VIRTUAL PRIVATE NETWORK MANAGEMENT
First Claim
1. A method for managing Virtual Private Network (VPN) devices, the method comprisingmaintaining in a first centralized VPN Information Provider (VIP), multiple VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in the first VPN with at least one device,providing, from the first centralized VIP to a first VPN device belonging to the first VPN, VPN configuration of at least one other VPN device of another organization participating in the first VPN, the VPN configuration being one of said multiple VPN configurations, andmanaging at least some security aspects of said first VPN device belonging to the first VPN from at least one other management system separate from the first centralized VIP, when said at least some security aspects should not be shared by all organizations, VPN sites or VPN devices belonging to the first VPN.
8 Assignments
0 Petitions
Accused Products
Abstract
The invention provides a centralized VPN management of a plurality of VPN sites by means of a VPN Information Provider (VIP). Management of a VPN device is distributed so that at least part of the VPN configuration is centrally managed without giving away control of the firewall rulebase or other critical local configuration used in the VPN device.
-
Citations
29 Claims
-
1. A method for managing Virtual Private Network (VPN) devices, the method comprising
maintaining in a first centralized VPN Information Provider (VIP), multiple VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in the first VPN with at least one device, providing, from the first centralized VIP to a first VPN device belonging to the first VPN, VPN configuration of at least one other VPN device of another organization participating in the first VPN, the VPN configuration being one of said multiple VPN configurations, and managing at least some security aspects of said first VPN device belonging to the first VPN from at least one other management system separate from the first centralized VIP, when said at least some security aspects should not be shared by all organizations, VPN sites or VPN devices belonging to the first VPN.
-
11. A method for managing Virtual Private Network (VPN) devices, the method comprising:
-
maintaining in a first centralized VPN Information Provider (VIP), multiple VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in the first VPN with at least one device, maintaining in a second VPN Information Provider (VIP) VPN configurations of VPN devices belonging to a second VPN, and providing to a first VPN device belonging to the first and second VPNs, VPN configuration of at least one other VPN device belonging to the first centralized VPN from the first VIP and VPN configuration of at least one other VPN device belonging to the second VPN from the second VIP. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19, 20)
-
-
21. (canceled)
-
22. A method for handling Virtual Private Network (VPN) configuration, the method comprising:
-
maintaining in a first centralized VPN Information Provider, VIP, multiple VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in the first VPN with at least one device, providing to VPN devices belonging to the first VPN, information about the VPN configurations maintained in the first centralized VIP, receiving from a first VPN device belonging to the first VPN, a request for VPN configuration of another VPN device of another organization participating in the first VPN, and sending to said first VPN device belonging to the first VPN, the VPN configuration of the other VPN device as a response to the request.
-
-
23. A system for managing Virtual Private Network (VPN) devices, the system comprising:
-
at least two VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in said VPN with at least one device, a first centralized VPN Information Provider (VIP) system maintaining VPN configurations of VPN devices belonging to the first VPN, at least one other management system separate from the first centralized VIP managing at least some security aspects of said VPN devices belonging to the first VPN, when said at least some security aspects should not be shared by all organizations, VPN sites or VPN devices belonging to the first VPN, while the VPN devices are adapted to receive from the at least one other management system, a first part of VPN configuration, and from the VIP, a second part of VPN configuration, which comprises VPN configuration of at least one other VPN device of another organization participating in the first VPN. - View Dependent Claims (24)
-
-
25. (canceled)
-
26. (canceled)
-
27. A Virtual Private Network (VPN) Information Provider (VIP) apparatus comprising:
-
a mechanism for maintaining VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in said VPN with at least one device, a mechanism for providing to VPN devices belonging to the first VPN, information about the VPN configurations maintained in the VIP, a mechanism for receiving from a first VPN device belonging to the first VPN, a request for VPN configuration of another VPN device of another organization participating in the first VPN, and a mechanism for sending to said first VPN device belonging to the first VPN, the VPN configuration of the other VPN device as a response to the request.
-
-
28. (canceled)
-
29. A computer-readable memory device, comprising program code which, when executed on a computer device, causes the computer device to provide a Virtual Private Network (VPN) Information Provider (VIP) functionality comprising:
-
maintaining in a first centralized VIP, multiple VPN configurations of VPN devices belonging to a first VPN, wherein more than one organization or VPN site is participating in the first VPN with at least one device, providing to VPN devices belonging to the first VPN, information about the VPN configurations maintained in the first centralized VIP, receiving from a first VPN device belonging to the first VPN, a request for VPN configuration of another VPN device of another organization participating in the first VPN, and sending to said first VPN device belonging to the first VPN, the VPN configuration of the other VPN device of the other organization as a response to the request.
-
Specification