Patent Grant
9928082
Many network devices, such as routers or switches, may require configuration in order to function. For example, in the context of a complex, secure corporate network, the network devices may be configured to interact with one another. Systems and methods described herein may enable a network device to be provisioned with a complex configuration in a zero touch manner by causing a boot agent to be loaded on the network device. Once the boot agent has been loaded, it may enable the network device to connect to a provisioning engine, which may be part of a data center, for example. The provisioning engine may take over and fully provision the device. This provisioning may be accomplished without trained IT staff at the remote network device location.
Systems and methods described herein may comprise one or more computers. A computer may be any programmable machine capable of performing arithmetic and/or logical operations. In some embodiments, computers may comprise processors, memories, data storage devices, and/or other commonly known or novel components. These components may be connected physically or through network or wireless links. Computers may also comprise software which may direct the operations of the aforementioned components. Computers may be referred to with terms that are commonly used by those of ordinary skill in the relevant arts, such as servers, PCs, mobile devices, routers, switches, data centers, and other terms. Computers may facilitate communications between users and/or other computers, may provide databases, may perform analysis and/or transformation of data, and/or perform other functions. It will be understood by those of ordinary skill that those terms used herein are interchangeable, and any computer capable of performing the described functions may be used. For example, though the term “router” may appear in the following specification, the disclosed embodiments are not limited to routers.
Computers may be linked to one another via a network or networks. A network may be any plurality of completely or partially interconnected computers wherein some or all of the computers are able to communicate with one another. It will be understood by those of ordinary skill that connections between computers may be wired in some cases (i.e. via Ethernet, coaxial, optical, or other wired connection) or may be wireless (i.e. via Wi-Fi, WiMax, or other wireless connection). Connections between computers may use any protocols, including connection oriented protocols such as TCP or connectionless protocols such as UDP. Any connection through which at least two computers may exchange data can be the basis of a network.
The systems and methods described herein may be related to the teachings of U.S. patent application Ser. No. 12/634,536, “SYSTEM AND METHOD FOR PROVIDING VIRTUAL PRIVATE NETWORKS” filed Dec. 9, 2009 (published as US 2010/0142410); U.S. patent application Ser. No. 12/471,199, “REGIONAL VIRTUAL VPN” filed May 22, 2009 (published as US 2009/0304004); and U.S. patent application Ser. No. 12/471,179, “GLOBAL VIRTUAL VPN” filed May 22, 2009 (published as US 2009/0304003), the entirety of each of which is incorporated by reference herein.
In the network 100 shown in
In 210, when the startup.cfg runs it may look for the presence of a boot agent configuration file (indicated throughout by “agent-boot.cfg”, although other file names may be used) on a USB key. The USB key may also hold additional files, for example an agent-connect file and agent-boot.ini file, which are described in greater detail below. If no USB key is found, or if the agent-boot.cfg file is not found on the USB key, in 220 the startup.cfg may continue to run and the network device 150 may power up with basic, unsecured, un-configured Internet access. If the agent-boot.cfg file is found on the USB key, in 215 the network device 150 may execute that config (cfg) file and may not continue with the default startup.cfg. Execution of the boot agent config file is described in greater detail below with respect to
If no USB key is present, in 220 the network device 150 may boot the startup.cfg file and configure basic internet access. Once the network device 150 has basic internet connectivity, in 225 another computer 130 may begin interfacing with the network device 150. For example, an end user may connect a laptop to one of the LAN ports on the network device 150 and then access their email on the laptop. The user may have been sent an email with instructions containing a URL. The user may be instructed to click on the URL. In response, in 230 the computer 130 may connect to a web server in a data center. In 235, the URL may cause a web page to be displayed and a Java applet or other executable program to be downloaded and executed. In some embodiments, the Java applet may be obtained and executed in some other fashion. In 240, the Java applet may download the agent-boot.cfg, and, in some embodiments, the agent-connect script and agent-boot.ini files to a memory in the network device 150, for example a flash memory. In 245, the Java applet may then overwrite the startup.cfg file with the agent-boot.cfg. Then, in 255, the Java applet may cause the network device 150 to reset. When the network device 150 resets, it may follow its standard boot process but because the startup.cfg has been replaced by agent-boot.cfg, in 215 the network device 150 may execute agent-boot.cfg. Once the boot agent config file is installed in 245, if, in 250, the network device 150 executes a hard reset, it will boot with the custom agent-boot.cfg config.
