[go: up one dir, main page]

US20170329739A1 - Methods and systems for loading a boot agent on a router network device - Google Patents

Methods and systems for loading a boot agent on a router network device Download PDF

Info

Publication number
US20170329739A1
US20170329739A1 US15/666,033 US201715666033A US2017329739A1 US 20170329739 A1 US20170329739 A1 US 20170329739A1 US 201715666033 A US201715666033 A US 201715666033A US 2017329739 A1 US2017329739 A1 US 2017329739A1
Authority
US
United States
Prior art keywords
network device
agent
provisioning
boot
router network
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US15/666,033
Inventor
Olivier Huynh Van
Jacob Enoch Locken
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Gluware Inc
Original Assignee
GLUE NETWORKS Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by GLUE NETWORKS Inc filed Critical GLUE NETWORKS Inc
Priority to US15/666,033 priority Critical patent/US20170329739A1/en
Assigned to GLUE NETWORKS, INC. reassignment GLUE NETWORKS, INC. ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: LOCKEN, JACOB ENOCH, VAN, OLIVIER HUYNH
Assigned to GLUWARE, INC. reassignment GLUWARE, INC. CHANGE OF NAME (SEE DOCUMENT FOR DETAILS). Assignors: GLUE NETWORKS, INC.
Publication of US20170329739A1 publication Critical patent/US20170329739A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • GPHYSICS
    • G06COMPUTING OR CALCULATING; COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F15/00Digital computers in general; Data processing equipment in general
    • G06F15/16Combinations of two or more digital computers each having at least an arithmetic unit, a program unit and a register, e.g. for a simultaneous processing of several programs
    • G06F15/177Initialisation or configuration control
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/084Configuration by using pre-existing information, e.g. using templates or copying from other elements
    • H04L41/0843Configuration by using pre-existing information, e.g. using templates or copying from other elements based on generic templates

