The present invention relates to computer networking, and, more particularly, to secure mobile management of networked assets via wireless devices in networked environments.
A network manager such as a network administrator has responsibility for managing network assets such as network devices on a network such as a voice or a data communication network. Managing devices typically includes, for example, configuring the devices, and, once the network is configured, routine monitoring of the devices, reconfiguring the devices if desirable, and troubleshooting problems with the network and/or the devices if problems should arise. For routine monitoring as well as for more intensive troubleshooting, a network manager needs to examine information about the network device. This information allows the manager to solve network problems as well as to reconfigure the network for greater stability and improved performance. Examining information about a device is often accomplished at a management station physically remote from the network device. The management station may be a network management server that, for example, monitors performance of managed network devices using an application such as a Simple Network Management Protocol (SNMP) trap monitoring application such as a fault browser or an alarm browser. Other devices have a built-in web server that provides an http interface for management applications. When faults occur on network assets such as network devices, a network manager may connect to these devices from a World Wide Web browser, to configure and manage these devices. The network manager is still reliant, though, on the a main network management system to forward, correlate, and isolate the faults in order to point the manager to the correct device, which the manager can now reconfigure or monitor more closely. Even if the device had the capability to send the network manager the fault directly, which some devices have, it would not be possible to isolate the cause of the fault and effect of the fault on the total network, or the applicable sub network absent the aid of topology information that resides on the network management server. Furthermore, the network manager would not have accurate information focused on the network that the manager is currently in. Rather, the manager would be faced with a jumble of individual devices and links and large network topologies, which make it difficult for the network manager to comprehend the small sub network around the manager and to monitor faults just for this network. The information on what exactly is in the network around a network manager is so difficult to obtain and information is so hard to apply to the context of the subnetwork in particular and the larger network in general. Network devices with built-in Web application interfaces do not solve this problem in a practical way that aids a roaming mobile network manager.
Service providers or distributors sell equipment, such as telecommunication private branch exchanges (PBXs) or Internet data routers, to their customers and manage the equipment remotely from their central offices. The PBXs or Internet data routers are a critical part of the working business environment of the customer organization and often hold vital security information about, for example, the telephones and the users in the organization.
A distributor has many network technicians, with or without administrative privileges, who can log onto a network management server to monitor, access, and manage network devices, for example, through Web applications residing on the network management server. The network management server hosts the applications that manage the PBX switch, for example. Generally, the network management server is located on the customer""s network and is remotely accessed from the distributor""s central office hosting a central network management server, or directly access by network technicians having login privileges on the customer""s network management server. A distributor might also remotely manage a customer""s network that has a variety of optical, wireless, data, and voice network devices and media on it, for example.
Currently, network management occurs via fixed network management servers. In order to manage the network, a network manager has to operate a network management server client that is physically connected to the network management server and thus to the network. Typically, the network management server client runs on the network management server itself. A network manager, such as a network administrator, or a technician granted network management privileges by the administrator, typically examines the network from a desktop workstation, for example, a UNIX terminal or a PC. The desktop workstation is, in effect, tied to the desk of the manager.
A service provider might remotely manage a network, albeit with a workstation dial-up modem connection or similar connection. In remote network administration, for example in a wide-area network, the management client has to be physically on the network. In some cases, this is difficult to achieve and can present authentication and domain networking issues.
In large, multiple asset networks, if a roaming network technician, for example, goes to a portion of a network located in a building, there may be a variety of network assets in that network portion. Typically the network technician will typically not have an easy way to determine which asset is to be managed. The network technician in many cases must walk back to the network management server client, which may be running on a network management server and which may be physically located in another building, to learn more about the problem areas in that portion of the network. Network management servers are unable to present to the network technician a view of the very network that the technician is standing right in front of, or right in the middle of. The network technician must instead connect to the server, typically through a client, or, for example, possibly even walk back to the server, which can be located miles away from where the network and its assets of interest are present, in order to determine what assets exists in the network and how to monitor and manage the assets. Even in this instance the network technician typically needs to have extensive knowledge of this network and its assets in order to be able to focus on the very devices and other assets that are affecting a particular geographical location, such as a particular building in a large corporate campus. This information often lies buried under layers of complex network topologies that most often do not easily correlate to the actual physical layout of the network.
Even a laptop computer is limited in terms of full mobility by the required physical connection with the network. Theoretically, an individual equipped with administrative permissions on the network and operating a laptop computer having a modem dial-up connection to the network management server can eventually drill down through complex device lists to either find a particular asset or identify the location of a particular asset. This nominal access to network equipment can be problematic and complicated, however, and is not a fully mobile solution since a physical connection to the network management server is typically required.
Conventional arrangements such as those described above limit the flexibility and mobility of a network manager such as an administrator or a technician to manage and troubleshoot problems on a network.
Systems and methods of providing mobile network management of assets on a network are presented. In accordance with an example of the method, a network management server is provided to control a network asset on a network. The network asset is connected to the network management server via a connection path. A secure communication path is established between the network management server and a mobile wireless capable device. The network asset is managed via the secure communication path with the mobile wireless capable device. The network is administered via the secure communication path with the mobile wireless capable device.
A mobile network management system is provided according to one aspect of the invention. The mobile network management system includes a network management server, a wireless transceiver, and a mobile wireless capable device. The network management server controls a network asset on a network. The network asset is connected to the network management server via a connection path. The wireless transceiver is coupled to the network management server. The mobile wireless capable device communicates with the network management server via the wireless transceiver to manage the network asset and to administer the network.
A mobile network management system is provided according to another aspect of the invention. The mobile network management system includes a network management server, a remote wireless transceiver, and a mobile wireless capable device. The network management server controls a network asset on a network. The network asset is connected to the network management server via a connection path. The remote wireless transceiver communicates with the network management server via an internet. The mobile wireless capable device communicates with the network management server via the remote wireless transceiver to manage the network asset and to administer the network.