To effectively operate and maintain a network infrastructure, network assets must be efficiently detected and managed. A network asset, as that term is used herein, refers to any resource that can be used on a network. Such a network asset may be a “hard” asset such as, for example, a personal computer or a printer, or a “soft” asset such as, for example, a software application.
In conventional systems for detecting and managing network assets, multiple independent systems are employed to acquire and store various information related to network assets. Such independent systems may include “asset detection systems” and “asset repositories.” An asset detection system, as that term is used herein, refers to a system that automatically detects and registers assets. An asset repository, as that term is used herein, refers to a system in which assets are manually registered and recorded.
An exemplary conventional system for detecting and managing network assets is shown in FIG. 1. As shown, asset detection and monitoring system 100 includes multiple independent systems 120–150 connected to network 110. Multiple independent systems 120–150 include network and system monitoring tools 120, intrusion detection tools 130, digital asset management (DAM) system 140, and grid information service (GIS) 150. Network and system monitoring tools 120 and intrusion detection tools 130 are example of asset detection systems. DAM 140 and GIS 150 are examples of asset repositories.
Network and system monitoring tools 120 are typically employed to monitor a network and/or system for the appearance of new assets. Upon detection of a new asset, network and system monitoring tools 120 automatically register the asset by acquiring registration information from the asset. For a hard asset, such registration information generally includes information such as a number of central processing units (CPU's) operating at the asset or an amount of memory available at the asset. For a soft asset, such registration information generally includes information such as licensing information and information about the device on which the soft asset can be deployed. Such information about the device on which the soft asset is deployed may be acquired by examining a digital signature that is correlated with a digital certificate issued to the corresponding soft asset. Network “sniffers” may be employed to detect such digital signatures and acquire network information to determine the actual deployed location of a soft asset. A unique identifier such as, for example, an integer or a string may also be assigned to the asset.
Intrusion detection tools 130 are typically employed to detect assets and monitor such assets for an intrusion or security breach. Like network and system monitoring tools 120, intrusion detection tools 130 monitor a network and/or system for new assets, and automatically register such new assets. Intrusion detection tools 130 also monitor detected assets for an intrusion or security breach. If an intrusion or breach is detected, detection tool 130 may generate an alert including an identification of the breached asset. A network or system administrator may then suspend current applications of the breached asset and prevent the breached asset from executing new applications.
DAM system 140 is typically employed as a centralized repository for digital files that enables digital content to be archived, searched and retrieved. Digital content may be stored in databases, which are examples of “asset repositories.” Metadata corresponding to the digital content such as photo captions, article key words, advertiser names, contact names, file names or low-resolution thumbnail images is stored in separate databases, that may be referred to as “media catalogs.” Such media catalogs refer to items in the asset repositories. Assets are manually registered in the DAM system.
GIS 150 is also typically employed as a centralized repository for assets on a grid. A grid is a collection of distributed computing infrastructure resources, such as, for example, processors, memory, storage, and services that are available over a local area network (LAN) or wide area network (WAN). GIS 150 provides information such as, for example, the availability, location, functionality and capacity of such resources, so that such resources appear to an end user or application as one large virtual computing system. GIS 150 may be used to monitor assets on the grid and to produce reports relating to selected assets.
Such independent systems 120–150 perform several identical operations. For example, both network and system monitoring tools 120 and intrusion detection tools 130 serve as asset detection systems, and both DAM 140 and GIS 150 serve as asset repositories. However, conventional asset detection and management systems do not include an interface for exchanging identical information among independent component systems 120–150. Such an interface would offer several advantages. For example, such an interface would eliminate the duplicative acquisition of identical registration information by asset detection systems 120–130. Furthermore, such an interface would enable registration information to be automatically acquired by an asset detection system 120–130 and electronically reported to an asset repository 140–150. Thus, registration information would no longer need to be manually entered into asset repositories 140–150.
In addition to electronically reporting registration information, such an interface could be used to electronically verify registration information. Specifically, asset detection systems 120–130 could compare acquired registration information with registration information stored in asset repositories 140–150, and, if inconsistencies are detected, an error message could be generated. Such verification of registration information would be particularly advantageous for asset repositories 140–150 that require registration information to be manually entered and are thus susceptible to human errors.
Furthermore, such an interface could be used to enable independent systems to query one another. For example, GIS 150 could query the DAM 140 to obtain information regarding digital licenses. Thus, there is a need in the art for such an interface between multiple independent systems 120–150.