Definitions

  • FIG. 1 is a network according to an embodiment of the invention.
  • FIG. 2 is an injection method according to an embodiment of the invention.
  • FIG. 3 is a configuration method according to an embodiment of the invention.
  • FIG. 4 is a provisioning method according to an embodiment of the invention.
  • FIG. 5 is a provisioning method according to an embodiment of the invention.
  • FIG. 6 is a provisioning method according to an embodiment of the invention.
  • Network devices such as routers or switches
  • the network devices may require configuration in order to function.
  • the network devices may be configured to interact with one another.
  • Systems and methods described herein may enable a network device to be provisioned with a complex configuration in a zero touch manner by causing a boot agent to be loaded on the network device. Once the boot agent has been loaded, it may enable the network device to connect to a provisioning engine, which may be part of a data center, for example.
  • the provisioning engine may take over and fully provision the device. This provisioning may be accomplished without trained IT staff at the remote network device location.
  • a computer may be any programmable machine capable of performing arithmetic and/or logical operations.
  • computers may comprise processors, memories, data storage devices, and/or other commonly known or novel components. These components may be connected physically or through network or wireless links.
  • Computers may also comprise software which may direct the operations of the aforementioned components.
  • Computers may be referred to with terms that are commonly used by those of ordinary skill in the relevant arts, such as servers, PCs, mobile devices, routers, switches, data centers, and other terms.
  • Computers may facilitate communications between users and/or other computers, may provide databases, may perform analysis and/or transformation of data, and/or perform other functions. It will be understood by those of ordinary skill that those terms used herein are interchangeable, and any computer capable of performing the described functions may be used.
  • router may appear in the following specification, the disclosed embodiments are not limited to routers.
  • Computers may be linked to one another via a network or networks.
  • a network may be any plurality of completely or partially interconnected computers wherein some or all of the computers are able to communicate with one another. It will be understood by those of ordinary skill that connections between computers may be wired in some cases (i.e. via Ethernet, coaxial, optical, or other wired connection) or may be wireless (i.e. via Wi-Fi, WiMax, or other wireless connection). Connections between computers may use any protocols, including connection oriented protocols such as TCP or connectionless protocols such as UDP. Any connection through which at least two computers may exchange data can be the basis of a network.
  • FIG. 1 is a network 100 according to an embodiment of the invention.
  • various devices such as the head end device 140 and the network device 150 may communicate with one another via the internet 110 or some other public or private network.
  • the head end device 140 is a VPN router and the network device 150 is a router, although other head end devices 140 and/or network devices 150 may be used.
  • the head end device 140 and the network device 150 may facilitate communication between head end computers 170 associated with the head end device 140 (e.g., corporate campus computers and/or a local secure campus network) and home computers 130 associated with the network device 150 (e.g., remote IP phones, PCs, etc.).
  • a provisioning engine 120 may be used to set up the network device 150 so that it can communicate with the head end device 140 .
  • an example remote provisioning process for the network device 150 may proceed as follows.
  • the network device 150 is not connected to the secure corporate network via the head end device 140 but is connected to the internet 110 .
  • a provisioning process may be initiated.
  • the provisioning process may employ one of two methods.
  • an end user may install a USB key on the network device 150 and power on the network device 150 .
  • the USB key may automatically configure the network device 150 to contact the provisioning engine 120 .
  • the end user may connect a PC or other device 130 to the network device 150 via one of the LAN ports on the network device 150 or in some other way. The user may access their email, open a configuration email.
  • the provisioning engine 120 may configure the network device 150 based on specific configuration information to complete the provisioning.
  • the provisioned network device 150 may now be part of the secure corporate network and may communicate with the head end device 140 accordingly.
  • FIG. 2 is an injection method 200 according to an embodiment of the invention.
  • the network device 150 may power on. When a network device 150 powers on it may follow a set boot sequence. For example, a boot sequence may be as follows. First, the network device 150 may execute a POST (power on self test). Then, the network device 150 may load operating system software. The operating system software may look for a valid configuration file stored in a memory such as an NVRAM. Configuration files may be labeled startup-config or startup.cfg, for example. If a startup-config file is in NVRAM, the network device 150 may load and run this file. However, many network devices 150 may include a mechanism to allow for this boot sequence to be overridden.
  • POST power on self test
  • the operating system software may look for a valid configuration file stored in a memory such as an NVRAM. Configuration files may be labeled startup-config or startup.cfg, for example. If a startup-config file is in NVRAM, the network device 150 may load and run this
  • the method 200 may take advantage of this mechanism by loading a config file onto the network device 150 to act as a boot agent to allow remote provisioning of the network device 150 .
  • the agent-boot.cfg agent can be injected onto the network device from a USB key or over an internet connection, for example.
  • the startup.cfg when the startup.cfg runs it may look for the presence of a boot agent configuration file (indicated throughout by “agent-boot.cfg”, although other file names may be used) on a USB key.
  • the USB key may also hold additional files, for example an agent-connect file and agent-boot.ini file, which are described in greater detail below. If no USB key is found, or if the agent-boot.cfg file is not found on the USB key, in 220 the startup.cfg may continue to run and the network device 150 may power up with basic, unsecured, un-configured Internet access.
  • the network device 150 may execute that config (cfg) file and may not continue with the default startup.cfg. Execution of the boot agent config file is described in greater detail below with respect to FIG. 3 .
  • the network device 150 may boot the startup.cfg file and configure basic internet access.
  • another computer 130 may begin interfacing with the network device 150 .
  • an end user may connect a laptop to one of the LAN ports on the network device 150 and then access their email on the laptop.
  • the user may have been sent an email with instructions containing a URL.
  • the user may be instructed to click on the URL.
  • the computer 130 may connect to a web server in a data center.
  • the URL may cause a web page to be displayed and a Java applet or other executable program to be downloaded and executed.
  • the Java applet may be obtained and executed in some other fashion.
  • the Java applet may download the agent-boot.cfg, and, in some embodiments, the agent-connect script and agent-boot.ini files to a memory in the network device 150 , for example a flash memory.
  • the Java applet may then overwrite the startup.cfg file with the agent-boot.cfg.
  • the Java applet may cause the network device 150 to reset.
  • the network device 150 may follow its standard boot process but because the startup.cfg has been replaced by agent-boot.cfg, in 215 the network device 150 may execute agent-boot.cfg.
  • the boot agent config file is installed in 245 , if, in 250 , the network device 150 executes a hard reset, it will boot with the custom agent-boot.cfg config.
  • FIG. 3 is a configuration method 500 according to an embodiment of the invention.
  • the network device 150 may run the boot agent config file, and in 510 the network device 150 may begin a start up sequence. Once the network device 150 starts to execute the agent-boot.cfg, regardless of how the agent was injected onto the network device 150 , in 515 the network device 150 may load the agent-connect script into flash memory, if this has not already been done. Once the agent-connect script is loaded into flash, in 520 a command may be executed to load this script into a network device 150 library. In 525 , the network device 150 may be set up to create an event manager event and to configure the event management event to call the agent-connect script.
  • the agent-boot.cfg file may be careful to configure an event that will always trigger.
  • the network device 150 may wait for the event to trigger. Once the event is triggered, in 535 the event manager may cause the network device 150 to execute the agent-connect script.
  • the agent-connect script may initiate a discovery phase, wherein it may gather information about the network device 150 .
  • the information may include, but is not limited to, the IP address the network device 150 has been assigned, whether the network device 150 it routable or behind NAT, the network device 150 model number, the operating system image that is loaded on the network device 150 , the network device 150 serial number, and the options installed or licensed for the network device 150 .
  • the script may determine if the network device 150 is connected to the internet. If it is connected to the internet, a provisioning method such as that described below with respect to FIG. 4 may begin. If the network device 150 has no internet connectivity (which may happen in the USB scenario, for example), it could be because the network device 150 needs some basic configurations to be set prior to being able to connect.
  • configuration may be required if the network configuration requires the network device 150 to have a fixed IP address to be able to connect to the public internet (i.e., the network device 150 has no DHCP capability to assign the IP address when it connects), or if the network device 150 has a DSL connection to the internet rather than an Ethernet connection (in this case DSL credentials may be required before the network device 150 can connect), or if the connection to the internet is over 3G or LTE wireless.
  • the script looks for a boot agent initialization file that may have been injected as described above.
  • the file is called agent-boot.ini, although other file names may be possible.
  • This file may contain the information required to be able to setup basic internet connectivity, for example the static IP address that must be injected onto the network device 150 , or the DSL credentials required to get DSL service. If no agent ini file is found, the network device 150 may return to the injection process 200 described above and make another attempt to get the needed files. If the agent ini file is found, in 555 the network device 150 may configure internet connectivity using the data from the agent ini file. Then, in 545 , the network device 150 may determine whether it is connected to the internet and move on to provisioning if so.
  • the agent-boot.cfg file and the agent-connect script may be generic files which may be used in all scenarios.
  • the agent-boot.ini may be customized and injected on a case by case basis for each network device 150 . This may be done automatically as follows.
  • a workflow engine may detect if the configuration uses a standard Ethernet network device 150 or a variant using DSL or 3G. It may also detect whether the network device 150 will have a dynamic IP address or will require a static address. If the configuration is for a standard Ethernet network device 150 with dynamic IP, then no special data may be required for the agent-boot.ini. If the network device 150 requires DSL, 3G, a fixed IP address, and/or some other special configuration, a specific cvo-boot,ini file may be generated and injected along with the agent-boot.cfg and agent-connect files.
  • agent-connect has processed the agent-boot.ini data to set any custom settings for the network device 150 , the network device 150 should have internet connectivity and can start provisioning, as described below.
  • FIG. 4 is a provisioning method 600 according to an embodiment of the invention.
  • the network device 150 may determine if it has a public routable IP address (i.e., it is connected directly to the public internet, for example) or if it has a private address (i.e. it is connected behind a NAT router that is a gateway to the public internet, for example). If the network device 150 has a private address, it may initiate a process to build a secure, encrypted, tunnel to a data center. For example, in 610 the network device 150 may build the tunnel, and then in 615 the network device 150 may gather tunnel information.
  • a public routable IP address i.e., it is connected directly to the public internet, for example
  • a private address i.e. it is connected behind a NAT router that is a gateway to the public internet, for example.
  • the network device 150 may initiate a process to build a secure, encrypted, tunnel to a data center. For example, in 610 the network device 150 may build the tunnel,
  • the script may make a call to the data center including a request to start provisioning.
  • the call may be made through the encrypted tunnel.
  • the network device 150 has a public IP address
  • the call may be made via the internet and may include the IP address at which the network device 150 can be reached.
  • the data center may comprise the provisioning engine 120 , which may perform the functions of the data center described below.
  • the data center may take over and dynamically build and download the configuration required by the network device 150 based upon a template that was specified in the portal and the information determined in the discovery phase. For example, in 625 an agent connect engine may connect to the network device 150 . In 630 , the agent connect engine may provision the network device 150 . In 635 , an agent connect configuration may be set as a running config. The running configuration may be loaded whenever the network device 150 is powered on or reset. In 640 , the agent config may be set as a config for a reset action. Thus, agent-boot.cfg config may be the config that will be loaded whenever the network device 150 is made to perform a hard reset, for example.
  • the provisioning engine 120 may comprise a library of scripts (methods, applications, APIs, etc.) which may be used in the agent-connect script to interact with the network device 150 and the data center. These scripts may use encrypted traffic between the network device 150 and the data center so that data can be exchanged, requests can be made, and so that status information can be passed back to the data center for monitoring and logging purposes. These scripts may provide an API into the data center that can be used by the script to access capabilities of the data center.
  • FIG. 5 is a provisioning method 300 according to an embodiment of the invention. This method 300 is an overview of the provisioning described above for an embodiment employing a USB key injection process.
  • a user may insert the USB key 160 into the network device 150 .
  • the serial number of the key 160 may be sent to the provisioning engine 120 , and in 330 the network device 150 may be powered on.
  • the provisioning engine may request an ID from the network device 150 .
  • the network device 150 may provide the ID and the provisioning engine 120 may start provisioning as described above.
  • the provisioning engine 120 may inform the user of a successful start to the provisioning, for example via email.
  • the provisioning engine 120 may configure the network device 150 as described above.
  • the network device 150 may store an indication of successful configuration in the USB key 160 .
  • the provisioning engine 120 may inform the user of a successful provisioning, for example via email.
  • FIG. 6 is a provisioning method 400 according to an embodiment of the invention.
  • This method 400 is an overview of the provisioning described above for an embodiment employing a network based injection process.
  • a user may connect a PC 130 or other computer to the network device 150 .
  • the user may initiate the process, for example by clicking on a link as described above.
  • the PC 130 may verify the network device 150 .
  • the initial configuration may be loaded into the network device 150 , and the network device 150 may be rebooted.
  • the PC 130 may contact the provisioning engine 120 and the provisioning engine 120 may start provisioning as described above.
  • the provisioning engine 120 may inform the user of a successful start to the provisioning, for example via a notification in a web browser.
  • the provisioning engine 120 may configure the network device 150 as described above.
  • the provisioning engine 120 may inform the user of a successful provisioning, for example via a notification in a web browser.

Landscapes

  • Engineering & Computer Science (AREA)
  • Computer Hardware Design (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Networks & Wireless Communication (AREA)
  • Signal Processing (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Stored Programmes (AREA)

Abstract

Systems and methods described herein may perform processing associated with loading, with a boot agent injection module in communication with a processor; a boot agent into a memory of a network device comprising a processor; and perform processing associated with using the boot agent to configure, with the network device, the network device to connect to a remote computer.