Once the discovery phase is complete and the information about the network device 150 is known, in 545 the script may determine if the network device 150 is connected to the internet. If it is connected to the internet, a provisioning method such as that described below with respect to
When no Internet connection is detected, in 550 the script looks for a boot agent initialization file that may have been injected as described above. In this example the file is called agent-boot.ini, although other file names may be possible. This file may contain the information required to be able to setup basic internet connectivity, for example the static IP address that must be injected onto the network device 150, or the DSL credentials required to get DSL service. If no agent ini file is found, the network device 150 may return to the injection process 200 described above and make another attempt to get the needed files. If the agent ini file is found, in 555 the network device 150 may configure internet connectivity using the data from the agent ini file. Then, in 545, the network device 150 may determine whether it is connected to the internet and move on to provisioning if so.
The agent-boot.cfg file and the agent-connect script may be generic files which may be used in all scenarios. The agent-boot.ini may be customized and injected on a case by case basis for each network device 150. This may be done automatically as follows. When a request is made, for example to a data center, to create a new network device 150, a workflow engine may detect if the configuration uses a standard ethernet network device 150 or a variant using DSL or 3G. It may also detect whether the network device 150 will have a dynamic IP address or will require a static address. If the configuration is for a standard ethernet network device 150 with dynamic IP, then no special data may be required for the agent-boot.ini. If the network device 150 requires DSL, 3G, a fixed IP address, and/or some other special configuration, a specific cvo-boot.ini file may be generated and injected along with the agent-boot.cfg and agent-connect files.
Once agent-connect has processed the agent-boot.ini data to set any custom settings for the network device 150, the network device 150 should have internet connectivity and can start provisioning, as described below.
Once the request to the data center for the provisioning to start has been made, the data center may take over and dynamically build and download the configuration required by the network device 150 based upon a template that was specified in the portal and the information determined in the discovery phase. For example, in 625 an agent connect engine may connect to the network device 150. In 630, the agent connect engine may provision the network device 150. In 635, an agent connect configuration may be set as a running config. The running configuration may be loaded whenever the network device 150 is powered on or reset. In 640, the agent config may be set as a config for a reset action. Thus, agent-boot.cfg config may be the config that will be loaded whenever the network device 150 is made to perform a hard reset, for example. These processes are described in greater detail in U.S. patent application Ser. No. 12/634,536, “SYSTEM AND METHOD FOR PROVIDING VIRTUAL PRIVATE NETWORKS” filed Dec. 9, 2009 (published as US 2010/0142410). In 645, it may be determined that the network device 150 is operational. At this point, the network device 150 may be fully provisioned and may now be part of a secure corporate network. In case of future network device 150 power on or reset, in 650 the agent connect start up process may be initiated. Whenever the network device 150 powers on or has hard reset, it may follow the provisioned boot process and may connect back to the data center to check if it has the correct configuration or if any config updates are available.
The provisioning engine 120 may comprise a library of scripts (methods, applications, APIs, etc.) which may be used in the agent-connect script to interact with the network device 150 and the data center. These scripts may use encrypted traffic between the network device 150 and the data center so that data can be exchanged, requests can be made, and so that status information can be passed back to the data center for monitoring and logging purposes. These scripts may provide an API into the data center that can be used by the script to access capabilities of the data center.
The systems and methods described above may provide at least the following features, as well as additional features described above.
While various embodiments have been described above, it should be understood that they have been presented by way of example and not limitation. It will be apparent to persons skilled in the relevant art(s) that various changes in form and detail can be made therein without departing from the spirit and scope. In fact, after reading the above description, it will be apparent to one skilled in the relevant art(s) how to implement alternative embodiments.
