Enterprise computing environments generally include both localized intranetworks of interconnected computer systems and resources internal to an organization and geographically distributed internetworks, including the Internet. Intranetworks make legacy databases and information resources available for controlled access and data exchange. Internetworks enable internal users to access remote data repositories and computational resources and allow outside users to access select internal resources for completing limited transactions or data transfer.
Increasingly, network appliances, or simply “appliances,” are being deployed within intranetworks to compliment and extend the types of services offered. As a class, network appliances have closed architectures and often lack a standard user interface. These devices provide specialized services, such as electronic mail (email) anti-virus scanning, content filtering, file, Web and print service, and packet routing functions.
Ideally, network appliances should be minimal configuration devices, which are purchased, plugged into a network, and put into use with no further modification or change. Analogous to a cellular telephone, a network appliance should ideally provide the service promised without requiring involved configuration and setup by individual users or administrators.
Nevertheless, configuring newly-installed appliances remains a complicated and confusing endeavor. Appliance configuration is generally vendor-specific and device-dependent. The lack of a user interface allows only indirect configuration and setup. Configuration often takes several steps. From a physical connectivity standpoint, appliance configuration typically requires operating a manual control panel, reconfiguring an installed appliance from a factory set of default settings or performing a myriad of other device-dependent operations to affect a configured setup. Consequently, a higher than average level of user sophistication is required to avoid a confusing, incorrect or potentially catastrophic outcome.
In addition, operational software and firmware must also be properly configured as part of an initial setup. Often, a full software suite, including operating system, must be installed prior to initializing the appliance. In addition, the network protocol stack must be configured to operate within the specific installed network topology into which the device is deployed.
Finally, various policies must be installed and operationally enforced on each appliance. Appliances offering plug-and-play installation generally lack the default settings necessary to enforce security and administrative policies. As well, until fully configured, these devices enjoy potentially free rein over a network domain and pose a serious security risk to an entire enterprise.
For instance, replay attacks are possible during device configuration. A configuration packet could be intercepted by a hostile agent and later re-sent (“replayed”) with altered settings to reset the configuration and create a security breach.
In addition to per-device configuration and setup considerations, the deployment of appliances can create network management concerns. For instance, a large population of deployed appliances can drastically increase network management workload. Vendor-specific and device-dependent settings necessitate individualized attention to each successive appliance installation. A rich network environment having a multitude of heterogeneous systems and appliances can quickly overwhelm a network administrator and make the task of identifying unconfigured devices difficult and time consuming.
In the prior art, the dynamic host configuration protocol (DHCP) provides a partial solution. DHCP allows a TCP/IP-compatible device to be dynamically assigned a network address within a pre-defined network domain. A DHCP server maintains a table of the network addresses assigned to each interconnected device, thereby preventing address conflicts. Network address assignments are “pushed” to each newly-connected device. However, DHCP servers are limited to configuring network addresses and fail to provide policy and device parameter configuration and setup.
Therefore, there is a need for an approach to providing remote secure configuration of network appliances from a standardized user interface. Preferably, such an approach would offer a Web browser-based solution allowing configuration from a ubiquitous and widely available interfacing means. Such an approach would further provide a standardized interface for appliance configuration and setup in a vendor-neutral and device-independent fashion.
There is a further need for an approach to providing automatic configuration of network appliances during initialization upon deployment into a network domain. Preferably, such an approach would provide a complete bootstrap solution with minimal user interaction. Furthermore, such an approach would preferably realize a cellular telephone service model of purchase, plug in and use.
There is a further need for an approach to providing network-based configuration of network appliances that substantially minimizes the potential for creating security risks and, in particular, preventing replay attacks.