In many types of computer networks, it is desirable to be able to perform certain management related functions on a processing system from a remote location. For example, a business enterprise may operate a large computer network that includes numerous client and server processing systems (hereinafter “clients” and “servers”, respectively). With such a network, it may be desirable to allow a network administrator to perform or control various functions on the clients and/or servers from a remote console via the network, such as monitoring various functions and conditions in these devices, configuring the devices, performing diagnostic functions, debugging, software upgrades, etc. To facilitate explanation such functions are referred to collectively and in as “management functions”.
One particular application in which it is desirable to have this capability is in a storage-oriented network, i.e., a network that includes one or more storage servers that store and retrieve data on behalf of one or more clients. Such a network may be used, for example, to provide multiple users with access to shared data or to backup mission critical data. An example of such a network is illustrated in FIG. 1.
In FIG. 1, a storage server 20 is coupled locally to a storage subsystem 4, which includes a set of mass storage devices, and to a set of clients 1 through a network 3, such as a local area network (LAN), a wide area network (WAN), a Global Area Network (GAN) such as the Internet, or other type of network or a combination of networks.
The storage server 20 operates on behalf of the clients 1 to store and manage shared files or other units of data (e.g., blocks) in the set of mass storage devices. Each of the clients 1 may be, for example, a conventional personal computer (PC), workstation, or the like. The storage subsystem 4 is managed by the storage server 20. The storage server 20 receives and responds to various read and write requests from the clients 1, directed to data stored in, or to be stored in, the storage subsystem 4. The mass storage devices in the storage subsystem 4 may be, for example, conventional magnetic disks, optical disks such as CD-ROM or DVD based storage, magneto-optical (MO) storage, or any other type of non-volatile storage devices suitable for storing large quantities of data. The may storage devices may be organized into one or more volumes of Redundant Array of Inexpensive Disks (RAID).
Also shown in FIG. 1 is an administrative console 5 coupled to the storage server 20. The storage server 20 in this configuration includes a communication port (e.g., RS-232) and appropriate software to allow direct communication between the storage server 20 and the administrative console 5 through a transmission line. However, administrative console 5 may alternatively be connected to the storage server 20 via a network, such as network 3. These configurations enable a network administrator to perform at least some of the types of management functions mentioned above on the storage server 20. Filer products made by Network Appliance, Inc. of Sunnyvale, Calif., are an example of storage servers that have this type of capability.
However, in many network environments, the network administrator may not be able to perform all management functions, especially such functions as identifying potential problems before they occur and troubleshooting potential or existing problems. This may be because the network administrator may not have a complete understanding of certain processing systems on the network, which are ordinarily manufactured by third parties, such as Network Appliance, Inc. Often, in order to solve hardware and software issues with the processing systems, the network administrator must contact the third party manufacturer.
Some prior art storage management software can collect data regarding operation of the processing system so as to identify any potential problems based on preset thresholds. The software may also cause a notification to be sent to a network administrator in case a problem is identified. Filer products made by Network Appliance, Inc. of Sunnyvale, Calif., are an example of storage servers that send such auto-support messages to a preset network administrator in case there is a problem. However, usually, in order to troubleshoot, a customer support engineer at the third party manufacturer site goes through a troubleshooting algorithm on the phone with the network administrator, during which the customer support engineer asks the network administrator to input various commands to the storage server until the problem is diagnosed. This process can be very lengthy and may contribute to downtime of the storage server.
It may be desirable, therefore, to allow a third party, such as the third party manufacturer, to have remote access to the processing system to enable troubleshooting of the processing system, while maintaining the security of data about the processing system being communicated to the third party and the processing system. Further, it may be desirable to ensure that the third party does not exceed its access privileges.