In addition, it should be understood that any figures which highlight the functionality and advantages are presented for example purposes only. The disclosed methodology and system are each sufficiently flexible and configurable such that they may be utilized in ways other than that shown.
Although the term “at least one” may often be used in the specification, claims and drawings, the terms “a”, “an”, “the”, “said”, etc. also signify “at least one” or “the at least one” in the specification, claims and drawings.
Finally, it is the applicant's intent that only claims that include the express language “means for” or “step for” be interpreted under 35 U.S.C. 112, paragraph 6. Claims that do not expressly include the phrase “means for” or “step for” are not to be interpreted under 35 U.S.C. 112, paragraph 6.
This application claims the benefit of U.S. Provisional Patent Application No. 61/803,205, filed Mar. 19, 2013, which is incorporated by reference in its entirety.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5594792 | Chouraki et al. | Jan 1997 | A |
| 6061721 | Ismael et al. | May 2000 | A |
| 6105131 | Carroll | Aug 2000 | A |
| 6175917 | Arrow | Jan 2001 | B1 |
| 6286038 | Reichmeyer | Sep 2001 | B1 |
| 6335926 | Silton | Jan 2002 | B1 |
| 6438690 | Patel et al. | Aug 2002 | B1 |
| 6513159 | Dodson | Jan 2003 | B1 |
| 6571285 | Groath et al. | May 2003 | B1 |
| 6640251 | Wiget et al. | Oct 2003 | B1 |
| 6715073 | An et al. | Mar 2004 | B1 |
| 6826611 | Arndt | Nov 2004 | B1 |
| 6879679 | Ong | Apr 2005 | B1 |
| 6892300 | Carroll et al. | May 2005 | B2 |
| 6931526 | Bacha et al. | Aug 2005 | B1 |
| 6966060 | Young et al. | Nov 2005 | B1 |
| 7054924 | Harvey et al. | May 2006 | B1 |
| 7075933 | Aysan | Jul 2006 | B2 |
| 7305479 | Morris et al. | Dec 2007 | B1 |
| 7352853 | Shen et al. | Apr 2008 | B1 |
| 7373661 | Smith | May 2008 | B2 |
| 7376653 | Hart | May 2008 | B2 |
| 7397911 | Shen et al. | Jul 2008 | B2 |
| 7409709 | Smith | Aug 2008 | B2 |
| 7411955 | Li et al. | Aug 2008 | B2 |
| 7420933 | Booth, III et al. | Sep 2008 | B2 |
| 7447901 | Sullenberger | Nov 2008 | B1 |
| 7535856 | Booth, III et al. | May 2009 | B2 |
| 7593352 | Verma | Sep 2009 | B2 |
| 7600011 | Urbanek | Oct 2009 | B1 |
| 7602737 | Asati et al. | Oct 2009 | B2 |
| 7636771 | Torii | Dec 2009 | B2 |
| 7643434 | Mandavilli et al. | Jan 2010 | B2 |
| 7660265 | Kreuk | Feb 2010 | B2 |
| 7801030 | Aggarwal et al. | Sep 2010 | B1 |
| 7869436 | Adler et al. | Jan 2011 | B1 |
| 7940916 | Baker et al. | May 2011 | B2 |
| 8041786 | Tindal et al. | Oct 2011 | B2 |
| 8055891 | Haustein et al. | Nov 2011 | B2 |
| 8140642 | Kadam et al. | Mar 2012 | B1 |
| 8370933 | Buckler | Feb 2013 | B1 |
| 8693371 | Duggan et al. | Apr 2014 | B2 |
| 8701078 | Holler et al. | Apr 2014 | B1 |
| 8782182 | Chaturvedi et al. | Jul 2014 | B2 |
| 8819202 | Carolan et al. | Aug 2014 | B1 |
| 8849973 | Leib et al. | Sep 2014 | B2 |
