The growth of the Internet and other networks has encouraged many businesses to connect multiple facilities to exchange data. These facilities are often quite numerous, and may be dispersed across large geographic areas. In turn, this typically requires installation of numerous gateways, routers, switches and other network control devices to route and/or control transmission of data among the various facilities. These devices may also perform important security functions. As but one example, some devices may act as firewalls to prevent unauthorized access to a business' computer network. Other devices may also (or alternatively) provide a Virtual Private Network (VPN) between facilities so as to prevent unauthorized access to communications between facilities. Some devices may act as proxy servers and provide access to the network, the Internet and to other networks for multiple individual work stations. Some devices may be configured to limit the types of network access available to a particular work station or group of workstations. Numerous routing, access control, security and other functions may also be performed.
The operation of each network control device is typically governed by operating system and application software that is stored on and executed by the device. These software (operating systems and applications) usually have a large number of configurable parameters which must be set to specific values for desired operation of the network device. Many of these parameter settings are often the same for a large group of devices in a network. Examples include server addresses, access policies, file transfer size restrictions, local time to be used, various procedures to follow in fault conditions, alarms to transmit, etc. Setting these parameters typically requires opening a connection with each device and using the Command Line Interface (CLI) or other command shell that allows entry of commands. Various commands are then issued to and executed by the device to set the software parameters. The form and syntax of those commands usually depends upon the version of the operating system or application software that is running on the device.
Remotely configuring numerous network control devices presents various problems for network management personnel. In large deployments of new devices, one or two of the devices are often taken to a laboratory or other facility and experimented upon to determine a standard configuration for the device. The software required for that configuration, as well as parameters for that software, are then noted. The remaining new devices are then physically placed in the network. From one or more remote locations, network personnel individually access each new device over the network and enter device-specific commands to configure the device in conformity with the standard configuration. This process is labor-intensive, time-consuming and expensive. Moreover, device-by-device configuration by a human operator generally requires tedious and repetitive command entry, and is subject to human error.
These problems may be more acute when reconfiguring multiple devices already installed within a network. For example, all devices in a group of network control devices may not be physically homogeneous. Devices may use different versions of operating system and/or application software. When it is necessary to reconfigure or adjust the configuration of the devices within the group, different software on the devices may require different settings and/or different commands to change the settings. This further complicates the task of network management personnel. In addition to accessing and configuring each individual device, the personnel must also identify the specific software that the device operates, as well as any other relevant device-specific information that could affect how the device is accessed and/or configured. The network personnel must then maintain a separate set of configuration data and/or instructions for each device/software combination, and must use the correct data and/or instruction set for each device. This additional complication can make the task even more time-consuming, expensive and error-prone.