Not applicable.
Not applicable.
Not applicable.
The present invention relates to the auditing of the configuration of elements in a network. More particularly, embodiments of the present invention provide a method for improving a reconciliation process to improve the accuracy of models of interconnected network elements using audit states.
Elements in computer and telecommunications networks are sometimes interconnected in highly complex configurations. To aid in the management of such networks, models are sometimes created that are intended to list all elements in a network and record the ways in which they are interconnected. As used herein, the term element refers to a large-scale physical device such as a switch or a router. The word component refers to a physical or logical part of an element such as a circuit card within a switch. The term resource is used generically to refer to an element, a component, a physical port within an element, a logical decomposition within a port such as a wavelength assignable within an optical port, or any unit within a network that can provide information about itself. A list of resources in use and/or available for use in a network can be referred to as an inventory. A description of the ways resources are configured, such as their assigned usage, the other resources to which they are connected, and their relationships to other resources, can be referred to as a topology. Collectively, an inventory and its associated topology constitute a network model. Changes can occur over time in both an actual network and in a network model representing that network. Ideally, every change in the actual network is matched by an equivalent, corresponding change in the network model. However, discrepancies can occur that cause a network model to no longer accurately depict the network it is intended to describe. This can decrease the effectiveness of the network model in managing the network.
The sources of such a misalignment between a network model and an actual network can be placed into two categories, process, or human-related, gaps and system gaps. Process gaps can include a failure to properly record the installation or removal of an element, failure to properly record changes to an element, failure to properly record changes to the links interconnecting network elements, failure to record or restore emergency network repairs, human errors and deviations from defined operational processes, operational process deficiencies in the handoff of work between administrative units, operational process deficiencies in handling exceptional conditions, and intentionally deceptive use of network resources. System gaps can include a lack of automated coordination between interdependent models, deficiencies in exchanging information among interdependent models, software defects that corrupt or fail to properly update data records, and system failures that corrupt data records.
Auditing of network elements can be done to discover possible misalignments between a network model and an actual network. For the purposes of this disclosure, the comprehensive audit and reconciliation approach is defined as having three portions. The auditing process can be defined as the collection of information about the actual status and configuration of network elements and components at a particular moment in time. The comparison process can be defined as the comparison of this actual information to the network model and the documentation of discrepancies between them. The reconciliation process can be defined as the resolution and corresponding elimination of the documented discrepancies between the actual information about the network and the network model.
Traditionally, auditing has been done by periodically querying network elements. Each element thought to be present on a network can be periodically checked by the sending of one or more verifying queries to the element. The queries are intended to invoke replies back from the element providing descriptive information to the originator so that a comparison can be made between the network model and the element""s interpreted responses. At a minimum, a response confirms the existence of an element. The content of a response can provide additional detail that can confirm or challenge specific details within a network model. A lack of a response raises a caution. For example, an audit system can use a mechanism such as the Internet Protocol xe2x80x9cpingxe2x80x9d command as an existence checking function. However, evidence that an element exists at a particular network address does not necessarily provide information regarding what type of element it is, how it is structured, what type of interface it supports, or how its interfaces are configured. In other query techniques, various standard protocols can be used to determine how an element responds. These additional responses received from the element can provide evidence of its identity, structure, and status. Based on the responses received, additional queries may be sent to the element to retrieve more information.
Information obtained from querying a network element can be compared to a network model. An element whose identify, structure, or status in the actual network differs from its identify, structure, or status in the network model can be referred to as a disputed resource. When an audit indicates that a disputed resource exists, the discrepancy has traditionally been recorded and reported for later resolution. Traditional resolution techniques have relied primarily on precedence rules ascribing a higher importance to either the actual network configuration (in which case, the network model is changed to match the network) or to the network model (in which case, the network itself is changed to match the network model).
In the normal course of operating a network, many different types of information about the configuration of elements of the network are created and distributed. Existing approaches to validating the accuracy of a network model do not make use of all available information types and methods of audit and reconciliation. The traditional audit and reconciliation technique is episodic and does not easily support a continuous audit and reconciliation process. Since an audit state model is not integrated with current inventory and topology models, the analysis of trends in the accuracy of a network model is not easily accomplished.
