The challenges of remotely administering networked devices are twofold. First, there must exist a means of remotely carrying out an action at a networked device. Second, and no less importantly, there must exist a means of identifying at which networked devices the action is to be carried out. This second challenge has traditionally been met with purely manual steps on the part of the person performing the administration. For instance, an administrator might add a device to a group of devices where a specific administrative action is to be carried out.
Often the actions that are to be carried out on a networked device are not associated with the device's identity or name, but rather with its properties, or configuration. For instance, the administrator of a networked device may want the ability to take a certain action on all devices that have a certain software application, hard-disk configuration, CPU manufacturer, network configuration, disk-space situation, memory configuration, etc.
Various methods exist for collecting and tracking this configuration information. Some methods of identifying devices and device configurations include sending out an inventory or asset query. Such queries go out to every device and collect hardware, software, and other configuration settings. This data is subsequently reported back to a central database where the administrator can run various reports on the data to understand the state of the devices. Such a query is valid for that point in time only. As soon as a single device configuration changes, the query is no longer valid. Further, because the configuration data is harvested centrally in one step and then queried as a second step, these methods do not allow administrators to perform actions on devices based on their exact configuration at the point the action is to be carried out.
Another method of identifying devices and device configurations has been on the basis of specific software applications or patches. Under such a method, the software application or patch installation includes a means for identifying the devices to which the application or patch applies. For instance, a company that publishes anti-virus software might provide customers with an automated means of identifying the computers that are not guarded against the latest viruses so that this security lapse can automatically be corrected. Such approaches are limited to the configurations and actions that apply to the installation or patch. They are thus insufficient for the many diverse actions administrators potentially need to carry out on networked devices.
Thus, there is a need for systems and methods to assist administrators in performing many diverse actions on networked devices.