Network monitoring and management system

US 5,878,420 A
Filed: 10/29/1997
Issued: 03/02/1999
Est. Priority Date: 08/31/1995
Status: Expired due to Term

First Claim

Patent Images

1. A network monitoring and management system for a computer network array, the array including computing elements, switching elements, and data transfer elements, each of which elements has at least one associated network address, and interconnecting components, said elements and components being connected into discretely identifiable groupings, each grouping which may be considered to be a Local Area Network (LAN), the system comprising:

independent probe units logically connected at locations within at least some of said LANs, each said probe unit being adapted to capture continuous packets of data having a plurality of layers of information, including application-specific information, and being transferred for a period of time over said interconnecting components within said associated LAN, to build at least one predefined probe object which includes data from a session layer of said captured data packets, and to forward the probe object; and

a database unit for receiving the forwarded probe objects and for compiling multiple ones of the probe objects into a database.

View all claims

5 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network monitoring and management system (10) is provided for use in conjunction with a computer network array (12) including a plurality of identifiable branch arrays known as LANS (14). The system (10) includes a sampling assembly (38) including a plurality of probe computers (42) situated along selected ones of the LANS (14) for "capturing" data packets (22) and building probe objects (52) corresponding thereto. The system (10) further includes an analysis assembly (40) including a database computer (98) for receiving a plurality of probe objects (52) and manipulating them with a database builder routine (96) into database objects (100), which are stored in a database (99). The database (99) is then subject to analysis routines in a database management system (138) which extract and display information relating to the operational parameters of the computer network array (12), including a network map (144), a plurality of conversation path maps (150) and performance specifications. The overall system (10) is utilized by network managers to analyze, optimize and "tune" the network application performance.

Citations

19 Claims

1. A network monitoring and management system for a computer network array, the array including computing elements, switching elements, and data transfer elements, each of which elements has at least one associated network address, and interconnecting components, said elements and components being connected into discretely identifiable groupings, each grouping which may be considered to be a Local Area Network (LAN), the system comprising:
- independent probe units logically connected at locations within at least some of said LANs, each said probe unit being adapted to capture continuous packets of data having a plurality of layers of information, including application-specific information, and being transferred for a period of time over said interconnecting components within said associated LAN, to build at least one predefined probe object which includes data from a session layer of said captured data packets, and to forward the probe object; and
  
  a database unit for receiving the forwarded probe objects and for compiling multiple ones of the probe objects into a database.
- View Dependent Claims (2, 3, 4, 5)
- - 2. The network monitoring and management system of claim 1, wherein each said probe unit is a device having computing capacity and being programmed to include a capture method for capturing desired portions of discrete packets to provide captured packets, and a probe builder method for building at least one of the probe objects corresponding to selected content of each captured packet.
  - 3. The network monitoring and management system of claim 2, wherein each said probe unit further includes buffer means for storing multiple ones of the probe objects prior to forwarding to said database unit.
  - 4. The network monitoring and management system of claim 1, wherein each said packet is generally compliant with the Open Systems Interconnect model.
  - 5. The network monitoring and management system of claim 1, wherein each said probe unit is provided with buffer memory in order to store copies and intermediate versions of packets prior to building the defined probe objects, and further for storing the probe objects prior to forwarding to said database unit.

6. The network monitoring and management system of clam 1, wherein at least some of said probe units are personal computers.

7. Apparatus for extracting, sifting and compiling information relating to a complex computer network array from continuous packets having a plurality of layers of data and traveling along segments within the computer network array for a period of time, said apparatus comprising:
- probe means logically associated with at least one segment, wherein said probe means includes;
  
  a computing apparatus with software adapted to operate therewith to extract, sift, and compile the network array information; and
  
  a buffer means for receiving and storing the information compiled by said software, said software including;
  
  a capture routine to nondestructively capture at least session layer information from the continuous packets and to create therefrom a captured packet having at least session layer data; and
  
