Discovery of network nodes and routable addresses

US 8,331,263 B2
Filed: 01/23/2006
Issued: 12/11/2012
Est. Priority Date: 01/23/2006
Status: Expired due to Fees

First Claim

Patent Images

1. A system comprising:

at least one scan server within an enterprise network, the scan server configured to locate machines on the enterprise network and determine security states of the machines and services the machines are exposing on the enterprise network;

at least one local link segment within the enterprise network;

at least one agent within the enterprise network coupled to a corresponding one of the at least one local link segment; and

at least one router coupled to place one of the at least one scan server in communication with one of the at least one agent, the communication between the scan server and the agent flowing through the at least one router;

wherein responsive to a request of the scan server to discover at least one network node coupled to the local link segment, the agent is configured to;

send a query message on the local link segment,maintain one or more responses from one or more network nodes on the local link segment within a predetermined time window after sending the query message, the predetermined time window being adjustable to compensate for noisiness and latency of the local link segment,obtain a link-local address corresponding to a network node of the one or more network nodes,convert the link-local address that is valid only within the local link segment to a routable site-local address that is valid within the enterprise network and invalid on a public network, andprovide the routable site-local address to the scan server via the at least one router, andwherein a time delay between the scan server sending the request to the agent to discover the at least one network node and the agent providing the routable site-local address to the scan server is configured to be less than or equal to a preconfigured response time.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and related methods for discovering network nodes and routable addresses include a scan server, local link segment, an agent coupled to the local link segment, and a router coupled to place the scan server in communication with the agent. The scan server commands the agent to discover a network node coupled to the local link segment. The agent is responsive to commands from the scan server to discover a network node coupled to the local link segment. The agent also obtains a link-local address for the network node, and obtains a routable site-local address to which the link-local address maps. The agent provides the routable site-local address to the scan server.

46 Citations

View as Search Results

18 Claims

1. A system comprising:
- at least one scan server within an enterprise network, the scan server configured to locate machines on the enterprise network and determine security states of the machines and services the machines are exposing on the enterprise network;
  
  at least one local link segment within the enterprise network;
  
  at least one agent within the enterprise network coupled to a corresponding one of the at least one local link segment; and
  
  at least one router coupled to place one of the at least one scan server in communication with one of the at least one agent, the communication between the scan server and the agent flowing through the at least one router;
  
  wherein responsive to a request of the scan server to discover at least one network node coupled to the local link segment, the agent is configured to;
  
  send a query message on the local link segment,maintain one or more responses from one or more network nodes on the local link segment within a predetermined time window after sending the query message, the predetermined time window being adjustable to compensate for noisiness and latency of the local link segment,obtain a link-local address corresponding to a network node of the one or more network nodes,convert the link-local address that is valid only within the local link segment to a routable site-local address that is valid within the enterprise network and invalid on a public network, andprovide the routable site-local address to the scan server via the at least one router, andwherein a time delay between the scan server sending the request to the agent to discover the at least one network node and the agent providing the routable site-local address to the scan server is configured to be less than or equal to a preconfigured response time.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The system of claim 1, wherein the scan server includes a node discovery component adapted to issue commands to the agent and to receive the routable site-local address therefrom.
  - 3. The system of claim 1, further comprising at least a second local link segment and at least a second router placing the scan server in communication with the second local link segment, and further comprising at least a second agent coupled to the second local link segment, wherein the second agent is responsive to the scan server to discover at least a second network node coupled to the second local link segment, to obtain a second link-local address corresponding to the second network node, to obtain at least a second routable site-local address to which the second link-local address maps, and to provide the second routable site-local address to the scan server.
  - 4. The system of claim 1, wherein the agent is configured to receive an address harvest command from the scan server via at least one of the at least one router, and is configured to issue a neighbor solicitation message to the network node of the one or more network nodes in response thereto.
  - 5. The system of claim 4, wherein the agent is configured to receive a neighbor advertisement message from the network node of the one or more network nodes in response to the neighbor solicitation message, wherein the neighbor advertisement message includes at least the link-local address.
  - 6. The system of claim 1, further comprising a bulk resolver component that is configured to receive the link-local address from the agent and to map the link-local address to the routable site-local address.
  - 7. The system of claim 1, wherein the routable site-local address includes 64 bits reserved for host addressing.