Description

    CROSS-REFERENCE TO RELATED APPLICATIONS
  • This application is a Continuation of U.S. patent application Ser. No. 13/830,737 filed Mar. 14, 2013, the entirety of which is incorporated by reference herein.
    • BRIEF DESCRIPTION OF THE DRAWINGS
  • FIG. 1 is a network according to an embodiment of the invention.
  • FIG. 2 is an injection method according to an embodiment of the invention.
  • FIG. 3 is a configuration method according to an embodiment of the invention.
  • FIG. 4 is a provisioning method according to an embodiment of the invention.
  • FIG. 5 is a provisioning method according to an embodiment of the invention.
  • FIG. 6 is a provisioning method according to an embodiment of the invention.
    • DETAILED DESCRIPTION OF SEVERAL EMBODIMENTS
  • Many network devices, such as routers or switches, may require configuration in order to function. For example, in the context of a complex, secure corporate network, the network devices may be configured to interact with one another. Systems and methods described herein may enable a network device to be provisioned with a complex configuration in a zero touch manner by causing a boot agent to be loaded on the network device. Once the boot agent has been loaded, it may enable the network device to connect to a provisioning engine, which may be part of a data center, for example. The provisioning engine may take over and fully provision the device. This provisioning may be accomplished without trained IT staff at the remote network device location.
  • Systems and methods described herein may comprise one or more computers. A computer may be any programmable machine capable of performing arithmetic and/or logical operations. In some embodiments, computers may comprise processors, memories, data storage devices, and/or other commonly known or novel components. These components may be connected physically or through network or wireless links. Computers may also comprise software which may direct the operations of the aforementioned components. Computers may be referred to with terms that are commonly used by those of ordinary skill in the relevant arts, such as servers, PCs, mobile devices, routers, switches, data centers, and other terms. Computers may facilitate communications between users and/or other computers, may provide databases, may perform analysis and/or transformation of data, and/or perform other functions. It will be understood by those of ordinary skill that those terms used herein are interchangeable, and any computer capable of performing the described functions may be used. For example, though the term “router” may appear in the following specification, the disclosed embodiments are not limited to routers.
  • Computers may be linked to one another via a network or networks. A network may be any plurality of completely or partially interconnected computers wherein some or all of the computers are able to communicate with one another. It will be understood by those of ordinary skill that connections between computers may be wired in some cases (i.e. via Ethernet, coaxial, optical, or other wired connection) or may be wireless (i.e. via Wi-Fi, WiMax, or other wireless connection). Connections between computers may use any protocols, including connection oriented protocols such as TCP or connectionless protocols such as UDP. Any connection through which at least two computers may exchange data can be the basis of a network.
  • The systems and methods described herein may be related to the teachings of U.S. patent application Ser. No. 12/634,536, “SYSTEM AND METHOD FOR PROVIDING VIRTUAL PRIVATE NETWORKS” filed Dec. 9, 2009 (published as US 2010/0142410); U.S. patent application Ser. No. 12/471,199, “REGIONAL VIRTUAL VPN” filed May 22, 2009 (published as US 2009/0304004); and U.S. patent application Ser. No. 12/471,179, “GLOBAL VIRTUAL VPN” filed May 22, 2009 (published as US 2009/0304003), the entirety of each of which is incorporated by reference herein.
  • FIG. 1 is a network 100 according to an embodiment of the invention. In this example, various devices such as the head end device 140 and the network device 150 may communicate with one another via the internet 110 or some other public or private network. In FIG. 1, the head end device 140 is a VPN router and the network device 150 is a router, although other head end devices 140 and/or network devices 150 may be used. When they are connected to one another via the internet 110, the head end device 140 and the network device 150 may facilitate communication between head end computers 170 associated with the head end device 140 (e.g., corporate campus computers and/or a local secure campus network) and home computers 130 associated with the network device 150 (e.g., remote IP phones, PCs, etc.). As will be described in greater detail below, a provisioning engine 120 may be used to set up the network device 150 so that it can communicate with the head end device 140.
  • In the network 100 shown in FIG. 1, an example remote provisioning process for the network device 150 may proceed as follows. In 1, the network device 150 is not connected to the secure corporate network via the head end device 140 but is connected to the internet 110. In 2, a provisioning process may be initiated. For example, the provisioning process may employ one of two methods. In a first method, an end user may install a USB key on the network device 150 and power on the network device 150. The USB key may automatically configure the network device 150 to contact the provisioning engine 120. In a second method, the end user may connect a PC or other device 130 to the network device 150 via one of the LAN ports on the network device 150 or in some other way. The user may access their email, open a configuration email. and click on a configuration URL. This action may launch a Java applet that may automatically configure the network device 150 to contact the provisioning engine 120. The Java applet may be started via a link or program provided to the PC 130 in some other way as well. Both of these methods are described in greater detail below. In 3, the provisioning engine 120 may configure the network device 150 based on specific configuration information to complete the provisioning. In 4, the provisioned network device 150 may now be part of the secure corporate network and may communicate with the head end device 140 accordingly.
  • FIG. 2 is an injection method 200 according to an embodiment of the invention. In 205, the network device 150 may power on. When a network device 150 powers on it may follow a set boot sequence. For example, a boot sequence may be as follows. First, the network device 150 may execute a POST (power on self test). Then, the network device 150 may load operating system software. The operating system software may look for a valid configuration file stored in a memory such as an NVRAM. Configuration files may be labeled startup-config or startup.cfg, for example. If a startup-config file is in NVRAM, the network device 150 may load and run this file. However, many network devices 150 may include a mechanism to allow for this boot sequence to be overridden. The method 200 may take advantage of this mechanism by loading a config file onto the network device 150 to act as a boot agent to allow remote provisioning of the network device 150. The agent-boot.cfg agent can be injected onto the network device from a USB key or over an internet connection, for example.
  • In 210, when the startup.cfg runs it may look for the presence of a boot agent configuration file (indicated throughout by “agent-boot.cfg”, although other file names may be used) on a USB key. The USB key may also hold additional files, for example an agent-connect file and agent-boot.ini file, which are described in greater detail below. If no USB key is found, or if the agent-boot.cfg file is not found on the USB key, in 220 the startup.cfg may continue to run and the network device 150 may power up with basic, unsecured, un-configured Internet access. If the agent-boot.cfg file is found on the USB key, in 215 the network device 150 may execute that config (cfg) file and may not continue with the default startup.cfg. Execution of the boot agent config file is described in greater detail below with respect to FIG. 3.
  • If no USB key is present, in 220 the network device 150 may boot the startup.cfg file and configure basic internet access. Once the network device 150 has basic internet connectivity, in 225 another computer 130 may begin interfacing with the network device 150. For example, an end user may connect a laptop to one of the LAN ports on the network device 150 and then access their email on the laptop. The user may have been sent an email with instructions containing a URL. The user may be instructed to click on the URL. In response, in 230 the computer 130 may connect to a web server in a data center. In 235, the URL may cause a web page to be displayed and a Java applet or other executable program to be downloaded and executed. In some embodiments, the Java applet may be obtained and executed in some other fashion. In 240, the Java applet may download the agent-boot.cfg, and, in some embodiments, the agent-connect script and agent-boot.ini files to a memory in the network device 150, for example a flash memory. In 245, the Java applet may then overwrite the startup.cfg file with the agent-boot.cfg. Then, in 255, the Java applet may cause the network device 150 to reset. When the network device 150 resets, it may follow its standard boot process but because the startup.cfg has been replaced by agent-boot.cfg, in 215 the network device 150 may execute agent-boot.cfg. Once the boot agent config file is installed in 245, if, in 250, the network device 150 executes a hard reset, it will boot with the custom agent-boot.cfg config.
  • FIG. 3 is a configuration method 500 according to an embodiment of the invention. In 505 the network device 150 may run the boot agent config file, and in 510 the network device 150 may begin a start up sequence. Once the network device 150 starts to execute the agent-boot.cfg, regardless of how the agent was injected onto the network device 150, in 515 the network device 150 may load the agent-connect script into flash memory, if this has not already been done. Once the agent-connect script is loaded into flash, in 520 a command may be executed to load this script into a network device 150 library. In 525, the network device 150 may be set up to create an event manager event and to configure the event management event to call the agent-connect script. The agent-boot.cfg file may be careful to configure an event that will always trigger. In 530, the network device 150 may wait for the event to trigger. Once the event is triggered, in 535 the event manager may cause the network device 150 to execute the agent-connect script. In 540, the agent-connect script may initiate a discovery phase, wherein it may gather information about the network device 150. For example, the information may include, but is not limited to, the IP address the network device 150 has been assigned, whether the network device 150 it routable or behind NAT, the network device 150 model number, the operating system image that is loaded on the network device 150, the network device 150 serial number, and the options installed or licensed for the network device 150.
