Method for selective LDAP database synchronization
First Claim
1. A system for selective database synchronization comprising:
- a central database storing configuration information for a plurality of edge devices in an organization, each edge device being associated with a network in the organization and configured to manage policies for the network;
a subordinate database storing a portion of the configuration information associated with a particular edge device; and
a central policy server in communication with the central database and the subordinate database, the central policy server including logic for;
making a change to the portion of the configuration information associated with the particular edge device in the central database;
creating a first log of the change;
storing the first log of the change in the central database;
receiving from a user a request to apply the change to the subordinate database; and
creating, in response to the user request, a second log of the change for transferring the change in the second log to the particular edge device and updating the subordinate database.
5 Assignments
0 Petitions
Accused Products
Abstract
A unified policy management system for an organization including a central policy server and remotely situated policy enforcers. The central policy server includes a central database storing configuration information for the remotely situated policy enforcers. Each policy enforcer includes a policy enforcer database storing a portion of the configuration information associated with the policy enforcer. Changes in the policy settings made at the central policy server are stored in a log for later processing and sending to the appropriate policy enforcers. Upon receipt of the change information, each receiving policy enforcer updates the portion of its policy enforcer database affected by the change.
-
Citations
17 Claims
-
1. A system for selective database synchronization comprising:
-
a central database storing configuration information for a plurality of edge devices in an organization, each edge device being associated with a network in the organization and configured to manage policies for the network;
a subordinate database storing a portion of the configuration information associated with a particular edge device; and
a central policy server in communication with the central database and the subordinate database, the central policy server including logic for;
making a change to the portion of the configuration information associated with the particular edge device in the central database;
creating a first log of the change;
storing the first log of the change in the central database;
receiving from a user a request to apply the change to the subordinate database; and
creating, in response to the user request, a second log of the change for transferring the change in the second log to the particular edge device and updating the subordinate database. - View Dependent Claims (2, 3, 4, 5, 6, 7)
receiving from the particular edge device a status of the transfer of the change; and
deleting the second log from the central database if the status indicates a successful transfer.
-
-
6. The system of claim 1, wherein the central database and the subordinate database are Lightweight Directory Access Protocol (LDAP) databases storing configuration information as an LDAP entry identified by a distinguished name.
-
7. The system of claim 1, wherein the configuration information is policy management information.
-
8. A method for selective database synchronization comprising:
-
storing in a central database configuration information for a plurality of edge devices in an organization, each edge device being associated with a network in the organization and configured to manage policies for the network;
storing in a subordinate database a portion of the configuration information associated with a particular edge device; and
making a change to the portion of the configuration information associated with the particular edge device in the central database;
creating a first log of the change;
storing the log in the central database;
receiving from a user a request to apply the change to the subordinate database;
creating, in response to the user request, a second log of the change for transferring the change to the particular edge device; and
updating the subordinate database based on the change. - View Dependent Claims (9, 10, 11, 12, 13, 14)
receiving from the particular edge device a status of the transfer of the change; and
deleting the second log from the central database if the status indicates a successful transfer.
-
-
13. The method of claim 8, wherein the central database and the subordinate database are Lightweight Directory Access Protocol (LDAP) databases storing configuration information as an LDAP entry identified by a distinguished name.
-
14. The method of claim 8, wherein the configuration information is policy management information.
-
15. A data communication network comprising:
-
a server including a first database;
a plurality of edge device coupled to the server, at least one of the edge devices including a second database, characterized in that the first database stores management information for the plurality of the edge devices and the second database stores at least a portion of the management information associated with its edge device, further characterized in that management information changed in the first database is maintained in a first log, the first log further indicating one or more edge devices to receive the changed management information, the server being configured to receive from a user a request to apply the changed management information to the second database and create, in response to the user request, a second log of the changed management information for transmitting the changed management information in the second log to the one or more edge devices and causing update in selected portions of their respective second databases with the changed management information.
-
-
16. In a data communication network including a server and a plurality of edge devices, a method for selective database synchronization of the edge devices, the method comprising:
-
storing in a first database management information for the plurality of the edge devices;
storing in a second database at least a portion of the management information associated with one of the edge devices;
making a change in the management information stored in the first database;
storing the changed management information in a first log, the first log indicating one or more of the edge devices to receive the changed management information;
receiving from a user a request to apply the changed management information to the second database;
creating, in response to the user request, a second log of the changed management information for transmitting the changed management information indicated in the second log to the one or more edge devices; and
updating a selected portion of the second database with the changed management information.
-
-
17. A system for selective database synchronization comprising:
-
a first database storing configuration information for a plurality of edge devices, each edge device being associated with a network and configured to manage policies for the network;
a second database storing a portion of the configuration information associated with a particular edge device; and
a server in communication with the first database and the second database, the server including logic for;
receiving from a user a change to the portion of the configuration information associated with the particular edge device;
storing the change in a first log associated with the user;
receiving from the user a request to apply the change;
obtaining the change from the first log in response to the user request to apply;
storing the obtained change in a second log associated with the particular edge device; and
transmitting the change stored in the second log to the particular edge device for updating the second database.
-
Specification