8. A method comprising:
- under control of one or more processors configured with executable instructions;
  
  receiving a command to discover a plurality of network nodes coupled to a local link segment on an enterprise network, the command being received from a scan server configured to locate machines on the enterprise network and determine security states of the machines and services the machines are exposing on the enterprise network;
  
  sending a message on the local link segment to discover the plurality of network nodes coupled to the local link segment;
  
  maintaining one or more responses that are received from one or more network nodes within a predetermined time window after sending the message, the predetermined time window being adjustable to compensate for noisiness and latency of the local link segment;
  
  converting one or more link-local addresses included in the one or more responses received from the one or more network nodes into one or more site-local addresses, wherein the one or more link-local addresses are valid only within the local link segment and the one or more site-local addresses are valid within the enterprise network and invalid on a public network; and
  
  sending the one or more site-local addresses associated with the one or more network nodes to the scan server, wherein a time delay between receiving the command to discover the plurality of network nodes from the scan server and sending the one or more site-local addresses to the scan server is configured to be less than or equal to a preconfigured response time.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The method of claim 8, wherein receiving the command includes receiving an address harvest command.
  - 10. The method of claim 8, wherein the one or more responses include a neighbor advertisement message.
  - 11. The method of claim 8, wherein the message includes a neighbor solicitation message.
  - 12. The method of claim 8, further comprising:
    - receiving an address harvest command from the scan server via a router; and
      
      issuing a neighbor solicitation message to the plurality of network nodes in response thereto.
  - 13. The method of claim 12, further comprising receiving one or more neighbor advertisement messages from the one or more network nodes in response to the neighbor solicitation message, wherein the one or more neighbor advertisement messages include at least the one or more link-local addresses.
  - 14. The method of claim 8, wherein the one or more site-local addresses include 64 bits reserved for host addressing.

15. One or more computer-usable storage memories for storing computer-executable instructions that, when executed by one or more processors, perform acts comprising:
- receiving a command to discover a plurality of network nodes coupled to a local link segment on an enterprise network, the command being received from a scan server configured to locate machines on the enterprise network and determine security states of the machines and services the machines are exposing on the enterprise network;
  
  sending a message on the local link segment to discover the plurality of network nodes coupled to the local link segment;
  
  maintaining one or more responses that are received from one or more network nodes within a predetermined time window after sending the message, the predetermined time window being adjustable to compensate for noisiness and latency of the local link segment;
  
  converting one or more link-local addresses included in the one or more responses received from the one or more network nodes into one or more site-local addresses, wherein the one or more link-local addresses are valid only within the local link segment and the one or more site-local addresses are valid within the enterprise network and invalid on a public network; and
  
  sending the one or more site-local addresses associated with the one or more network nodes to the scan server, wherein a time delay between receiving the command to discover the plurality of network nodes from the scan server and sending the one or more site-local addresses to the scan server is configured to be less than or equal to a preconfigured response time.
- View Dependent Claims (16, 17, 18)
- - 16. The one or more computer-usable storage memories of claim 15, the acts further comprising:
    - receiving an address harvest command from the scan server via a router; and
      
      issuing a neighbor solicitation message to the plurality of network nodes in response thereto.
  - 17. The one or more computer-usable storage memories of claim 16, further comprising receiving one or more neighbor advertisement messages from the one or more network nodes in response to the neighbor solicitation message, wherein the one or more neighbor advertisement messages include at least the one or more link-local addresses.
  - 18. The one or more computer-usable storage memories of claim 15, wherein the one or more site-local addresses include 64 bits reserved for host addressing.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Microsoft Technology Licensing LLC (Microsoft Corporation)
Original Assignee
Microsoft Corporation
Inventors
Dow, Louis R
Primary Examiner(s)
Sheikh, Ayaz
Assistant Examiner(s)
VU, HOANG-CHUONG Q

Application Number

US11/275,665
Publication Number

US 20070171842A1
Time in Patent Office

2,514 Days
Field of Search

370/254, 370/395.54, 370/392, 370/401, 709/223, 709/227
US Class Current

370/254
CPC Class Codes

H04L 41/046   comprising network manageme...

H04L 41/12   Discovery or management of ...

H04L 45/00   Routing or path finding of ...

H04L 45/02   Topology update or discovery

H04L 61/35   involving non-standard use ...

Discovery of network nodes and routable addresses

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

46 Citations

18 Claims

Specification

Use Cases

Quick Links

Others

Discovery of network nodes and routable addresses

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

46 Citations

18 Claims

Specification

Subscription Required

Use Cases

Quick Links

Others