An embodiment of the invention is a method for auditing and reconciliation of a network with a network model. The method includes identifying an audit state for each resource of the network which is included in the network model. In the most preferred embodiment, the audit state can be an unconfirmed state, a confirmed state, or a suspect state. The audit state for each resource is stored and the stored audit state information is coupled with information regarding the resource associated with the network model. In various embodiments, this coupling may occur by storing the audit state information as additional fields in the primary data store for the network model or by storing the audit state information in a separate data store that is associated with the primary data store for the network model. A calculated value may be determined reflecting the aggregate audit states of all of the resources within an identified portion of the network model. The calculated value can be the best-case aggregate accuracy percentage, the worst-case aggregate accuracy percentage, or the presumed average aggregate accuracy percentage of the identified portion of the network model. The identified portion of the network model can comprise the entire network model.
In one embodiment, a reconciliation process can be started in the identified portion of the network model. A first comparison process can be started in which the results of the first reconciliation process are compared with the network model, the proper audit state for every compared resource is identified, and the stored audit state is modified for every resource whose proper audit state is different than the stored audit state. When the comparison process using the results of the first reconciliation process is complete, if the calculated value is below a defined threshold a second reconciliation process can be started. A second comparison process can be started in which the results of the second reconciliation process are compared with the network model, the proper audit state for every compared resource is identified, and the stored audit state is modified for every resource whose proper audit state is different than the stored audit state. The second reconciliation process can be more intrusive than the first. After the second comparison process, a third reconciliation process can be started if the calculated value after completion of the comparison process using the results of the first reconciliation process is below a defined threshold. A third comparison process can be started in which the results of the second reconciliation process are compared with the network model, the proper audit state for every compared resource is identified, and the stored audit state is modified for every resource whose proper audit state is different than the stored audit state. The second reconciliation process can be more intrusive than the first and the third can be more intrusive than the second. After the third comparison process, additional reconciliation processes with increasing intrusiveness and subsequent comparison processes can continue to be started until the calculated value after completion of the last comparison process meets a defined threshold.
In preferred embodiments, the subsequent reconciliation methods become increasingly more intrusive. In the basic sense, a first reconciliation process can be fully automated and a second reconciliation process can be not a fully automated process or can require manual supervision and guidance from somewhere in the network. In a more detailed preferred hierarchy, the following reconciliation processes are sequenced from less intrusive to more intrusive: a fully automated process that does not eliminate the availability of the audited systems or degrade the performance of the systems; a fully automated process that may not eliminate the availability of the audited systems but may degrade the performance of the systems; a fully automated process that may restrict the availability of portions of the audited systems during the time each system is being audited; a fully automated process that eliminates the availability of each of the audited systems during the time each system is being audited. In a further increase in intrusiveness, fully automated processes are considered less intrusive than processes which may require manual supervision and guidance from somewhere in the network. Manual supervision and guidance becomes even more intrusive when it is required that there be manual supervision and guidance from the site of the audited system. Many combinations of these processes may be selected for the first and second and/or first, second, and third processes, with the preference being that the less intrusive processes are tried before the more intrusive processes. Further, where the claims discuss the first and second process (or first, second, and third process) these only reflect their relative sequence to one another, and may not reflect the absolute sequence in an overall reconciliation effort (i.e. there may be reconciliation processes run prior to the xe2x80x9cfirstxe2x80x9d process or after the xe2x80x9csecondxe2x80x9d or xe2x80x9cthirdxe2x80x9d process).
In an alternative embodiment, the improvement in the calculated value may be considered in place of the absolute calculated value to provide a threshold for continuing more intrusive reconciliation or stopping the reconciliation process. In such an embodiment, the calculated value after completion of the first comparison process can be compared to the calculated value before the start of the first comparison process. If the improvement in the calculated value after completion of the comparison process is below a defined threshold, a second reconciliation process can be started. A second comparison process can be started in which the results of the second reconciliation process are compared with the network model, the proper audit state for every compared resource is identified, and the stored audit state is modified for every resource whose proper audit state is different than the stored audit state. This may be further modified by adding the additional actions of continuing to start additional reconciliation processes with increasing intrusiveness and subsequent comparison processes until the improvement in the calculated value after completion of the latest comparison process, as compared with the calculated value before starting the first comparison process, meets a defined threshold. In this embodiment the improvement is being monitored from before the present overall reconciliation had commenced. In a final embodiment, the improvement may be measured between subsequent steps in the overall reconciliation (e.g. the calculated value after completion of the second comparison process can be compared to the calculated value before the start of the second comparison process, and so on).