  • Once the discovery phase is complete and the information about the network device 150 is known, in 545 the script may determine if the network device 150 is connected to the internet. If it is connected to the internet, a provisioning method such as that described below with respect to FIG. 4 may begin. If the network device 150 has no internet connectivity (which may happen in the USB scenario, for example), it could be because the network device 150 needs some basic configurations to be set prior to being able to connect. For example, configuration may be required if the network configuration requires the network device 150 to have a fixed IP address to be able to connect to the public internet (i.e., the network device 150 has no DHCP capability to assign the IP address when it connects), or if the network device 150 has a DSL connection to the internet rather than an Ethernet connection (in this case DSL credentials may be required before the network device 150 can connect), or if the connection to the internet is over 3G or LTE wireless.
  • When no Internet connection is detected, in 550 the script looks for a boot agent initialization file that may have been injected as described above. In this example the file is called agent-boot.ini, although other file names may be possible. This file may contain the information required to be able to setup basic internet connectivity, for example the static IP address that must be injected onto the network device 150, or the DSL credentials required to get DSL service. If no agent ini file is found, the network device 150 may return to the injection process 200 described above and make another attempt to get the needed files. If the agent ini file is found, in 555 the network device 150 may configure internet connectivity using the data from the agent ini file. Then, in 545, the network device 150 may determine whether it is connected to the internet and move on to provisioning if so.
  • The agent-boot.cfg file and the agent-connect script may be generic files which may be used in all scenarios. The agent-boot.ini may be customized and injected on a case by case basis for each network device 150. This may be done automatically as follows. When a request is made, for example to a data center, to create a new network device 150, a workflow engine may detect if the configuration uses a standard Ethernet network device 150 or a variant using DSL or 3G. It may also detect whether the network device 150 will have a dynamic IP address or will require a static address. If the configuration is for a standard Ethernet network device 150 with dynamic IP, then no special data may be required for the agent-boot.ini. If the network device 150 requires DSL, 3G, a fixed IP address, and/or some other special configuration, a specific cvo-boot,ini file may be generated and injected along with the agent-boot.cfg and agent-connect files.
  • Once agent-connect has processed the agent-boot.ini data to set any custom settings for the network device 150, the network device 150 should have internet connectivity and can start provisioning, as described below.
  • FIG. 4 is a provisioning method 600 according to an embodiment of the invention. If the network device 150 is connected to the internet, in 605 the network device 150 may determine if it has a public routable IP address (i.e., it is connected directly to the public internet, for example) or if it has a private address (i.e. it is connected behind a NAT router that is a gateway to the public internet, for example). If the network device 150 has a private address, it may initiate a process to build a secure, encrypted, tunnel to a data center. For example, in 610 the network device 150 may build the tunnel, and then in 615 the network device 150 may gather tunnel information. Once that encrypted tunnel has been built out from behind the NAT router to the data center, two way communications between the network device 150 and the data center may be possible. At this stage, or if the network device 150 has a public routable IP address, in 620 the script may make a call to the data center including a request to start provisioning. In the case where a tunnel has been built, the call may be made through the encrypted tunnel. If the network device 150 has a public IP address, the call may be made via the internet and may include the IP address at which the network device 150 can be reached. The data center may comprise the provisioning engine 120, which may perform the functions of the data center described below.
  • Once the request to the data center for the provisioning to start has been made, the data center may take over and dynamically build and download the configuration required by the network device 150 based upon a template that was specified in the portal and the information determined in the discovery phase. For example, in 625 an agent connect engine may connect to the network device 150. In 630, the agent connect engine may provision the network device 150. In 635, an agent connect configuration may be set as a running config. The running configuration may be loaded whenever the network device 150 is powered on or reset. In 640, the agent config may be set as a config for a reset action. Thus, agent-boot.cfg config may be the config that will be loaded whenever the network device 150 is made to perform a hard reset, for example. These processes are described in greater detail in U.S. patent application Ser. No. 12/634,536, “SYSTEM AND METHOD FOR PROVIDING VIRTUAL PRIVATE NETWORKS” filed Dec. 9, 2009 (published as US 2010/0142410). In 645, it may be determined that the network device 150 is operational. At this point, the network device 150 may be fully provisioned and may now be part of a secure corporate network. In case of future network device 150 power on or reset, in 650 the agent connect start up process may be initiated. Whenever the network device 150 powers on or has hard reset, it may follow the provisioned boot process and may connect back to the data center to check if it has the correct configuration or if any config updates are available.
  • The provisioning engine 120 may comprise a library of scripts (methods, applications, APIs, etc.) which may be used in the agent-connect script to interact with the network device 150 and the data center. These scripts may use encrypted traffic between the network device 150 and the data center so that data can be exchanged, requests can be made, and so that status information can be passed back to the data center for monitoring and logging purposes. These scripts may provide an API into the data center that can be used by the script to access capabilities of the data center.
  • FIG. 5 is a provisioning method 300 according to an embodiment of the invention. This method 300 is an overview of the provisioning described above for an embodiment employing a USB key injection process. In 310 a user may insert the USB key 160 into the network device 150. In 320 the serial number of the key 160 may be sent to the provisioning engine 120, and in 330 the network device 150 may be powered on. In 340, the provisioning engine may request an ID from the network device 150. In 350, the network device 150 may provide the ID and the provisioning engine 120 may start provisioning as described above. In 360, the provisioning engine 120 may inform the user of a successful start to the provisioning, for example via email. In 370, the provisioning engine 120 may configure the network device 150 as described above. In 380, the network device 150 may store an indication of successful configuration in the USB key 160. In 390, the provisioning engine 120 may inform the user of a successful provisioning, for example via email.
  • FIG. 6 is a provisioning method 400 according to an embodiment of the invention. This method 400 is an overview of the provisioning described above for an embodiment employing a network based injection process. In 410 a user may connect a PC 130 or other computer to the network device 150. In 420 the user may initiate the process, for example by clicking on a link as described above. In 430 the PC 130 may verify the network device 150. In 440, the initial configuration may be loaded into the network device 150, and the network device 150 may be rebooted. In 450, the PC 130 may contact the provisioning engine 120 and the provisioning engine 120 may start provisioning as described above. In 460, the provisioning engine 120 may inform the user of a successful start to the provisioning, for example via a notification in a web browser. In 470, the provisioning engine 120 may configure the network device 150 as described above. In 480, the provisioning engine 120 may inform the user of a successful provisioning, for example via a notification in a web browser.
  • The systems and methods described above may provide at least the following features, as well as additional features described above.
      • 1. Ability to remotely configure a network device via the internet with a cloud-based provisioning engine
      • 2. Use of a USB key to enable automated provisioning of network device
      • 3. Use of email URL link to activate automated provisioning of network device
      • 4. Injection of boot agent onto network device via USB or internet connection
      • 5. Use of a boot agent loaded onto network device to remotely connect to a cloud-based provisioning engine
      • 6. Use of a cloud-sourced script loaded onto the network device to create a local event triggered by the network device event manager
      • 7. Remote collection of information on network device to detect connection type and use a local initialization file to provision credentials to interface
      • 8. Automatically determine if network device has a public or private IP address and configure communication back to the cloud-based provisioning engine
      • 9. Automatic configuration updates via communication with cloud-based provisioning engine upon power on or hard reset of network device
      • 10. Use of a scripts library (methods) to interact between the network device and the cloud-based provisioning engine
  • While various embodiments have been described above, it should be understood that they have been presented by way of example and not limitation. It will be apparent to persons skilled in the relevant art(s) that various changes in form and detail can be made therein without departing from the spirit and scope. In fact, after reading the above description, it will be apparent to one skilled in the relevant art(s) how to implement alternative embodiments.
  • In addition, it should be understood that any figures which highlight the functionality and advantages are presented for example purposes only. The disclosed methodology and system are each sufficiently flexible and configurable such that they may be utilized in ways other than that shown.
  • Although the term “at least one” may often be used in the specification, claims and drawings, the terms “a”, “an”, “the”, “said”, etc. also signify “at least one” or “the at least one” in the specification, claims and drawings.
  • Finally, it is the applicant's intent that only claims that include the express language “means for” or “step for” be interpreted under 35 U.S.C. 112, paragraph 6. Claims that do not expressly include the phrase “means for” or “step for” are not to be interpreted under 35 U.S.C. 112, paragraph 6.