  a probe builder routine, including at least a decode function associated with the session layer information of said captured packet, said decode function creating one or more objects corresponding to said session layer, said one or more objects used to create a discrete probe object corresponding to at least the session layer information of said captured packet.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The apparatus of claim 7, wherein said capture routine includes capacity for creating the captured packet as a copy of selected portions of one of said continuous packets passing along said segment while insignificantly interrupting the flow of said packet within the network.
  - 9. The apparatus of claim 7, wherein said probe builder routine includes other decode functions associated with the plurality of layers other than the session layer of said captured packet, each other decode function being associated with one of the plurality of layers other than the session layer and creating one or more objects corresponding to the one of the plurality of layers other than the session layer, the aggregate of the objects created by all of the decode functions for said captured packet together comprising said discrete probe object associated with said captured packet.
  - 10. The apparatus of claim 9, wherein said captured packets are generally compliant with the Open Systems Interconnect model and the other decode functions include:
    - a medium access control decode function for creating a board address object from information extracted from a medium access control layer of said captured packet;
      
      a routing decode function for creating a network address object from information extracted from a routing layer of said captured packet; and
      
      a transport decode function for creating a connection object and a conversation object from information extracted from a transport layer of said captured packet.
  - 11. The apparatus of claim 7, wherein said probe means includes a personal computer having a memory storage associated therewith, the memory storage being capable as functioning as said buffer apparatus.
  - 12. The apparatus of claim 7, wherein said probe builder routine is adapted to, from information contained in any typical Open Systems Interconnect model compatible packet, compile a corresponding one of the discrete probe objects containing information relating to the board and network addresses of the termini of such packet and a connection path therebetween.

13. A network analysis method for use with a large network array including a plurality of discrete local area network (LAN) portions, information passing over the network array in the form of packets having a plurality of layers of data, at least some of the LAN portions including computing units adaptable as probe units and the network array including at least one computing unit adaptable as a database unit, said network analysis method comprising:
- a sampling method performed by each of the probe units, with each probe unit being connected to a segment of the associated LAN, said sampling method including;
  
  a capture packets routine for creating a plurality of captured packets corresponding to a plurality of continuous data packets passing along the segment associated with the probe unit for a period of time, at least one of said captured packets corresponding to session layer data of one of said continuous data packets; and
  
  a probe builder routine for operating upon each captured packet to create a corresponding probe object including application-specific information relating to the network array; and
  
  a database method associated with said database unit, said database unit being adapted to receive said probe objects from said probe units, said database method including;
  
  a grab probe object routine for selecting a one of said probe objects and creating a raw object associated therewith;
  
  a plurality of object modification routines sequentially operating upon the current object, being the raw object in the case of the first such object modification routines and an intermediate object created by the previous one of such object modification routines, to ultimately create and store a stored database object associated with the one of said probe objects; and
  
  one or more network analysis routines for operating upon an accumulated plurality of said stored database objects to correlate and output information relating to the network array.
- View Dependent Claims (14, 15, 16, 17, 18, 19)
- - 14. The network analysis method of claim 13, wherein said database method includes associated memory for storing a plurality of said probe objects in an ordered array, for access by said network analysis routines.
  - 15. The network analysis method of claim 13, wherein the network information output by said network analysis routines includes a network map.
  - 16. The network analysis method of claim 13, wherein the network information output by said network analysis routines includes a conversation path for any selected conversation between two network components situated within the network.
  - 17. The network analysis method of claim 13, wherein said database method further includes an update routine for updating the accumulated plurality of stored probe objects by adding additional probe objects and replacing older probe objects with corresponding new probe objects.
  - 18. The network analysis method of claim 13, wherein one of said object modification routines is in the form of a process for adding missing links in a conversation path corresponding to a selected probe object, based on previously analyzed ones of said probe objects.
  - 19. The network analysis method of claim 13, where said database method includes means for identifying and compensating for router anomalies within the network.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Dynatrace LLC (Dynatrace, Inc.)
Original Assignee
Compuware Corporation (KKR & Co., Inc.)
Inventors
de la Salle, Pierre
Primary Examiner(s)
Black, Thomas G.
Assistant Examiner(s)
Coby, Frantz

Application Number

US08/960,480
Time in Patent Office

489 Days
Field of Search

707/10, 707/104, 395/200.31, 395/200.53, 395/200.54
US Class Current

1/1
CPC Class Codes

H04L 41/26   using dedicated tools for L...

H04L 41/5009   Determining service level p...

H04L 43/022   by sampling

H04L 43/028   by filtering

H04L 43/12   Network monitoring probes

Y10S 707/99945   Object-oriented database st...

Network monitoring and management system

First Claim

5 Assignments

0 Petitions

Accused Products

Abstract

Citations

19 Claims

Specification

Solutions

Use Cases

Quick Links

Network monitoring and management system

First Claim

5 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

19 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links