| 8869236 | Tonogai et al. | Oct 2014 | B1 |
| 9037969 | Wolff-Petersen et al. | May 2015 | B2 |
| 9038151 | Chua et al. | May 2015 | B1 |
| 9178807 | Chua et al. | Nov 2015 | B1 |
| 9264301 | Chua et al. | Feb 2016 | B1 |
| 9276877 | Chua et al. | Mar 2016 | B1 |
| 9407541 | Barabash et al. | Aug 2016 | B2 |
| 9450817 | Bahadur et al. | Sep 2016 | B1 |
| 20020112048 | Gruyer et al. | Aug 2002 | A1 |
| 20020184388 | Yaseen et al. | Dec 2002 | A1 |
| 20020186664 | Gibson | Dec 2002 | A1 |
| 20020191548 | Ylonen | Dec 2002 | A1 |
| 20030076837 | Whitehill et al. | Apr 2003 | A1 |
| 20030135508 | Chorafakis | Jul 2003 | A1 |
| 20030169730 | Narasimhan et al. | Sep 2003 | A1 |
| 20040028212 | Lok et al. | Feb 2004 | A1 |
| 20040059831 | Chu et al. | Mar 2004 | A1 |
| 20040078373 | Ghoneimy et al. | Apr 2004 | A1 |
| 20040083379 | Neuman et al. | Apr 2004 | A1 |
| 20040187127 | Gondi et al. | Sep 2004 | A1 |
| 20040261116 | Mckeown et al. | Dec 2004 | A1 |
| 20050022208 | Bolar et al. | Jan 2005 | A1 |
| 20050138634 | Luty et al. | Jun 2005 | A1 |
| 20050198221 | Manchester | Sep 2005 | A1 |
| 20050256732 | Bauer et al. | Nov 2005 | A1 |
| 20060050862 | Shen et al. | Mar 2006 | A1 |
| 20060074732 | Shukla et al. | Apr 2006 | A1 |
| 20060080425 | Wood et al. | Apr 2006 | A1 |
| 20060112182 | Chen et al. | May 2006 | A1 |
| 20060180709 | Breton et al. | Aug 2006 | A1 |
| 20060184998 | Smith | Aug 2006 | A1 |
| 20060187854 | Booth, III et al. | Aug 2006 | A1 |
| 20060187855 | Booth, III et al. | Aug 2006 | A1 |
| 20060187856 | Booth, III et al. | Aug 2006 | A1 |
| 20060187937 | Townsley et al. | Aug 2006 | A1 |
| 20060190570 | Booth, III et al. | Aug 2006 | A1 |
| 20060206702 | Fausak | Sep 2006 | A1 |
| 20060248139 | Sundar | Nov 2006 | A1 |
| 20060259963 | Maxwell | Nov 2006 | A1 |
| 20060268829 | Nedeltchev | Nov 2006 | A1 |
| 20070011126 | Conner et al. | Jan 2007 | A1 |
| 20070115990 | Asati et al. | May 2007 | A1 |
| 20070130192 | Bolder et al. | Jun 2007 | A1 |
| 20070136788 | Monahan et al. | Jun 2007 | A1 |
| 20070165540 | Elias et al. | Jul 2007 | A1 |
| 20070206597 | Asati et al. | Sep 2007 | A1 |
| 20070253384 | Kanagala | Nov 2007 | A1 |
| 20070260575 | Robinson et al. | Nov 2007 | A1 |
| 20070271451 | Fluhrer | Nov 2007 | A1 |
| 20080037656 | Hannuksela | Feb 2008 | A1 |
| 20080052758 | Byrnes | Feb 2008 | A1 |
| 20080062997 | Nix | Mar 2008 | A1 |
| 20080075090 | Farricker | Mar 2008 | A1 |
| 20080117902 | Vinneras | May 2008 | A1 |
| 20080172440 | Jagannathan | Jul 2008 | A1 |
| 20080177868 | Zilbershtein et al. | Jul 2008 | A1 |
| 20080189757 | Schackow et al. | Aug 2008 | A1 |
| 20080232379 | Mohamed | Sep 2008 | A1 |
| 20080281953 | Blaisdell | Nov 2008 | A1 |
| 20080298367 | Furukawa | Dec 2008 | A1 |
| 20090044253 | Interlandi et al. | Feb 2009 | A1 |
| 20090046729 | Nagata | Feb 2009 | A1 |
| 20090059814 | Nixon et al. | Mar 2009 | A1 |
| 20090067440 | Chadda et al. | Mar 2009 | A1 |