Claims (8)

What is claimed is:
1. A method comprising:
loading, with a boot agent injection module in communication with a processor, a boot agent into a memory of a router network device comprising a processor; and
using the boot agent to configure, with the router network device, the router network device to connect to a remote computer.
2. The method of claim 1, further comprising provisioning the router network device with a complex configuration in a zero touch manner.
3. The method of claim 2, further comprising enabling the router network device to connect to a provisioning engine using the boot agent.
4. The method of claim 3, further comprising fully provisioning the router network device using the provisioning engine.
5. A system comprising:
a processor configured for:
loading, with a boot agent injection module in communication with a processor, a boot agent into a memory of a router network device comprising a processor; and
using the boot agent to configure, with the router network device, the router network device to connect to a remote computer.
6. The system of claim 5, wherein the processor is further configured for provisioning the router network device with a complex configuration in a zero touch manner.
7. The system of claim 6, wherein the processor is further configured for enabling the router network device to connect to a provisioning engine using the boot agent.
8. The system of claim 7, wherein the processor is further configured for fully provisioning the router network device using the provisioning engine.
US15/666,033 2013-03-14 2017-08-01 Methods and systems for loading a boot agent on a router network device Abandoned US20170329739A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US15/666,033 US20170329739A1 (en) 2013-03-14 2017-08-01 Methods and systems for loading a boot agent on a router network device

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US13/830,737 US9760528B1 (en) 2013-03-14 2013-03-14 Methods and systems for creating a network
US15/666,033 US20170329739A1 (en) 2013-03-14 2017-08-01 Methods and systems for loading a boot agent on a router network device

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US13/830,737 Continuation US9760528B1 (en) 2013-03-14 2013-03-14 Methods and systems for creating a network

Publications (1)

Publication Number Publication Date
US20170329739A1 true US20170329739A1 (en) 2017-11-16

Family

ID=59758603

Family Applications (2)

Application Number Title Priority Date Filing Date
US13/830,737 Active US9760528B1 (en) 2013-03-14 2013-03-14 Methods and systems for creating a network
US15/666,033 Abandoned US20170329739A1 (en) 2013-03-14 2017-08-01 Methods and systems for loading a boot agent on a router network device

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US13/830,737 Active US9760528B1 (en) 2013-03-14 2013-03-14 Methods and systems for creating a network

Country Status (1)

Country Link
US (2) US9760528B1 (en)

Families Citing this family (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
EP2909726B1 (en) * 2012-10-18 2021-09-01 Sutherland Global Services Inc. System and method for remotely diagnosing and repairing a computing device
US9760528B1 (en) * 2013-03-14 2017-09-12 Glue Networks, Inc. Methods and systems for creating a network
US10313206B1 (en) 2015-12-23 2019-06-04 Apstra, Inc. Verifying service status
US10530865B2 (en) * 2017-04-19 2020-01-07 Vmware, Inc. Offline sideloading for enrollment of devices in a mobile device management system
US11075805B1 (en) 2019-04-24 2021-07-27 Juniper Networks, Inc. Business policy management for self-driving network
CN111222062B (en) * 2020-01-09 2021-06-01 百度在线网络技术(北京)有限公司 Applet running method and device, electronic equipment and storage medium

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20060190570A1 (en) * 2005-02-19 2006-08-24 Cisco Technology, Inc. Techniques for zero touch provisioning of edge nodes for a virtual private network
US20090165099A1 (en) * 2007-12-21 2009-06-25 Avigdor Eldar Provisioning active management technology (amt) in computer systems
US20090254639A1 (en) * 2004-01-07 2009-10-08 Microsoft Corporation Configuring network settings using portable storage media
US9760528B1 (en) * 2013-03-14 2017-09-12 Glue Networks, Inc. Methods and systems for creating a network

