Method and apparatus for securing network management communications
First Claim
1. A method of providing secure network management communications within a communication network, the communication network including a plurality of network elements each adapted to generate and process legacy network management messages in conformance with a legacy management system, the method comprising the steps of:
- embedding a first legacy network management message within a first Simple Network Management Protocol (SNMP) message at a first network element;
transmitting the first SNMP message over the network to a second network element; and
extracting the first legacy network management message from the first SNMP message at the second network element.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and system are provided for exchanging legacy network management messages securely. Legacy management messages are embedded as a user-defined object within SNMP messages. The SNMP messages are transmitted to managed nodes using a secure version of SNMP, such as SNMPv3. The managed nodes extract and process the legacy management messages from the SNMP messages. Any legacy response message is embedded within an SNMP message and transmitted back to the management station, which extracts the legacy response for processing. The method and system thereby allow legacy network management systems to be maintained, while adding a feature which permits more secure communication of the legacy management messages.
-
Citations
18 Claims
-
1. A method of providing secure network management communications within a communication network, the communication network including a plurality of network elements each adapted to generate and process legacy network management messages in conformance with a legacy management system, the method comprising the steps of:
-
embedding a first legacy network management message within a first Simple Network Management Protocol (SNMP) message at a first network element;
transmitting the first SNMP message over the network to a second network element; and
extracting the first legacy network management message from the first SNMP message at the second network element. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A network management system within a communication network, the communication network including a management station and a node, comprising:
-
a legacy interface at the management station for generating a first legacy network management message in conformance with a legacy network management protocol;
a Simple Network Management Protocol (SNMP) initiator at the management station for embedding the first legacy network management message within a first SNMP message and for transmitting the first SNMP message to the node;
an SNMP agent at the node for receiving the first SNMP message and for extracting the first legacy network management message from the first SNMP message; and
a legacy agent at the node for processing the legacy network management message in conformance with the legacy network management protocol. - View Dependent Claims (10, 11, 12)
-
-
13. A Simple Network Management Protocol (SNMP) initiator at a management station within a communication network, comprising:
-
instructions for receiving a legacy network management message which conforms to a legacy network management protocol;
instructions for embedding the legacy network management message within an SNMP message; and
instructions for transmitting the SNMP message to a node within the communication network. - View Dependent Claims (14)
-
-
15. A Simple Network Management Protocol (SNMP) agent at a node within a communication network, comprising:
-
instructions for receiving a first SNMP message from a management station within a communication network;
instructions for extracting a first legacy network management message from the first SNMP message, the first legacy network management message conforming to a legacy network management protocol; and
instructions for sending the first legacy network management message to a legacy agent at the node. - View Dependent Claims (16, 17, 18)
-
Specification