This invention relates to configuration management of network packet switches.
The development of different network technologies and the need to interconnect multiple packet networks each using different protocols led to the growth of inter-networking. The so-called xe2x80x9cInternetxe2x80x9d is an example of inter-networking. The Internet allows diverse computers on different physical networks to communicate, using a standard set of TCP/IP protocols. So-called xe2x80x9cIntranetsxe2x80x9d are another example of inter-networking. Intranets use the same set of TCP/IP protocols over a private network of computers. While the Internet is global, Intranets are private, often associated with a single firm or organization.
The private networks often employ different hardware configurations than the public networks. The different hardware configurations can affect the performance of the computer system in different ways. For example, the same user having administrative privileges on the networked computer system may have access to different functions when accessing the system through an internet service provider than when accessing the system through a private side access port. Thus, the hardware topology may limit the functionality of the system.
In one aspect of the invention, a network packet switch provides access to a network-based computer system. The network packet switch has a public access port and a private access port, and includes a computer-readable medium containing a computer program product for producing management objects that configure the network packet switch. The switch stores a set of management objects, determines attributes of an organization associated with one or more of the management objects, and defines a subset of management objects associated with the organization based on the attributes of the organization. The switch provides the user with the same access to a set of functions defined by the subset of management objects regardless of whether the user accesses the network packet switch by the public access port or the private access port.
Preferred embodiments of this aspect of the invention may include one or more of the following features.
At least one management object available to the user is unique from other management objects available to other users of the same organization. At least one management object available to the user is unique from other management objects available to other users of different organizations. The management objects can be provide a graphical user interface having tow control areas, one that is based on the JAVA programming language and the other based on the HTML programming language.
The switch establishes a request processor object to incorporate attributes of the user from a predefined data structure. The switch sets variables of the request processor object with the attributes. The data structure defines the attributes of the user, the variables define the set of management objects associated with the user. The request processor object parses data files and dynamically produces management objects that are unique to the user. The request processor object uses indicator tags to parse the data files. The indicator tags include a security tag, a server side include tag, and a script tag. The interface can be one of three interface types: a standard interface, a guided interface or a services interface.
The switch associates authorized data of the data files with the management objects accessible by the user; and disassociates unauthorized data of the data files the management objects accessible by the user. The request processor object includes a parser based on the attributes of the user and a data manager. The data manager accepts data parsed by the parser to assemble the subset of management objects.
Embodiments within the-scope of the claims may include one or more of the following advantages.
Administrative or other privileges of the user can be determined, and configured, independently from the location and access capabilities of each individual user, such as an administrator. For example, neither Internet service provider (ISP) access nor private local area network (LAN) access can affect a view of the graphical user interface presented to a particular user. Therefore, the view and the accessibility functions can be independent of the hardware interface. However, the views can be customized based on the user or based on the hardware interface. Therefore, the hardware interface does not limit the ability to administer resources of the switch.