Family Cites Families (161)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5594792A (en) 1994-01-28 1997-01-14 American Telecorp Methods and apparatus for modeling and emulating devices in a network of telecommunication systems
US6105131A (en) 1997-06-13 2000-08-15 International Business Machines Corporation Secure server and method of operation for a distributed information system
CA2217267A1 (en) 1997-10-03 1999-04-03 Newbridge Networks Corporation Scalable, robust configuration of edge forwarders in a distributed router
US6061721A (en) 1997-10-06 2000-05-09 Sun Microsystems, Inc. Bean-based management system
US6175917B1 (en) 1998-04-23 2001-01-16 Vpnet Technologies, Inc. Method and apparatus for swapping a computer operating system
US6931526B1 (en) 1998-06-04 2005-08-16 International Business Machines Corporation Vault controller supervisor and method of operation for managing multiple independent vault processes and browser sessions for users in an electronic business system
US6438690B1 (en) 1998-06-04 2002-08-20 International Business Machines Corp. Vault controller based registration application serving web based registration authorities and end users for conducting electronic commerce in secure end-to-end distributed information system
US6715073B1 (en) 1998-06-04 2004-03-30 International Business Machines Corporation Secure server using public key registration and methods of operation
US6892300B2 (en) 1998-06-04 2005-05-10 International Business Machines Corporation Secure communication system and method of operation for conducting electronic commerce using remote vault agents interacting with a vault controller
US6286038B1 (en) 1998-08-03 2001-09-04 Nortel Networks Limited Method and apparatus for remotely configuring a network device
JP2003528358A (en) 1998-08-24 2003-09-24 富士通株式会社 Workflow system and method
JP3184169B2 (en) 1999-01-14 2001-07-09 エヌイーシーソフト株式会社 Network device setting management system, network device setting management method, and recording medium recording network device setting management program
US6640251B1 (en) 1999-03-12 2003-10-28 Nortel Networks Limited Multicast-enabled address resolution protocol (ME-ARP)
US6966060B1 (en) * 1999-07-02 2005-11-15 Microsoft Corporation Method and system for remote client installation
US20060248139A1 (en) 1999-12-01 2006-11-02 Intel Corporation Networked computer management with a mobile software agent
US6571285B1 (en) 1999-12-23 2003-05-27 Accenture Llp Providing an integrated service assurance environment for a network
US6513159B1 (en) 2000-03-28 2003-01-28 Intel Corporation Platform intelligent installer
US7054924B1 (en) 2000-09-29 2006-05-30 Cisco Technology, Inc. Method and apparatus for provisioning network devices using instructions in extensible markup language
US6826611B1 (en) 2000-09-30 2004-11-30 Fluke Corporation Apparatus and method for automatically obtaining a valid IP configuration in a local area network
US7249170B2 (en) 2000-12-06 2007-07-24 Intelliden System and method for configuration, management and monitoring of network resources
US6978301B2 (en) 2000-12-06 2005-12-20 Intelliden System and method for configuring a network device
US20020112048A1 (en) * 2000-12-11 2002-08-15 Francois Gruyer System and method for providing behavioral information of a user accessing on-line resources
FI20010596A0 (en) 2001-03-22 2001-03-22 Ssh Comm Security Oyj Security system for a data communication network
US6879679B1 (en) 2001-05-22 2005-04-12 Cisco Technology, Inc. Analysis method for provisioning subscribers in a next generation telecommunications network
US7352853B1 (en) 2001-05-22 2008-04-01 Cisco Technology, Inc. Automation of customer premises equipment provisioning in a telecommunications network
US7376653B2 (en) * 2001-05-22 2008-05-20 Reuters America, Inc. Creating dynamic web pages at a client browser
US20020184388A1 (en) 2001-06-01 2002-12-05 Nimer Yaseen Layered approach to virtual private routing
US8014283B2 (en) 2001-06-01 2011-09-06 Fujitsu Limited System and method for topology constrained QoS provisioning
US20020188643A1 (en) 2001-06-07 2002-12-12 International Business Machines Corporation Method and system for a model-based approach to network management
CA2474879C (en) 2001-07-03 2013-04-09 Imagine Broadband Limited Method and system for monitoring service performance over a virtual private network connection by simulating end user activity
WO2003037009A1 (en) 2001-10-23 2003-05-01 Meshnetworks, Inc. System and method for providing a congestion optimized address resolution protocol for wireless ad-hoc networks
AU2002366158A1 (en) 2001-11-21 2003-06-10 Enterasys Networks, Inc. Translating configuration files among network devices
US7245611B2 (en) 2002-02-27 2007-07-17 J2 Global Communications Method and process for signaling, communication and administration of networked objects
US9521207B2 (en) 2002-05-09 2016-12-13 Protel Communications Limited Unified integration management—contact center portal
US8140642B1 (en) * 2002-05-17 2012-03-20 Mcafee, Inc. Network connection-independent updating system and method
US7447901B1 (en) 2002-06-25 2008-11-04 Cisco Technology, Inc. Method and apparatus for establishing a dynamic multipoint encrypted virtual private network
EP1391819A1 (en) * 2002-08-19 2004-02-25 Hewlett-Packard Company Data processing system and method
CN1214583C (en) 2002-08-23 2005-08-10 华为技术有限公司 Three layer virtual private network and its construction method
US7558847B2 (en) 2002-09-13 2009-07-07 Intelliden, Inc. System and method for mapping between and controlling different device abstractions
US8656050B2 (en) 2002-09-24 2014-02-18 Alcatel Lucent Methods and systems for efficiently configuring IP-based, virtual private networks
US20110276636A1 (en) 2010-03-29 2011-11-10 Konaware, Inc. Efficient transactional messaging between loosely coupled client and server over multiple intermittent networks with policy based routing
US20040136394A1 (en) 2003-01-09 2004-07-15 Robert Onno Bulk service configuration in communications networks
US7584474B2 (en) 2003-02-25 2009-09-01 Bea Systems, Inc. Systems and methods for transaction chaining
US20050004942A1 (en) 2003-04-02 2005-01-06 Madsen Mark E. Methods and systems for controlling network infrastructure devices
US7305479B1 (en) 2003-05-13 2007-12-04 Cisco Technology, Inc. Methods and apparatus for delivery of content requests within a content delivery network
US20050022208A1 (en) 2003-07-24 2005-01-27 Bolar Daniel Roy Corba gateway
US7075933B2 (en) 2003-08-01 2006-07-11 Nortel Networks, Ltd. Method and apparatus for implementing hub-and-spoke topology virtual private networks
US20050050186A1 (en) 2003-09-02 2005-03-03 Chih-Wei Chen Network-linked computer platform configuration data access management method and system
US7404188B2 (en) 2003-12-18 2008-07-22 Microsoft Corporation Method and software for publishing a business process orchestration as a web service
US20050198221A1 (en) 2004-01-07 2005-09-08 Microsoft Corporation Configuring an ad hoc wireless network using a portable media device
US7668944B2 (en) 2004-02-20 2010-02-23 Evgeny Leib System and unified setting interface for configuring network manageable devices
US7870184B2 (en) 2004-04-05 2011-01-11 Avaya Inc. Communications services for business process design
US9178948B2 (en) 2004-07-30 2015-11-03 Qualcomm Incorporated Methods and apparatus for subscribing to multimedia delivery services in a data network
US7643434B2 (en) 2004-09-30 2010-01-05 Hewlett-Packard Development Company, L.P. Method and system for managing network nodes which communicate via connectivity services of a service provider
US7451432B2 (en) 2004-10-01 2008-11-11 Microsoft Corporation Transformation of componentized and extensible workflow to a declarative format
US8156207B2 (en) 2004-10-08 2012-04-10 Hewlett-Packard Development Company, L.P. Method and apparatus for remotely configuring network devices
US7600011B1 (en) 2004-11-04 2009-10-06 Sprint Spectrum L.P. Use of a domain name server to direct web communications to an intermediation platform
CA2588784A1 (en) 2004-12-02 2006-06-08 Now Technologies Pty Limited Managing unprotected and protected content in private networks
US9083748B2 (en) 2004-12-16 2015-07-14 Hewlett-Packard Development Company, L.P. Modelling network to assess security properties
US8037204B2 (en) 2005-02-11 2011-10-11 Cisco Technology, Inc. Method and system for IP train inauguration
US7409709B2 (en) 2005-02-14 2008-08-05 Etsec, Inc. Systems and methods for automatically reconfiguring a network device
US7373661B2 (en) 2005-02-14 2008-05-13 Ethome, Inc. Systems and methods for automatically configuring and managing network devices and virtual private networks
US7778199B2 (en) 2005-02-19 2010-08-17 Cisco Technology, Inc. Techniques for customer self-provisioning of edge nodes for a virtual private network
US7769037B2 (en) 2005-02-19 2010-08-03 Cisco Technology, Inc. Techniques for using first sign of life at edge nodes for a virtual private network
US7420933B2 (en) 2005-02-19 2008-09-02 Cisco Technology, Inc. Techniques for zero touch provisioning of edge nodes for a virtual private network by pushing configuration from a server
US8059527B2 (en) 2005-02-19 2011-11-15 Cisco Technology, Inc. Techniques for oversubscribing edge nodes for virtual private networks
US7631173B2 (en) * 2005-03-09 2009-12-08 Wyse Technology Inc. Method and system for performing pre-boot operations from an external memory including memory address and geometry
WO2006102467A2 (en) 2005-03-21 2006-09-28 Primitive Logic, Inc. Service-oriented architecture
GB2426141A (en) 2005-05-12 2006-11-15 3Com Corporaton Configuration of Virtual Private Networks (VPNs)
US20060268829A1 (en) 2005-05-13 2006-11-30 Plamen Nedeltchev Approach for securely auto-deploying IP telephony devices
US7437545B2 (en) * 2005-07-19 2008-10-14 International Business Machines Corporation Apparatus and system for the autonomic configuration of a storage device
US8819202B1 (en) 2005-08-01 2014-08-26 Oracle America, Inc. Service configuration and deployment engine for provisioning automation
US7801030B1 (en) 2005-09-16 2010-09-21 Cisco Technology, Inc. Technique for using OER with an ECT solution for multi-homed spoke-to-spoke sites
US8260922B1 (en) 2005-09-16 2012-09-04 Cisco Technology, Inc. Technique for using OER with an ECT solution for multi-homed sites
US7869436B1 (en) 2005-10-13 2011-01-11 Cisco Technology, Inc. Methods and apparatus for connecting to virtual networks using non supplicant authentication
JP4836237B2 (en) 2005-10-18 2011-12-14 キヤノン株式会社 System and control method thereof
US7590123B2 (en) 2005-11-22 2009-09-15 Cisco Technology, Inc. Method of providing an encrypted multipoint VPN service
US20070130192A1 (en) 2005-12-01 2007-06-07 Alcatel Method and system for configuring network devices through an operations support system interface
