US 20090282129 A9
A system and method for communicating with network devices without regard to the device type and/or manufacturer is described. In one embodiment, the present invention provides a global graphical user interface (GUI) for communicating with various network devices. The global GUI includes an intuitive interface driven by a template library. For each device type and each device manufacturer, this template library can store both the attribute fields required for device configuration and the format for communicating those attribute fields. When a network administrator wants to communicate with a particular network device, the template associated with that device can be retrieved from the template library. The network administrator can then populate the attribute fields of that template with the appropriate data. This attribute data can be formatted and provided to the network device.
1. A method for defining a policy enabled network, the method comprising:
creating a network policy which corresponds to a predetermined network configuration state;
creating a business rule which corresponds to a predetermined series of steps required in response to the network policy;
associating the network policy to the business rule such that the network policy, when implemented in the network, adheres to the predetermined series of steps and results in the predetermined network configuration state;
storing the business rule in a data repository;
storing the network policy in a data repository; and
storing the predetermined network configuration state.
2. The method of
retrieving, in response to commands being needed to properly configure a particular one of the plurality of network devices in the network to operate in accordance with the predetermined network configuration state, a command-format template for the particular one of the plurality of network devices;
generating, using the retrieved command-format template, device-specific commands for the particular one of the plurality of network devices; and
applying the device-specific commands to the particular one of the plurality of network devices.
3. The method of
creating a computer programmable object, which reflects a predefined series of steps for implementing the business rule.
4. The method of
creating an XML Document, which reflects a predefined series of steps for implementing the business rule
5. The method of
creating an XML Schema, which reflects a predefined series of steps for implementing the business rule.
6. The method of
creating a text document, which reflects a predefined series of steps for implementing the business rule.
7. The method of
creating a computer programmable object, which reflects the predefined network configuration state required for correctly implementing the network policy.
8. The method of
creating an XML document, which reflects the predefined network configuration state for correctly implementing the network policy.
9. The method of
creating an XML schema, which reflects the predefined network configuration state for correctly implementing the network policy.
10. The method of
creating a text document which reflects the predefined network configuration state for correctly implementing a network policy.
11. The method of
creating a computer programmable object which defines the association of the business rule to network policy;
12. The method of
creating an XML document which defines the association of the business rule to the network policy
13. The method of
creating an XML schema which defines options for associating the business rule and the network policy.
14. The method of
creating a text document which defines steps for associating the business rule and network policy.
15. A process for implementing a policy enabled network comprising:
receiving a request to implement a desired network policy;
querying a data repository used to store required business rules;
querying a data repository used to store predefined network configurations;
determining a plurality of network devices to apply the predefined network configurations to implement the desired network policy; and
applying the network changes to network devices in the order and as defined in the business rules.
16. The method of
receiving a network notification from a network device when applying the predefined network configurations;
checking the status of a current network policy by consulting a network policy server, retrieving a policy associated with the network notification and, as required, implementing the desired network policy.
17. The process of
notifying a selected one of a network administrator, a system, and a customer upon completion of implementing the desired network policy.
18. The process of
The present application is a continuation application of commonly owned and assigned application Ser. No. 11/216,482, Attorney Docket No. CNTW-006/04US, entitled S
The following commonly owned and assigned patent applications are hereby incorporated by reference in their entirety:
patent application Ser. No. 09/730,864, Attorney Docket No. CNTW-001/00US, entitled System and Method for Configuration, Management and Monitoring of Network Resources, filed on Dec. 6, 2000;
patent application Ser. No. 09/730,680, Attorney Docket No. CNTW-002/00US, entitled System and Method for Redirecting Data Generated by Network Devices, filed on Dec. 6, 2000;
patent application Ser. No. 09/730,863, Attorney Docket No. CNTW-003/00US, entitled Event Manager for Network Operating System, filed on Dec. 6, 2000;
patent application Ser. No. 09/730,671, Attorney Docket No. CNTW-004/00US, entitled Dynamic Configuration of Network Devices to Enable Data Transfers, filed on Dec. 6, 2000; and
patent application Ser. No. 09/730,682, Attorney Docket No. CNTW-006/00US, entitled Network Operating System Data Directory, filed on Dec. 6, 2000.
patent application Ser. No. (unassigned), Attorney Docket No. CNTW-006/03US, entitled S
The present invention relates generally to network systems. More particularly, but not by way of limitation, the present invention relates to systems and methods for configuring, managing and monitoring network resources such as routers, optical devices and storage devices.
