The present invention relates generally to computer systems and more specifically to management of computers organized in a distributed architecture.
Today, because of expanding use of the personal computer (PC) as a tool for work, PCs have become ubiquitous in most enterprises. Typically, PCs are distributed throughout the enterprise, where potentially thousands of employees may have their own PC. It is a problem of IT managers to manage so many PCs. An important concern for IT managers, for example, is management of the PCs, especially the management of certain critical data that the PCs may contain. Examples of management tasks include:                computer virus checking;        data backing up;        configuration of files;        installing, upgrading and uninstalling software;        sharing PC's local data by other users; and        analyzing PCs' data.        
A typical PC includes a local disk drive in its chassis, where all of the user's data is usually stored. The data in the local disk drive typically can be accessed by only the PC itself. Consequently, most of the software that provide the above data management functions must be installed on the PC and executed by the PC itself. As a result, it is up to the user of the PC to decide whether the software is executed or not. Thus, some users may not perform virus checking or execute back ups of their data. Such lacking in discipline can be disastrous if, for example, the PC becomes infected with a software virus. The potentially malicious software can spread to other PCs in the network. Thus, virus checking should be performed diligently and completely, without exception.
Another challenge for the IT manager is that such task may consume too much time to perform. For example, baking up files may be deemed too disruptive. The tendency therefore is to forego certain activities, such as performing backups.
Another problem is that most software requires installation by the user or the IT personnel. If a user is required to perform the task, it may not be performed correctly or completely, or at all. This further burdens the IT department.
Still another problem is that there is oftentimes valuable data on a PC which should be accessible to other members of the enterprise. It would be desirable to be able to share the data or allow others access to the data.
Several conventional techniques exist for managing a network of computers from a centralized computer. For example, there is a network based client-server configuration (such as a Unix-based machine) which allows client computers to boot without any local disk drive in the client machine. The data required is served from a remote disk drive at a central NFS server. The IT administrator simply installs and manages software on the remote disk drive and is guaranteed that the installation will reach its client machines. There is no need to do anything by the users or by the client computer. Since there is no local disk, there is a performance tradeoff due to the slower access of having a remotely located “local” drive.
A company called Network Appliance, Inc. sells a product which provides virus scan functionality for its network attached storage (NAS) devices. The NAS is a central file storage system and the PCs store their files in the NAS for sharing data purpose. The NAS works with an external server which can scans virus. Before any file is used by the PC, the NAS asks the external server if there is any virus in the file and if not, the PC can use the file. If a virus is detected, the virus is removed from the file if possible so that the PC can then be given a cleaned file. This technique requires all files to be stored remotely so that the virus scan operation can be performed. There is a performance hit due to the fact that the file is remotely accessed. More significantly, operating system (OS) files are not stored remotely on the NAS, and so any virus that finds its way into such files cannot be screened.
It can be appreciated then that there is a need for an improved approach to managing a distributed network of computer systems without experiencing a degradation in performance.