| 20090073995 | Pandey et al. | Mar 2009 | A1 |
| 20090097417 | Asati et al. | Apr 2009 | A1 |
| 20090161679 | Yang | Jun 2009 | A1 |
| 20090254639 | Manchester | Oct 2009 | A1 |
| 20090282129 | Tindal | Nov 2009 | A9 |
| 20090304003 | Huynh | Dec 2009 | A1 |
| 20090304004 | Huynh Van et al. | Dec 2009 | A1 |
| 20100042725 | Jeon et al. | Feb 2010 | A1 |
| 20100054245 | Asati | Mar 2010 | A1 |
| 20100142410 | Huynh Van et al. | Jun 2010 | A1 |
| 20100180016 | Bugwadia | Jul 2010 | A1 |
| 20100226280 | Burns | Sep 2010 | A1 |
| 20100226372 | Watanabe | Sep 2010 | A1 |
| 20100241698 | Hillerbrand | Sep 2010 | A1 |
| 20110013641 | Kolhi et al. | Jan 2011 | A1 |
| 20110176531 | Rune et al. | Jul 2011 | A1 |
| 20110276636 | Cheng et al. | Nov 2011 | A1 |
| 20110286384 | Sugimoto et al. | Nov 2011 | A1 |
| 20110289261 | Candelaria | Nov 2011 | A1 |
| 20120046058 | Vesterinen et al. | Feb 2012 | A1 |
| 20120057463 | Hurtta | Mar 2012 | A1 |
| 20120084423 | McGleenon | Apr 2012 | A1 |
| 20120089700 | Safruti et al. | Apr 2012 | A1 |
| 20120218993 | Masaki | Aug 2012 | A1 |
| 20120250516 | Aggarwal et al. | Oct 2012 | A1 |
| 20120265324 | Colombo et al. | Oct 2012 | A1 |
| 20130060929 | Koponen et al. | Mar 2013 | A1 |
| 20130085914 | McPherson | Apr 2013 | A1 |
| 20130117427 | Amano et al. | May 2013 | A1 |
| 20130223442 | Narayanan et al. | Aug 2013 | A1 |
| 20130279336 | Woelker | Oct 2013 | A1 |
| 20140052877 | Mao | Feb 2014 | A1 |
| 20140136394 | Messina et al. | May 2014 | A1 |
| 20140143419 | Vyatkin et al. | May 2014 | A1 |
| 20140169158 | Mishra et al. | Jun 2014 | A1 |
| 20140223530 | Nedeltchev et al. | Aug 2014 | A1 |
| 20140282628 | Pruss et al. | Sep 2014 | A1 |
| 20140371941 | Keller et al. | Dec 2014 | A1 |
| 20140372617 | Houyou et al. | Dec 2014 | A1 |
| 20150023210 | Kis | Jan 2015 | A1 |
| 20150058412 | Hillerbrand | Feb 2015 | A1 |
| 20150169345 | DeCusatis et al. | Jun 2015 | A1 |
| 20150172195 | DeCusatis et al. | Jun 2015 | A1 |
| 20150188772 | Gasparakis | Jul 2015 | A1 |
| 20150229709 | Pruss et al. | Aug 2015 | A1 |
| 20150347175 | DeCusatis et al. | Dec 2015 | A1 |
| 20160036636 | Erickson et al. | Feb 2016 | A1 |
| 20160057207 | Li et al. | Feb 2016 | A1 |
| 20160112246 | Singh et al. | Apr 2016 | A1 |
| 20160112269 | Singh et al. | Apr 2016 | A1 |
| 20160127181 | Li et al. | May 2016 | A1 |
| 20160142243 | Karam et al. | May 2016 | A1 |
| 20160255051 | Williams et al. | Sep 2016 | A1 |
| 20160381124 | Hwang et al. | Dec 2016 | A1 |
| Number | Date | Country |
|---|---|---|
| 102315971 | Jan 2012 | CN |
| 2000-209239 | Jul 2000 | JP |
| 2011-199623 | Oct 2011 | JP |
| WO-2004090672 | Oct 2004 | WO |
| WO-2013093702 | Jun 2013 | WO |
| WO-2013177311 | Nov 2013 | WO |
| Entry |
|---|
| International Search Report issued in International Application No. PCT/US2009/045155, dated Jul. 6, 2009. |
| Written Opinion issued in International Application No. PCT/US2009/045155, dated Jul. 6, 2009. |