US8005088B2 (en) 2006-01-17 2011-08-23 At&T Intellectual Property I, L.P. Scalable management system for MPLS based service providers
US7602737B2 (en) 2006-03-01 2009-10-13 Cisco Technology, Inc. Methods and apparatus for providing an enhanced dynamic multipoint virtual private network architecture
US20070253384A1 (en) * 2006-05-01 2007-11-01 Symbol Technologies, Inc. Wireless switch with bootable flash memory storage device
US20080005194A1 (en) 2006-05-05 2008-01-03 Lockheed Martin Corporation System and method for immutably cataloging and storing electronic assets in a large scale computer system
US8966018B2 (en) * 2006-05-19 2015-02-24 Trapeze Networks, Inc. Automated network device configuration and network deployment
US7962743B2 (en) 2006-05-22 2011-06-14 Cisco Technology, Inc. System and method for protected spoke to spoke communication using an unprotected computer network
US7593352B2 (en) 2006-06-02 2009-09-22 Cisco Technology, Inc. Discovering MPLS VPN services in a network
US8582663B2 (en) 2006-08-08 2013-11-12 Core Wireless Licensing S.A.R.L. Method, device, and system for multiplexing of video streams
US8732279B2 (en) 2006-08-18 2014-05-20 Cisco Technology, Inc. Secure network deployment
US8533822B2 (en) 2006-08-23 2013-09-10 Threatstop, Inc. Method and system for propagating network policy
US7940916B2 (en) 2006-08-28 2011-05-10 Avaya Inc. Orchestration engine as an intermediary between telephony functions and business processes
US20080062997A1 (en) 2006-09-07 2008-03-13 Go2Call.Com, Inc. Intelligent call routing through distributed VoIP networks
US7940791B2 (en) 2006-09-27 2011-05-10 The Boeing Company Router for establishing connectivity between a client device and on-board systems of an airplane
US7660265B2 (en) 2006-10-27 2010-02-09 International Business Machines Corporation Network packet inspection and forwarding
US8144699B2 (en) 2006-11-21 2012-03-27 Cisco Technology, Inc. Auto-provisioning of network services over an ethernet access link
US7930263B2 (en) 2007-01-12 2011-04-19 Health Information Flow, Inc. Knowledge utilization
US20080177868A1 (en) 2007-01-23 2008-07-24 Itai Ephraim Zilbershtein Address Provisioning
US7870596B2 (en) 2007-02-01 2011-01-11 Microsoft Corporation Accessing network resources outside a security boundary
US8194570B2 (en) 2007-03-21 2012-06-05 Cisco Technology, Inc. Configuration tool for MPLS virtual private network topologies
US8214885B2 (en) 2007-05-07 2012-07-03 Mocana Corporation Managing network components using USB keys
US8782182B2 (en) 2007-05-24 2014-07-15 Foundry Networks, Llc Generating device-specific configurations
JP4816572B2 (en) 2007-05-30 2011-11-16 富士ゼロックス株式会社 Virtual network connection system and apparatus
US8223667B2 (en) 2007-06-11 2012-07-17 International Business Machines Corporation Inferred discovery of a data communications device
JP4430091B2 (en) 2007-08-17 2010-03-10 富士通株式会社 Packet routing control method, packet routing control program, terminal device, and VPN server
US9198220B2 (en) 2007-08-20 2015-11-24 Telefonaktiebolaget L M Ericsson (Publ) Method and apparatus for providing local breakout in a mobile network
US9730078B2 (en) 2007-08-31 2017-08-08 Fisher-Rosemount Systems, Inc. Configuring and optimizing a wireless mesh network
US8908700B2 (en) 2007-09-07 2014-12-09 Citrix Systems, Inc. Systems and methods for bridging a WAN accelerator with a security gateway
US20090073995A1 (en) 2007-09-13 2009-03-19 Nokia Corporation Devices and methods for local breakout in a gateway of an access service network
US8701078B1 (en) 2007-10-11 2014-04-15 Versionone, Inc. Customized settings for viewing and editing assets in agile software development
US8625610B2 (en) 2007-10-12 2014-01-07 Cisco Technology, Inc. System and method for improving spoke to spoke communication in a computer network
JP5029700B2 (en) 2007-12-13 2012-09-19 富士通株式会社 Packet communication system, packet communication method, node and user terminal
US7764702B2 (en) 2007-12-19 2010-07-27 At&T Intellectual Property I, L.P. Method and apparatus for customer-controlled routing management
WO2009116948A1 (en) 2008-03-20 2009-09-24 Telefonaktiebolaget Lm Ericsson (Publ) Method and apparatus for communication of data packets between local networks
US20090249293A1 (en) 2008-03-31 2009-10-01 International Business Machines Corporation Defining Workflow Processing Using a Static Class-Level Network in Object-Oriented Classes
US8837491B2 (en) 2008-05-27 2014-09-16 Glue Networks Regional virtual VPN
US20090304003A1 (en) 2008-05-27 2009-12-10 Olivier Huynh Van Global Virtual VPN
US20090327869A1 (en) 2008-06-27 2009-12-31 Microsoft Corporation Online ad serving
US8281046B2 (en) 2008-07-03 2012-10-02 Steelseries Aps System and method for distributing user interface device configurations
US8316085B2 (en) 2008-08-13 2012-11-20 Sk Planet Co., Ltd. Contents delivery system and method using object redirection, and GSLB switch thereof
US7969981B2 (en) 2008-09-02 2011-06-28 Cisco Technology, Inc. System and method for multicasting in an internet protocol virtual private network environment
WO2010037147A2 (en) * 2008-09-29 2010-04-01 Whiptail Technologies Method and system for a storage area network
WO2010039085A1 (en) 2008-10-01 2010-04-08 Telefonaktiebolaget L M Ericsson (Publ) Handling of local breakout traffic in a home base station
US9319300B2 (en) 2008-12-09 2016-04-19 Glue Networks, Inc. Systems and methods for determining endpoint configurations for endpoints of a virtual private network (VPN) and deploying the configurations to the endpoints
US20100226280A1 (en) 2009-03-03 2010-09-09 Erf Wireless, Inc. Remote secure router configuration
US20100241698A1 (en) 2009-03-18 2010-09-23 Talk3, Inc. Methods and systems for auto-generating models of networks for network management purposes
EP2428051B1 (en) 2009-05-05 2016-07-20 Nokia Solutions and Networks Oy Local breakout with parameter access service
WO2010128165A2 (en) 2009-05-08 2010-11-11 Nokia Siemens Networks Oy Method and apparatus configured to provide local breakout services with a single apn
DE102009043968A1 (en) 2009-09-09 2014-03-20 Schneider Electric Automation Gmbh Petri net-based approaches and tools for development, deployment and operation of orchestration engines embedded in automation devices
US8370933B1 (en) 2009-11-24 2013-02-05 Symantec Corporation Systems and methods for detecting the insertion of poisoned DNS server addresses into DHCP servers
JP5471666B2 (en) 2010-03-19 2014-04-16 富士通株式会社 Network management apparatus, network management method, and network management program
US8837493B2 (en) 2010-07-06 2014-09-16 Nicira, Inc. Distributed network control apparatus and method
US20120084423A1 (en) 2010-10-04 2012-04-05 Openwave Systems Inc. Method and system for domain based dynamic traffic steering
US20120089700A1 (en) 2010-10-10 2012-04-12 Contendo, Inc. Proxy server configured for hierarchical caching and dynamic site acceleration and custom object and associated method
JP5678723B2 (en) 2011-02-28 2015-03-04 富士通株式会社 Switch, information processing apparatus and information processing system
WO2013019123A1 (en) 2011-07-19 2013-02-07 Auckland Uniservices Limited Improvements to the control of networks
CN102315971A (en) 2011-09-28 2012-01-11 北京东土科技股份有限公司 Network equipment modeling method based on IEC-61850 standard
US10270755B2 (en) 2011-10-03 2019-04-23 Verisign, Inc. Authenticated name resolution
US8938528B2 (en) * 2011-11-08 2015-01-20 Hitachi, Ltd. Computer system, and method for managing resource pool information
GB2497932A (en) 2011-12-21 2013-07-03 Ibm Network device modelling of configuration commands to predict the effect of the commands on the device.
EP2803168B1 (en) 2012-01-09 2015-10-21 Telefonaktiebolaget LM Ericsson (PUBL) Network device control in a software defined network
WO2013110742A1 (en) 2012-01-26 2013-08-01 Siemens Aktiengesellschaft Controller and method for controlling communication services for applications on a physical network
US9559948B2 (en) 2012-02-29 2017-01-31 Dell Products, Lp System and method for managing unknown flows in a flow-based switching device
CN104170330B (en) 2012-03-16 2018-07-17 诺基亚通信公司 Method and apparatus for communication
WO2013177311A1 (en) 2012-05-23 2013-11-28 Observable Networks, Llc System and method for continuous device profiling (cdp)
US20140052877A1 (en) 2012-08-16 2014-02-20 Wenbo Mao Method and apparatus for tenant programmable logical network for multi-tenancy cloud datacenters
US9038151B1 (en) 2012-09-20 2015-05-19 Wiretap Ventures, LLC Authentication for software defined networks
US9246847B2 (en) 2012-12-17 2016-01-26 Telefonaktiebolaget L M Ericsson (Publ) Extending the reach and effectiveness of header compression in access networks using SDN
US8869236B1 (en) 2013-01-11 2014-10-21 Shoretel, Inc. Automatic configuration of a network device
US9047143B2 (en) 2013-03-15 2015-06-02 Cisco Technology, Inc. Automation and programmability for software defined networking systems
US9450817B1 (en) 2013-03-15 2016-09-20 Juniper Networks, Inc. Software defined network controller
WO2014205119A1 (en) 2013-06-18 2014-12-24 The Regents Of The University Of Colorado, A Body Corporate Software-defined energy communication networks
US20150172192A1 (en) 2013-12-12 2015-06-18 International Business Machines Corporation Software-defined networking physical controller
US20150169345A1 (en) 2013-12-18 2015-06-18 International Business Machines Corporation Software-defined networking (sdn) for management of traffic between virtual processors
US9742632B2 (en) 2013-12-27 2017-08-22 Intel Corporation Hybrid SDN controller
US9407541B2 (en) 2014-04-24 2016-08-02 International Business Machines Corporation Propagating a flow policy by control packet in a software defined network (SDN) based network
US10027536B2 (en) 2014-06-25 2018-07-17 Futurewei Technologies, Inc. System and method for affinity-based network configuration
AU2015296248B2 (en) 2014-07-30 2018-01-18 Forward Networks, Inc. Systems and methods for network management
US9398081B2 (en) 2014-08-20 2016-07-19 Futurewei Technologies, Inc. Automating client development for network APIs
US9686162B2 (en) 2014-10-17 2017-06-20 International Business Machines Corporation Identifying configuration inconsistency in edge-based software defined networks (SDN)
US9565135B2 (en) 2014-10-31 2017-02-07 Futurewei Technologies, Inc. System and method for service chaining with tunnel chains in software defined network
US10389573B2 (en) 2014-11-14 2019-08-20 Apstra, Inc. Configuring a network
US9584477B2 (en) 2015-02-26 2017-02-28 International Business Machines Corporation Packet processing in a multi-tenant software defined network (SDN)
US9756121B2 (en) 2015-06-24 2017-09-05 International Business Machines Corporation Optimizing routing and load balancing in an SDN-enabled cloud during enterprise data center migration