With the ever-increasing reliance upon electronic data, businesses are becoming more and more reliant upon those networks responsible for distributing that data. Unfortunately, the rapid growth in the amount of data consumed by businesses has outpaced the development and growth of certain necessary network infrastructure components. One reason that the development and growth of the network infrastructure has lagged behind centers on the present difficulty in expanding, configuring, and reconfiguring existing networks. Even the most routine network expansions and reconfigurations, for example, require significant, highly technical, manual intervention by trained network administrators. Unfortunately, these highly trained network administrators are in extremely short supply. Thus, many needed network expansions and reconfigurations are delayed or even completely avoided because of the inability to find the needed administrators to perform the required laborious, technical tasks.
The present difficulty in configuring and reconfiguring networks is best illustrated by an example directed toward installing a single new router on an existing network. To install a new router (such as router 100 or 105 in
After the administrator 110 has chosen the desired router (router 105, for example), the administrator 110 generally will order the router 105 from the manufacturer and have it shipped, not necessarily to the installation site, but rather to the administrator's site where a basic configuration can be installed. The administrator 110 then ships the router 105 to the installation site where it can be physically installed. After the router 105 has been physically installed, the administrator 110 typically is manually notified, e.g., by telephone, that the router 105 is connected to the network. The administrator must then create a set of device-specific commands required to fully configure the router 105 and transfer those commands to the router's memory 115. After the administrator 110 verifies that the device-specific commands were installed correctly, the router 105 can be brought online.
Obviously, the steps required for an administrator to configure a single router are quite cumbersome and require significant technical skill. The problem, however, is even more severe when the administrator desires to simultaneously configure or reconfigure several network devices. First, the administrator, for example, would need to manually identify the network devices that need to be configured or reconfigured. For example, if the administrator desired to turn up service between two points, the administrator would need to identify the routers along the path between the two points. The administrator would then need to verify that the policies and rules established for the network permit the contemplated reconfiguration for those devices. Assuming that the reconfiguration is within the network's policies and rules, the administrator would need to create the device-specific code required to reconfigure each of the identified devices. In many instances, the same device-specific code cannot be used on all of the devices. For example, the device-specific commands required to reconfigure a Cisco™ router differ significantly from the device-specific commands required to reconfigure a Juniper™ router. Thus, if the identified network devices include both Cisco™ and Juniper™ routers, the administrator would be required to create different versions of the device-specific commands, thereby significantly increasing the chance for error in the reconfiguration process.
Once the device-specific commands have been created for each of the identified network devices, the commands must be manually transmitted to each device. That is, a connection, e.g., a telnet connection, must be established to each device and the particular commands transferred thereto. After each device has received its commands, the network administrator must manually reconnect to each device and verify that the device received the proper commands and that it is operating properly.
Although some tools have been developed to help administrators perform certain ones of the laborious tasks of network management, these tools are extremely limited in their application. For example, CiscoWorks™ is a group of unrelated tools that can aid administrators in some enterprise level tasks. CiscoWorks™ and similar tools provide singularly focused, unrelated tools to perform activities such as quality of service (QOS) provisioning and network policy management. These tools do not provide a way to interrelate the various happenings in a network. In essence, these present network tools lack a holistic approach to network administration.
Moreover, tools like CiscoWorks™ are generally dedicated to the management of one type of network device, e.g., router or optical device, and one brand of network device. For example, CiscoWorks™ does not help an administrator configure a Juniper™ router, and it does not help an administrator configure optical devices. Thus, if the network has both Cisco™ and Juniper™ devices, multiple unrelated tools must be utilized to perform basic network management tasks. Unfortunately, because these multiple unrelated tools are so difficult to manage, network administrators are prone to select routers based upon manufacturer identity rather than upon device features.
In addition to several other drawbacks, these singularly focused network tools result in substandard fault detection and recovery. For example, in present systems, once a configuration is changed, there is no easy way to “back out” of that configuration if a problem arises. Presently, if a new configuration for a target device fails, the network administrator would be forced to recreate the device-specific commands of the target device's previous configuration, manually connect to the device and then transmit the recreated device-specific commands to the device. As can be appreciated, this process can be extremely time consuming and error prone.
Another drawback to existing network technology centers on the multitude of different interfaces that a network administrator must navigate to configure various network devices. Presently, each network device manufacturer uses its own distinct interface for communicating with its network devices. For example, a network administrator would use a first interface for communicating with a Ciena Corporation (hereinafter “Ciena”) optical device and a second interface for communicating with a Nortel™ optical device. Because, these interfaces may have very little in common, the network administrator would be required to spend a great deal of time learning both interfaces.
The burden on a network administrator increases dramatically when he needs to communicate with different types of devices manufactured by different companies. In many networks, an administrator could be required to communicate with routers, optical devices, and storage devices—all manufactured by different companies. Thus, a network administrator faces the daunting task of learning and using the distinct interfaces created by each of these manufacturers.
To date, each network device manufacture unfortunately has focused on building its own interface and making its own product easier to use. In other words, network device manufactures have focused on developing their own software platforms to operate their own network devices. Device manufactures, as would be expected, have not focused on an integrated software platform that will operate devices of different types and/or from different manufactures. There is no motivation for a company like Nortel™ to aid a network administrator in configuring a device from its competitor, Ciena.
The lack of an integrated software platform for communicating with, operating and/or configuring various network devices has led to the slowed expansion of existing networks. Because network administrators shy away from purchasing network devices that require them to undergo additional training, the lack of such an integrated software platform prevents new device manufactures from entering the market. Moreover, lack of such an integrated software platform prevents new network providers from entering the market because they cannot find trained personnel that can operate the distinct interfaces developed by the various network device manufactures. Accordingly, an integrated network software platform is needed. In particular, a system and method are needed for communicating with network devices without regard to the device type and/or manufacturer.
In one innovative aspect, a system and method for communicating with network devices without regard to the device type and/or manufacturer is disclosed. In one embodiment, the present invention provides a global graphical user interface (GUI) for communicating with various network devices. Thus, instead of being forced to learn different interfaces for different network devices, a network administrator, using the present invention, can learn a single global GUI and communicate with the various types and brands of network devices.
Although the global GUI can be constructed in a variety of ways, good results have been achieved by using an intuitive interface driven by a template library. For each device type and each device manufacturer, this template library can store both the attribute fields required for device configuration and the format for communicating those attribute fields. For example, one template could be designed for Cisco™ routers, another for Juniper™ routers, and another for EMC™ storage devices. Moreover, different templates could even be designed for different models of, for example, a particular manufacturer's device.
When a network administrator wants to communicate with a particular network device, the template associated with that device can be retrieved from the template library. The network administrator can then populate the attribute fields of that template with the appropriate data. Because the global GUI can automatically format the data received from the network administrator, the network administrator can use the same format for the attribute fields across different network devices. In other words, through the present invention, network administrators will not be forced to learn the syntax for different network devices. Rather, the network administrator only needs to learn the syntax for the global GUI, which can “translate” instructions into the proper form and provide those “translated” instructions to the appropriate network device.
Although the global GUI can be operated independently, good results have been achieved by integrating the global GUI with a directory-enabled network system. For example, the global GUI can be integrated with a network manager unit that is disposed between the network administrator and the various network devices. The network manger unit can include, among other things, a central repository for storing configuration records for each of the attached network devices. In this type of system, the global GUI can be used to configure or reconfigure a configuration record associated with any type or brand of network device. The data in the configuration record can then be used to populate the attribute fields in the template, and the populated fields can be formatted and provided to the appropriate network device. In yet other embodiments, the configuration records and templates can be combined to form a single data structure.
As can be appreciated by those skilled in the art, the present invention addresses significant shortfalls in present network technology. In particular, the present invention, provides a way to configure, manage and view an entire network system. These and other advantages of the present invention are described more fully herein.
Various objects and advantages and a more complete understanding of the present invention are apparent and more readily appreciated by reference to the following Detailed Description and to the appended claims when taken in conjunction with the accompanying Drawings wherein:
Although the present invention is open to various modifications and alternative constructions, a preferred exemplary embodiment that is shown in the drawings is described herein in detail. It is to be understood, however, that there is no intention to limit the invention to the particular forms disclosed. One skilled in the art can recognize that there are numerous modifications, equivalents, and alternative constructions that fall within the spirit and scope of the invention as expressed in the claims.
Referring now to
To alter the configuration of a network device 135 or to add a network device to an existing network, the administrator 110 can access the network manager unit 140, search for and retrieve the configuration record corresponding to a target network device, and through a series of interactive, wizard-like screens, change the configuration record for the target network device. This altered configuration record is stored in a central repository in the network manager unit 140 and can be checked against network policies accessible by the network manager unit 140. Next, the network manager unit 140 can generate device-specific commands from the new configuration record and push those device-specific commands to the target network device or have the target network device pull the commands. Finally, the network manager unit 140 can verify that the new configuration was installed correctly at the target network device.
To generate the necessary device-specific commands, the network manager unit 140 may access the remote storage device 145 that can contain the various templates needed to generate device-specific commands for different types, brands, and/or models of network devices. Each of these templates can contain variable fields corresponding to either information stored in the configuration records or information input directly by the administrator. The network manager unit 140 generates the device-specific commands by retrieving the appropriate template and filling in the variable fields with the data from the configuration records and/or data input directly by the administrator 110. Once generated, these device-specific commands can be stored in the configuration record and/or they can be stored in the remote storage device 145 with an appropriate pointer stored in the configuration record.
As can be appreciated by those skilled in the art, the network manager unit 140 can be implemented on virtually any hardware system. Good results, however, have been achieved using components running the Red Hat™ LINUX Operating System and the Sun Solaris™ UNIX Operating System. In embodiments running either of these operating systems, the network manager unit 140 preferably is configured to utilize the common services provided by that particular operating system.
Referring now to
Referring first to the interface module 160, it is designed to exchange data with the administrator 110 (shown in
The second component of the network manager unit 140 is the event bus 175. The event bus 175 includes a central posting location for receiving messages relating to network events. For example, when a configuration for a network device 135 is to be changed, an appropriate message can be published (or otherwise made available) to the event bus 175. Similarly, if a network condition such as an error occurs, an appropriate message can be published to the event bus 175. Notably, any message published to the event bus 175 can also be sent to the administrator 110 by way of the interface 160. The administrator 110, however, does not necessarily need to respond to a received message for the event to be addressed by the network manager unit 140.
To determine the proper response for a message posted to the event bus 175, the received message can be compared against the policies stored in the policy manager 170, which is a repository for the business and network policies and rules used to manage the network. By using these rules and policies, an administrator 110 (shown in
In operation, the policy manager 170 can read a message posted to the event bus 175. Alternatively, the event bus 175 can automatically push the message to the policy manager 170. Either way, however, the policy manager 170 uses the message to access policy records that can be stored, for example, in a look-up table and to correlate the message to the appropriate response. Once the policy manager 170 has determined the appropriate response, that response is published to the event bus 175 as a work order that can be read by the action manager 185 and subsequently executed. That is, the action manager 185 can read the work order from the event bus 175 and perform the necessary tasks to complete that work order. In other embodiments, the work order can be sent directly to the action manager 185. For example, assume that the action manager 185 reads a work order from the event bus 175 that indicates two routers—one a Cisco™ router and one a Juniper™ router—need to be enabled. The action manager 185 can locate each of these routers and determine the device-specific code needed to enable them. The code required to enable the Cisco™ router, for example, might be “enable_router” and the code required to enable the Juniper™ router might be “router_enable.” Because the action manager 185 determines the appropriate device-specific code, however, the administrator 110 (shown in
In other embodiments, the action manager 185 can verify that the administrator 110 (shown in
Still referring to
The configuration records stored in the directory 165 are searchable by way of the interface 160. That is, the administrator 110 or a component within the network manager 140 (shown in
Referring now to the health manager 180, it can be configured to monitor the overall health of the network and/or the health of individual network devices 135 (shown in
In further embodiments, the health manager can monitor the health of the network manager components. For example, the health manager can monitor the operation of the event bus, the action manager and/or the directory. Moreover, the health manager can monitor the flow of data between the various components of the network manager.
Referring now to
The configuration reader module 195 of the directory 165 is designed to initiate communication with (or directly communicate with) a target network device and retrieve that device's actual configuration. For example, the configuration reader can retrieve the actual configuration from the memory 115 of router 105 (shown in
As previously discussed, the configuration storage 187 is designed to store configuration records corresponding to network devices such as network devices 135 shown in
Referring now to
The vendor data portion 215 of the configuration record contains standard vendor-specific data regarding the particular network device. For example, the vendor data portion 215 could indicate which version of an operating system that the network device is running or which features of the device are enabled. Generally, the data in the vendor data portion 215 is specific to each manufacturer and even to each model of network device.
The proprietary data portion 220 of the configuration record can contain data used by the network manager unit in configuring and managing the network devices. In one embodiment, for example, the proprietary data portion 220 includes a pointer to an address at which a core dump for a network device is stored. That is, if a router initiates a core dump, the location of that core dump could be recorded in the proprietary data portion 220 of the configuration record for that router. In other embodiments, the proprietary data portion 220 can store version numbers, time stamps, health records for a particular configuration, configuration summary data, configuration notes, etc.
The pointer portion 225 of the configuration record 205 can be used to point to a storage location where the actual device-specific commands for the associated network device are stored. Similarly, the pointer 225 could be configured to point to a storage location for a device-specific template for configuring a newly installed network device. In other embodiments, the pointer portion 225 of the configuration record can be supplemented or replaced with a storage location for actual device-specific code.
Referring now to
The particular embodiment of the event bus 175 shown in
In one embodiment of the event bus 175, an event message is stored in status storage 235 along with a status field and an age field. Thus, for any message posted to the event bus 175, its status and age can be continuously monitored. (The event bus can also get messages from client devices.) For example, status storage 235 could indicate that the status for a particular event is pending in the action manager 185 (shown in
Referring now to
In one embodiment, the action manager 185 (shown in
Referring now to
As previously discussed, in present network systems, a network administrator 110 could be required to navigate different communication interfaces for each of the network devices 315. Thus, for network system x, a network administrator 110 without the benefit of the present invention could be forced to learn six distinct interfaces. Through the present invention, however, the network administrator 110 can communicate with any of the network devices 315 by navigating the global GUI 310, which presents the network administrator 110 with a familiar graphical interface that has a similar look and feel for all network devices 315, regardless of device type or manufacturer.
Configuration and reconfiguration of a network device requires that certain attributes be provided to the network device. For different types and manufacturers of devices, these attributes and their formats can vary. DWDM switches, for example, require a wavelength attribute that routers do not. Moreover, one DWDM manufacturer may require the wavelength in a first format, and a second manufacturer may require the same information in a second format. Thus, the global GUI 310 can include both attributes and formatting instructions associated with each of the network devices 315. Good results have been achieved by arranging these attributes and/or formatting instructions in a directory tree 340 such as the one shown in
To populate the attribute fields, the global GUI 310 could prompt the network administrator 110 for the necessary information. Once the global GUI 310 has acquired the necessary information, the information can be properly formatted—in accordance with the formatting instructions—and passed to the appropriate network device. In the presently preferred embodiment, the global GUI 310 formats the attribute data for a particular network device into a frame that includes a header portion and a payload portion. The header portion can include routing instructions in various formats including HTTP, and the payload portion can include the attribute data in various formats including XML. Additionally, the attribute data can be ordered within the payload according to the formatting instructions. When a network device receives a frame from the global GUI, it can extract the attribute data from the payload and use that data as if it had been received through the network device's own interface. Notably, the frame can be stored on virtually any computer media and/or can exist as an electronically altered signal—collectively referred to as a “computer program product.” (A “computer program product” refers to any media that may be used to provide programming instructions or data to an electronic system. A computer program product includes, but is not limited to, any memory device (whether fixed or removable), any storage medium, and/or any electronically altered signals that carry data.)
By using the present invention, a network administrator 110 need only learn to navigate the global GUI 310 and not the individual GUIs for the various network devices. Because the present invention allows network devices 315 to be configured and reconfigured without regard to their type or manufacturer, network administrators 110 will be able to add network devices to their network even when they are otherwise unfamiliar with the means for communicating with that type/brand of device. Additionally, the present invention will increase competition in the network device market because new device manufactures will be able to enter the market without first training network administrators to use their products. Moreover, the present invention will reduce network provider costs because fewer specialized administrators will be needed to communicate with the various types of devices.
Although the global GUI 310 can be operated independently of the network manager unit 140 (shown in
The information stored in a configuration record 205 can be used to populate the attribute fields for a network device's template. In other words, the network manager unit 140 (shown in
In conclusion, the present system provides, among other things, a method and apparatus to configure, monitor and manage network devices without regard for device type and/or manufacturer. Those skilled in the art, however, can readily recognize that numerous variations and substitutions may be made in the invention, its use and its configuration to achieve substantially the same results as achieved by the embodiments described herein. Accordingly, there is no intention to limit the invention to the disclosed exemplary forms. Many variations, modifications and alternative constructions fall within the scope and spirit of the disclosed invention as expressed in the claims.