Remote management of networked systems using secure modular platform

US 8,713,177 B2
Filed: 05/30/2008
Issued: 04/29/2014
Est. Priority Date: 05/30/2008
Status: Active Grant

First Claim

Patent Images

1. A method comprising:

providing a network interface to a set of networked machines;

accessing, by a processor, a single network-management command from a library of command modules, the library of command modules comprising;

a set of core network-management modules, anda set of user-defined network-management modules;

transmitting, by the processor, via a secure channel, the single network-management command to the set of networked machines via a command interface using the network interface, wherein the single network-management command controls multiple machines in the set of networked machines to perform a same operation; and

communicating certificates to the set of networked machines to establish a secure channel to the set of networked machines.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Embodiments relate to systems and methods for the remote configuration of networked systems using a secure modular platform. A network management engine communicates with a set of remote machines, such as a collection of clients or servers on a network. The network management engine can present a systems administrator with a set of compact network commands to permit the administrator to interrogate, configure, and manage the set of controlled machines on a dynamic basis. The network management engine can, for instance, install or update software, detect viruses on the controlled machines, perform an inventory of installed hardware on the controlled machines, and perform other network management functions using pre-configured functions and APIs built into a network library or command directory. Besides incorporating pre-configured management modules, the network management engine further allows a systems administrator to add custom modules in the command directory, using efficient modular interfaces compatible with network-level management processing.

262 Citations

21 Claims

1. A method comprising:
- providing a network interface to a set of networked machines;
  
  accessing, by a processor, a single network-management command from a library of command modules, the library of command modules comprising;
  
  a set of core network-management modules, anda set of user-defined network-management modules;
  
  transmitting, by the processor, via a secure channel, the single network-management command to the set of networked machines via a command interface using the network interface, wherein the single network-management command controls multiple machines in the set of networked machines to perform a same operation; and
  
  communicating certificates to the set of networked machines to establish a secure channel to the set of networked machines.
- View Dependent Claims (2, 3, 4, 5, 6, 7)
- - 2. The method of claim 1, wherein the set of networked machines comprises a set of networked servers or a set of networked clients.
  - 3. The method of claim 1, wherein the command interface comprises a set of application programming interfaces (APIs).
  - 4. The method of claim 1, where the single network-management command comprises a software provisioning command, a hardware inventory command, a messaging command, or a security command.
  - 5. The method of claim 1, wherein the certificates comprise secure socket layer (SSL) certificates.
  - 6. The method of claim 1, wherein the network interface comprises an Internet connection.
  - 7. The method of claim 1, further comprising logging data traffic between the command interface and the set of networked machines.

8. A system comprising:
- a network interface to a set of networked machines; and
  
  a network management engine, to communicate with the network interface via a secure channel, the network management engine transmitting, by a processor, a single network-management command to the set of networked machines via a command interface, wherein the single network-management command controls multiple machines to perform a same operation, and wherein the command interface comprises;
  
  a certificate module to communicate certificates to the set of networked machines to establish a secure channel to the set of networked machines, anda library of command modules comprising the single network-management command, the library of command modules further comprising;
  
  a set of core network-management modules, anda set of user-defined network-management modules.
- View Dependent Claims (9, 10, 11, 12, 13, 14)
- - 9. The system of claim 8, wherein the set of networked machines comprises a set of networked servers or a set of networked clients.
  - 10. The system of claim 8, wherein the command interface comprises a set of application programming interfaces (APIs).
  - 11. The system of claim 8, wherein the single command comprises a software provisioning command, a hardware inventory command, a messaging command, or a security command.
  - 12. The system of claim 8, wherein the certificates comprise secure socket layer (SSL) certificates.
  - 13. The system of claim 8, wherein the network interface comprises an Internet connection.
  - 14. The system of claim 8, wherein the command interface is further to log data traffic between the command interface and the set of networked machines.

15. A non-transitory computer-readable storage medium with executable instructions stored thereon, wherein the instructions, when executed by a processor, perform operations comprising:
- Accessing, by a processor, a single network-management command from a library of command modules, the library of command modules comprising;
  
  a set of core network-management modules, anda set of user-defined network-management modules;
  
  transmitting, by the processor, via a secure channel, the single network-management command to a set of networked machines via a network interface, wherein the single network-management command is capable of controlling multiple machines in the set of networked machines to perform a same operation; and
  
  transmitting certificates to the set of networked machines to establish a secure channel to the set of networked machines.
- View Dependent Claims (16, 17, 18, 19, 20, 21)
- - 16. The non-transitory computer-readable storage medium of claim 15, wherein the networked machines comprises a networked server or a networked client.
  - 17. The non-transitory computer-readable storage medium of claim 15, wherein the transmitting is performed via a command interface comprising a set of application programming interfaces (APIis).
  - 18. The non-transitory computer-readable storage medium of claim 15, wherein the single network-management command comprises a software provisioning command, a hardware inventory command, a messaging command, or a security command.
  - 19. The non-transitory computer-readable storage medium of claim 15, wherein the certificates comprise secure socket layer (SSL) certificates.
  - 20. The non-transitory computer-readable storage medium of claim 15, wherein the transmitting is performed via an Internet connection.
  - 21. The non-transitory computer-readable storage medium of claim 15, wherein the operations further comprise logging data traffic to and from the set of networked machines.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Red Hat, Inc. (International Business Machines Corporation)
Original Assignee
Red Hat, Inc. (International Business Machines Corporation)
Inventors
DeHaan, Michael, Likins, Adrian, Vidal, Seth
Primary Examiner(s)
Pollack, Melvin H

Application Number

US12/130,424
Publication Number

US 20090300180A1
Time in Patent Office

2,160 Days
Field of Search

709220-226, 709/249, 726/14, 717/171, 717/172, 719/328, 719/329
US Class Current

709/225
CPC Class Codes

H04L 41/0266   using meta-data, objects or...

H04L 41/28   Restricting access to netwo...

H04L 63/0823   using certificates cryptogr...

H04L 63/20   for managing network securi...

Remote management of networked systems using secure modular platform

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

262 Citations

21 Claims

Specification

Solutions

Use Cases

Quick Links

Remote management of networked systems using secure modular platform

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

262 Citations

21 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links