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20090254639A1 (en) * 2004-01-07 2009-10-08 Microsoft Corporation Configuring network settings using portable storage media
US20060190570A1 (en) * 2005-02-19 2006-08-24 Cisco Technology, Inc. Techniques for zero touch provisioning of edge nodes for a virtual private network
US20090165099A1 (en) * 2007-12-21 2009-06-25 Avigdor Eldar Provisioning active management technology (amt) in computer systems
US9760528B1 (en) * 2013-03-14 2017-09-12 Glue Networks, Inc. Methods and systems for creating a network

Also Published As

Publication number Publication date
US9760528B1 (en) 2017-09-12

Similar Documents

Publication Publication Date Title
US20170329739A1 (en) Methods and systems for loading a boot agent on a router network device
US11228648B2 (en) Internet of things (IOT) platform for device configuration management and support
US9369357B2 (en) Method, system, and computer readable medium for remote device management
US10938855B1 (en) Systems and methods for automatically and securely provisioning remote computer network infrastructure
EP2973147B1 (en) Policy-based secure web boot
US9342381B2 (en) Method and system for establishing a DLP-compliant environment
US9928082B1 (en) Methods and systems for remote device configuration
CN107534647B (en) Systems, computing devices, and storage media for delivering startup scripts
US9240977B2 (en) Techniques for protecting mobile applications
JP2019522282A (en) Secure configuration of cloud computing nodes
US12174961B2 (en) Automated ephemeral context-aware device provisioning
US12277424B2 (en) Cloud-based provisioning of UEFI-enabled systems
US20190089545A1 (en) Thresholds on scripts executable by unified extensible firmware interface systems
US9483287B2 (en) Communication infrastructure for virtual machines
Zhang et al. Capture: Centralized library management for heterogeneous {IoT} devices
CN100583038C (en) Method, system and apparatus for launching an interface with an electronic device
US11765024B2 (en) Automatic provisioning of a computing device with operating system and network processing functions
EP4018629B1 (en) Desktop virtualization with a dedicated cellular network connection for client devices
CN113906392A (en) System and method for providing different versions of virtual applications
RU2573782C1 (en) System and method of setting up computer system according to security policy
Si et al. EmuIoTNet: An Emulated IoT Network for Dynamic Analysis
Van Methods and systems for remote device configuration
EP3308263B1 (en) Security of virtual desktop infrastructure clones
Choi et al. Cisco Wireless LAN Controller Upgrading Playbook
Both NetworkManager

Legal Events

Date Code Title Description
AS Assignment

Owner name: GLUE NETWORKS, INC., CALIFORNIA

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNORS:VAN, OLIVIER HUYNH;LOCKEN, JACOB ENOCH;REEL/FRAME:043591/0416

Effective date: 20130314

Owner name: GLUWARE, INC., CALIFORNIA

Free format text: CHANGE OF NAME;ASSIGNOR:GLUE NETWORKS, INC.;REEL/FRAME:043865/0049

Effective date: 20170818

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION