1. Field of the Invention
The present invention is directed to management of network services in a data center, and in particular to management of services, subscribers, devices, log servers, and facilities using a common, virtualized management system.
2. Description of the Related Art
Public wide area networks such as the Internet have expanded the types of services used and demanded by enterprises of their network infrastructure. As the number, complexity and interaction of the services has risen, the associated costs of both the infrastructure itself and maintaining the infrastructure have risen as well. Many enterprises have turned to outsourced vendors, sometimes called a managed service provider or a data center, to provide these services in lieu of building and maintaining the infrastructure themselves. Customers of such managed service providers are called subscribers.
The managed service provider can operate in many different ways. Typically it can provide secure facilities where the infrastructure service equipment is located, and manage equipment for the subscriber. The scope of management and services is defined by an agreement with the customer calling for the managed service provider to solely or jointly manage the equipment with the subscriber. In other cases, the managed service provider can lease the physical space from another provider (called a hosting provider) and provide just the management of the infrastructure equipment on behalf of its subscribers.
A data center is a specialized facility that houses Web sites and provides data serving and other services for subscribers. The data center may contain a network operations center (NOC), which is a restricted access area containing automated systems that constantly monitor server activity, Web traffic, and network performance and report even very slight irregularities to administrators so that they can spot potential problems before they happen. A data center in its most simple form may consist of a single facility that hosts all of the infrastructure equipment. However, a more sophisticated data center is normally an organization spread throughout the world with subscriber support equipment located in various physical hosting facilities.
Data centers allow enterprises to provide a number of different types of services, including e-commerce services to customers; extranets and secure VPNs to employees and customers; firewall protection and Network Address Translation (NAT) services, web caching and load balancing services, as well as many others. These services can all be provided at an off-site facility in the data center without requiring the enterprise to maintain the facility itself.
The equipment that provides the infrastructure services for a set of subscribers can take several forms, depending on the implementation. Depending on the complexity and variety of services required, the equipment generally includes one or more single function devices dedicated to the subscriber. Generally, because the devices are designed with the co-location model in mind, service devices generally include the ability to provide only one or a small number of services via the device. Generally, typical multi-function devices combine services that are closely related, such as NAT and firewall services. A data center facility generally has a number of devices to manage, and in many cases the devices multiply as redundant devices may be used for fail over security to provide fault-tolerance or for load balancing.
FIG. 1 shows a typical single facility data center 20 and exemplary network architecture within the data center facility 20. It should be recognized that FIG. 1 is oversimplified for the purpose of showing the configuration of how such a data center facility is typically managed, and there are numerous additional components and devices in a data center facility not shown in FIG. 1. As shown therein, in one configuration, each subscriber has a leased physical cage—a cabinet of hardware which may include service provision devices and the subscriber's application servers as well as other specialized equipment for implementing the subscriber's service structure.
As shown therein, the data center facility 20 is coupled to a Wide Area Network (WAN) 50 via a high-speed interface device, such as an ATM switch 55. It will be recognized that the particular type of physical network to which the data center is coupled is merely illustrative and not germane to the presentation of the invention.
As illustrated in FIG. 1, the WAN may be a worldwide system of computer networks such as the Internet. Each ATM switch may be coupled to one or more level 2 and level 3 OCI layer switches 60, which direct traffic to any number of subscriber cages 22. Each subscriber cage may be leased by a particular subscriber of the data center, and may include equipment dedicated to servicing a particular subscriber. The subscriber may be, for example, an Internet business or company which seeks to offload its network operations to the data center. As shown in FIG. 1, each subscriber cage includes equipment from a different subscriber—“E-Client1.com”, “E-Client2.com”, etc. It should be understood that various forms of service models between the subscriber and the data center have been developed, and the particular form of business arrangement of a leased cage—sometimes referred to as “co-located” servers is illustrative only. Each cage is a physical rack of appliances dedicated to the particular subscriber and may be coupled to a network back plane and the application servers, which are maintained and configured by the subscriber in conjunction with the network operations center.
In general, in the typical data center case, the subscribers service equipment is designed with one subscriber in mind and hence, a data center providing outsourced management services to many subscribers must provide a separate set of infrastructure equipment for each subscriber. This equipment can come from many different vendors. The cages may include network appliances dedicated to one or more of the following tasks: routing, firewall, network address translation (NAT), SSL acceleration, virtual private networking, public key infrastructure (PKI), load balancing, Web caching, or the like. As a result, the management of all subscribers within the data center becomes very complex and expensive with many different management interfaces for all of the subscribers and subscriber devices. Administering the equipment in each cage is generally accomplished via an administrative access interface coupled to each single function device.
The difficulty in administering a data center as shown in FIG. 1 is that changes to each subscriber's individual configuration must be made at the cage, or at minimum, via appliance specific configuration mechanisms. Normally, subscribers themselves have no control over the service appliances and the data center administrators manage these appliances. As will be readily apparent, the more subscribers one has in the data center, the more resources must be committed to administration. This can become exceedingly difficult where changes must physically occur at the cage or via individual devices, especially in multi-facility data canters. In general, the data center will include one or more network operations centers, and one or more facilities operations centers. The network operations center generally refers to the facility which manages all physical facilities and the data center. The data center may have one or more physical facilities, each of which has its own facilities administrator who can have physical access to each of the cages. Hence, there can be at least two types of data center administrators depending on the organization of the data center. If the data center has all of its infrastructure equipment within a single facility, then there are only the personnel of that single facility acting as data center administrators. In larger data centers spread throughout the world, there is normally a central headquarters of the data center provider along with numerous separate data center facilities throughout the world. At the headquarters the data center may provide the capability to manage or monitor any device throughout the world that the data center is using to provide to its subscribers infrastructure services.
In order to alleviate some of these management problems, some virtual solutions have been developed, allowing administrators to configure devices via network interfaces. However, such devices do not administer services on an object level. That is, they do not allow the administrator access to administrative functions on a service level, but rather allow administrators to administer one or more particular types of devices via the device interface, by providing a common connection point for a number of devices in the data center. One example of such a solution is provided by Arula Systems corp. These devices allow an administrator to connect to a service device and through the administration device, manage a multitude of service devices.
Hence, such solutions are of limited scalability and scope.