System and method for enforcing network device provisioning policy

US 8,910,234 B2
Filed: 08/21/2007
Issued: 12/09/2014
Est. Priority Date: 08/21/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for managing data center resources to enforce network device provisioning policies within a data center, the method comprising acts of:

issuing, by a computer system, an instruction to at least one provider of a data center resource instructing the at least, one provider to prevent provision of the data center resource to network devices in the data center;

receiving a request to provide the data center resource to at least one network device, the request including information specifying the data center resource;

determining at least one provisioning policy that applies to the request, the provisioning policy specifying a plurality of organizational signoffs to occur when reconfiguring the at least one network device or when adding the at least one network device to a network;

determining that the at least one network device is authorized to receive the data center resource from the at least one provider at least in part by determining the plurality of organizational signoffs have occurred; and

issuing an instruction to the at least one provider of the data center resource instructing the at least one provider to provide the data center resource to the at least one network device.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Systems and methods are provided for enforcing a network device provisioning policy. In one embodiment, a method may employ a computer based system to restrict access to data center resources, receive provisioning requests for access to the data center resources, authorize the provisioning requests after compliance with the network provisioning policy and allow the network device to access authorized data center resources. In another embodiment, a system includes interfaces for provisioning policy, request and task status information. The information provided by these interfaces is then used to determine compliance with applicable network device provisioning policies and restrict or allow access to the data center resources according to the provisioning policy.

Citations

23 Claims

1. A computer-implemented method for managing data center resources to enforce network device provisioning policies within a data center, the method comprising acts of:
- issuing, by a computer system, an instruction to at least one provider of a data center resource instructing the at least, one provider to prevent provision of the data center resource to network devices in the data center;
  
  receiving a request to provide the data center resource to at least one network device, the request including information specifying the data center resource;
  
  determining at least one provisioning policy that applies to the request, the provisioning policy specifying a plurality of organizational signoffs to occur when reconfiguring the at least one network device or when adding the at least one network device to a network;
  
  determining that the at least one network device is authorized to receive the data center resource from the at least one provider at least in part by determining the plurality of organizational signoffs have occurred; and
  
  issuing an instruction to the at least one provider of the data center resource instructing the at least one provider to provide the data center resource to the at least one network device.
- View Dependent Claims (2, 3, 4, 5, 7, 9, 11, 12, 13, 14, 15, 16)
- - 2. The method according to claim 1, wherein the act of receiving request includes an act of receiving a requested time of activation of the at least one network device and the act of determining that the at least one network device is authorized includes receiving an indication that the time of activation has passed.
  - 3. The method according to claim 1, wherein the act of determining that the at least one network device is authorized includes an act of receiving an indication of installation of the at least one network device.
  - 4. The method according to claim 1, wherein the act of determining that the at least one network device is authorized includes an act of receiving an identifier of the network device scanned from either a bar code associated with the at least one network device or a radio frequency identification tag associated with the at least one network device.
  - 5. The method according to claim 1, wherein the act of determining that the at least one network device is authorized includes an act of receiving an indication of compliance with a policy defining a procedure for authorizing access to the data center resource by the at least one network device.
  - 7. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide a patch panel connection.
  - 9. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide domain name system services.
  - 11. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide console port server services.
  - 12. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide network access security services.
  - 13. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide software provisioning services.
  - 14. The method according to claim 1, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide electrical power.
  - 15. The method according to claim 1, further comprising an act of providing the data center resource to the at least one network device in response to the instruction.
  - 16. The method according to claim 15, wherein the act of providing the data center resource includes an act of providing electrical power to the at least one network device in response to the instruction.

6. The method according to claim wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide data center physical space.

8. The method according to claim I, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide virtualized resources.

10. The method according to claim I, wherein the act of receiving a request to provide a data center resource includes an act of receiving a request to provide dynamic host configuration protocol services.

17. A non-transitory computer-readable medium storing computer-readable instructions that, as a result of being executed by a computer, instruct the computer to perform a method of managing data center resources to enforce network device provisioning policies within a data center, the method comprising:
- issuing, by the computer system, an instruction to at least one provider of a data center resource instructing the at least one provider to prevent provision of the data center resource to network devices in the data center;
  
  receiving a request to provide the data center resource to at least one network device, the request including information specifying the data center resource;
  
  determining at least one provisioning policy that applies to the request, the provisioning policy specifying a plurality of organizational signoffs to occur when reconfiguring the at least one network device or when adding the at least one network device to a network;
  
  determining that the at least one network device is authorized to receive the data center resource from the at least one provider at least in part by determining the plurality of organizational signoffs have occurred; and
  
  issuing an instruction to the at least one provider of the data center resource instructing the at least one provider to provide the data center resource to the at least one network device.

18. A computer system for managing data center resources to enforce network device provisioning policies within a data center, the system comprising:
- a user interface configured to receive a request to provide a data center resource to at least one network device located in a data center, the request including information specifying the data center resource, to determine at least one provisioning policy that applies to the request, the provisioning policy specifying a plurality of organizational signoffs to occur when reconfiguring the at least one network device or when adding the at least one network device to a network, and to determine that the at least one network device is authorized to receive the data center resource from at least one provider of the data center resource at least in part by determining the plurality of organizational signoffs have occurred;
  
  a controller coupled to the user interface and configured to generate instructions for the at least one provider, the instructions requesting that the at least one provider either withhold the data center resource from the at least one network device or provide the data center resource to the at least one network device; and
  
  a system interface coupled to the controller and configured to provide the instructions to the at least one provider of the data center resource, wherein the controller issues an instruction requesting that the at least one provider prevent provision of the data center resource to the at least one network device prior to issuing any instructions requesting that the at least one provider provide the data center resource to the at least one network device.
- View Dependent Claims (19, 20, 21, 22, 23)
- - 19. The system according to claim 18, wherein the data center resource includes electrical power.
  - 20. The system according to claim 18, wherein the user interface is thriller configured to receive the provisioning policy.
  - 21. The system according to claim 20, further comprising an interface configured to provide and receive status information. pertaining to tasks required by the provisioning policy.
  - 22. The system according to claim 21, wherein the interface is further configured to prompt for the status information according to a workflow.
  - 23. The system according to claim 20, wherein the controller is further configured to allow identified users to authorize the request without complying with the provisioning policy.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Schneider Electric IT Corporation (Schneider Electric SE)
Original Assignee
Schneider Electric IT Corporation (Schneider Electric SE)
Inventors
Morgan, Jane, Ives, Edward, Kokolski, Peter
Primary Examiner(s)
Cervetti, David Garcia

Application Number

US11/842,351
Publication Number

US 20090055897A1
Time in Patent Office

2,667 Days
Field of Search

726/4, 726/1, 726/3
US Class Current

726/1
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 9/5027   the resource being a machin...

G06F 9/5072   Grid computing

H04L 41/0806   for initial configuration o...

H04L 41/0893   Assignment of logical group...

H04L 41/0894   Policy-based network config...

H04L 41/40   using virtualisation of net...

H04L 63/102   Entity profiles

System and method for enforcing network device provisioning policy

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

23 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for enforcing network device provisioning policy

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

23 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links