MANAGING COMMAND COMPLIANCE IN INTERNETWORKING DEVICES
First Claim
1. An apparatus, comprising:
- one or more network interfaces configured to couple to a data network for sending and receiving one or more packets;
one or more processors;
a switching system and packet forwarding logic, wherein the switching system is coupled to the one or more processors, wherein the switching system and packet forwarding logic are configured to send and receive packets on the one or more network interfaces;
a computer-readable storage medium storing one or more stored sequences of instructions which, when executed by the one or more processors, cause the one or more processors to perform;
receiving a command to configure the apparatus or perform an operation on the apparatus;
sending, to a compliance server, a request to determine whether the command conforms to one or more compliance policies, wherein the request includes all or part of the command;
receiving a compliance response from the compliance server;
in response to determining whether the compliance response indicates success, executing the command only when the compliance response indicates that the command conforms to the one or more compliance policies.
1 Assignment
0 Petitions
Accused Products
Abstract
In an embodiment, an internetworking device is configured with compliance proxy logic that is configured for sending, to a compliance server, a request to determine whether the command conforms to one or more compliance policies, wherein the request includes the command; receiving a compliance response from the compliance server; in response to determining whether the compliance response indicates success, executing the command only when the compliance response indicates that the command conforms to the one or more compliance policies. Thus the device can determine actively whether a proposed user command or configuration change will violate established standards or policies, before the command or change is applied to the device.
32 Citations
28 Claims
-
1. An apparatus, comprising:
-
one or more network interfaces configured to couple to a data network for sending and receiving one or more packets; one or more processors; a switching system and packet forwarding logic, wherein the switching system is coupled to the one or more processors, wherein the switching system and packet forwarding logic are configured to send and receive packets on the one or more network interfaces; a computer-readable storage medium storing one or more stored sequences of instructions which, when executed by the one or more processors, cause the one or more processors to perform; receiving a command to configure the apparatus or perform an operation on the apparatus; sending, to a compliance server, a request to determine whether the command conforms to one or more compliance policies, wherein the request includes all or part of the command; receiving a compliance response from the compliance server; in response to determining whether the compliance response indicates success, executing the command only when the compliance response indicates that the command conforms to the one or more compliance policies. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 28)
-
-
10. A computer-readable storage medium storing one or more stored sequences of instructions which, when executed by the one or more processors, cause the one or more processors to perform:
-
receiving a command to configure an internetworking device or perform an operation on the device; sending, to a compliance server, a request to determine whether the command conforms to one or more compliance policies, wherein the request includes all or part of the command; receiving a compliance response from the compliance server; in response to determining whether the compliance response indicates success, executing the command only when the compliance response indicates that the command conforms to the one or more compliance policies. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. An apparatus, comprising:
-
one or more processors; means for receiving a command to configure the apparatus or perform an operation on the apparatus; means for sending, to a compliance server, a request to determine whether the command conforms to one or more compliance policies, wherein the request includes all or part of the command; means for receiving a compliance response from the compliance server; means for executing the command, in response to determining whether the compliance response indicates success, only when the compliance response indicates that the command conforms to the one or more compliance policies. - View Dependent Claims (20, 21, 22, 23, 24, 25, 27)
-
-
26. The apparatus of claim 26, further comprising instructions which when executed cause any one or more of:
- generating a user notification of non-compliance in a command line interface of the apparatus;
creating and storing a log record relating to the non-compliance;
or generating one or more events or alerts relating to the non-compliance.
- generating a user notification of non-compliance in a command line interface of the apparatus;
Specification