Formalizing, diffusing and enforcing policy advisories and monitoring policy compliance in the management of networks
First Claim
1. An apparatus for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of networks of computational devices, comprising:
- a management interface;
a plurality of distributed clients, each of which runs on a corresponding networked computational device;
a plurality of advisories provided by a plurality of advisory provider sites; and
a protocol for diffusing said advisories across the network;
wherein said management interface conveys reports from said distributed clients;
wherein said distributed clients gather said advisories and process said advisories; and
wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto.
4 Assignments
0 Petitions
Accused Products
Abstract
An apparatus and method for centralized policy management of large-scale networks (221) of computational devices is disclosed. The apparatus includes a number of distributed clients (400) run on registered computers (201-203), gathering policy advisories (401) and reporting (405) relevance (403) to a system administrator (224). The system administrator may view the relevant messages (505) through a management interface (500) and deploy suggested actions to distributed clients (503), where the actions are executed to apply the solutions of the advisories (408).
-
Citations
31 Claims
-
1. An apparatus for formalizing, diffusing, and enforcing policy advisories and for monitoring policy compliance in the management of networks of computational devices, comprising:
-
a management interface;
a plurality of distributed clients, each of which runs on a corresponding networked computational device;
a plurality of advisories provided by a plurality of advisory provider sites; and
a protocol for diffusing said advisories across the network;
wherein said management interface conveys reports from said distributed clients;
wherein said distributed clients gather said advisories and process said advisories; and
wherein said advisories formally target specific states of a computational device and formally specify actions to take in response thereto. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. An apparatus for formalizing, diffusing, and answering queries about the status of elements in a network of computational devices, comprising:
-
a management console;
a general-purpose language for formally expressing queries about the state of a computational device;
a protocol for diffusing queries across the network;
a plurality of distributed clients, each of which runs on a networked computational device;
wherein any of said distributed clients gather queries and obtain answers to said queries; and
wherein said management interface conveys reports from said distributed clients.
-
-
14. A distributed client for a computer in a network policy management system for networks of computational devices, comprising:
-
means for gathering advisories from a plurality of advice provider sites;
means for determining relevance of said advisories; and
means for reporting relevance to a central server;
wherein said distributed client gathers advisories from said plurality of advice provider sites with said means for gathering advisories; and
wherein said distributed client determines relevance of said advisories with said means for determining relevance and wherein said distributed client may report relevant advisories by said means for reporting. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
-
21. A communication method for managing network policy for networks of computational devices, comprising the steps of:
-
registering a plurality of computers to a central server by a plurality of distributed clients, each of said plurality of distributed clients running on one of said computers;
subscribing said distributed clients to a plurality of advice provider sites for each registered computer;
gathering a plurality of advisories from said advice provider sites by said distributed client for each registered computer;
reporting relevance of said advisories determined by said distributed clients running on said registered computers to said central server;
viewing said advisories by a system administrator with a management interface;
deploying selected actions to a selected group of computers by said system administrator to said central server with said management interface; and
performing deployed actions by said distributed clients running on said registered computer to apply solutions. - View Dependent Claims (22, 23, 24, 25, 26, 27, 28, 29, 30, 31)
-
Specification