| International Search Report issued in International Application No. PCT/US2009/045159, dated Aug. 24, 2009. |
| Written Opinion issued in International Application No. PCT/US2009/045159, dated Aug. 24, 2009. |
| International Search Report issued in International Application No. PCT/US2009/045159, dated Sep. 24, 2009. |
| Written Opinion issued in International Application No. PCT/US2009/045159, dated Sep. 24, 2009. |
| B. Weis, “Group Domain of Interpretation (GDOI) Support for RSVP”, MSEC Working Group, Internet-Draft, Jun. 21, 2007 [retrieved Aug. 15, 2009], http://www.watersprings.com/pub/id/draft-weis-gdoi-for-rsvp-00.txt. |
| International Search Report issued in International Application No. PCT/US2009/067384, dated Jul. 20, 2010. |
| Written Opinion issued in International Application No. PCT/US2009/067384, dated Jul. 20, 2010. |
| “OSGI Alliance”, printed from http://www.osgi.org, on Sep. 26, 2014 (2 pages). |
| “Equinox Framework QuickStart Guide” printed from http://www.eclipse.org/equinox/documents/quickstart-framework.php, on Sep. 26, 2014 (5 pages). |
| “Human Machine Interface machine interface, on (HMI)” httpL//en.wikipedia.org/wiki/Human-machine_interface, on Sep. 26, 2014, Last updated Sep. 20, 2014 (2 pages). |
| File History of U.S. Appl. No. 12/471,179. |
| File History of U.S. Appl. No. 12/471,199. |
| File History of U.S. Appl. No. 14/325,7570. |
| Cisco, “Cisco IOS IP Routing: BFD Configuration Guide”, Release 15.1, 2010, Cisco System, Inc. retrieved from http://www.cisco.com/cl/en.us/td/docs/ios/iproute_bfd/configuration/guide/15_1/irb_15_1_book.pdf, 110 pages. |
| Oscar Mejia, “How to Create a Command Line Program with NodeJS”, Aug. 5, 2012, retrieved from https://web.archive.org/web/20130314232203/http://oscar-mejia.com/blog.how-to-create-a-command-line-program-with-nodejs/ (8 pages). |
| George Ornbo, “Command Line Utilities with Node.js”, Jan. 2, 2014, retrieved from http://shapeshed.com/commandlineutilitieswithnodejs/ (4 pages. |
| “Command Line JavaScript”, Oct. 15, 2012, retrieved from http://web.archive.org/web/20121015021129/http://javascript.cs.lmu.edu.notes/commandlinejs (8 pages). |
| File History of U.S. Appl. No. 12/634,536. |
| File History of U.S. Appl. No. 13/830,801. |
| English language abstract of CN-102315971 published Jan. 11, 2012. |
| English language abstract of JP-2000-209239 published Jul. 28, 2000. |
| English language abstract of JP-2011-199623 published Oct. 6, 2011. |
| File History of U.S. Appl. No. 13/830,737. |
| File History of U.S. Appl. No. 14/017,696. |
| File History of U.S. Appl. No. 14/219,685. |
| File History of U.S. Appl. No. 14/325,757. |
| File History of U.S. Appl. No. 14/490,424. |
| File History of U.S. Appl. No. 14/997,119. |
| File History of U.S. Appl. No. 15/056,776. |
| File History of U.S. Appl. No. 15/078,267. |
| Number | Date | Country | |
|---|---|---|---|
| 61803205 | Mar 2013 | US |
