As computer networks become more common in private, commercial, institutional, and governmental settings, as well as other settings, the need to secure local networks against infiltration or attack from external entities has become increasingly important. For example, local networks often have a gateway or other entity through which clients on the local network may access a wide area network (WAN) such as the Internet. This arrangement is beneficial for many reasons. In a commercial setting, for example, a commercial enterprise may wish its employees to have access to the Internet for business reasons, but may want to control or monitor that access. The gateway can perform such controlling or monitoring functions. In addition, with all computers on the local network being exposed to the Internet via only one or a few portals, network administrators can more easily monitor threats or suspicious activity impinging on the local area network from the Internet.
Increasingly, hardware gateway devices, such as Internet Gateway Devices (IGDs) are being preferred over software gateways, such as are sometimes deployed on servers that serve as gateways. The reasons for the current prevalence of hardware devices in this role are many, but some of the primary advantages of hardware gateway devices include acquisition cost and cost of deployment.
Nonetheless, such hardware gateways or other hardware points of egress and entry cannot perform properly to safeguard or monitor the local network unless they are first identified and properly configured. In particular, network environments vary greatly in terms of structure and layout, and the type of communications that may be considered to be suspect varies from one network environment to another as well. For this reason, hardware network gateways and other hardware access points to the local network are typically configured upon installation prior to being pressed into service. Currently, discovery and configuration of hardware gateways, as well as reconfiguration of such devices, has been performed manually. For example, a network administrator may be aware of a newly installed device and will specifically communicate with and configure that device, such as via a configuration application over the local network. Not only does this require the administrator to be aware of the deployed hardware gateways, but in addition the administrator must be knowledgeable regarding the particular configuration routine and requirements of each device.