, 5)
-
-
6. A device plug-in layer of a network management system for transmitting network policy over a public network to network devices, comprising:
-
a push model interface configured to push network policy configurations onto a network device responsive to an event in said network management system; and
a pull model interface configured to provide network policy configurations to a network device responsive to a request from said network device. - View Dependent Claims (7, 8, 9)
-
-
10. A device plug-in layer of a network management system for transmitting network policy over a public network to network devices, comprising:
-
a push model interface configured to push network policy configurations onto a network device responsive to an event in said network management system, said push model interface being implemented as an operating system service; and
a pull model interface configured to provide network policy configurations to a network device responsive to a request from said network device, said pull model interface being implemented as a COM object that is called from an ASP page;
wherein both said push and pull model interfaces are configured to provide both configuration data and policy data to a network device.
-
-
11. A device simulator for a network management system, comprising:
-
a simulator interface for simulating a command interface to devices controlled by said network management system;
an event storage; and
an event reporting system for receiving events from said network management system, storing events in said event storage, and providing event responses to said command interface after a simulated response time. - View Dependent Claims (12, 13)
-
Specification
-
- Resources
-
Current AssigneeSophos Limited (Sophos Group Ltd.)
-
Original AssigneeSmartPipes, Incorporated (Sophos Group Ltd.)
-
InventorsBeadles, Mark A., Bell, Raymond J., Russo, Kevin A., Emerick, William S., Mulh, Kenneth E.
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current709/220
-
CPC Class CodesH04L 67/34 involving the movement of s...H04L 69/329 in the application layer [O...H04L 9/40 Network security protocols
