Virtualization replaces bespoke physical network appliances, that typically can only perform a single network function, with software running as virtual appliances on standard servers. This allows consolidation of network resources by operating the services with less hardware, reducing the footprint by running several services on the same hardware instead of having separate bespoke hardware for each function, each requiring space and power. Virtualization also simplifies service provision and makes it more flexible, as once the hardware has been installed, the functions can be installed and configured remotely, without the need for a site visit
FIG. 11 illustrates the classical network approach, with separate bespoke hardware installed to provide individual functions 110-111 such as message routing, Content Distribution Node, session border control, Wireless area network operation, Deep Packet Inspection, firewall functions, carrier grade network address translation, testing and monitoring quality of experience (QoE), Serving GPRS support node/Gateway GPRS support node, routing, Broadband Remote Access Server and radio access. FIG. 12 illustrates a virtualised approach in which “virtual appliances” 120 are provided by an Independent Software Vendor (ISV) and downloaded as required for installation or update in standardised servers 130, with associated storage 140 and switching functions 150.
Typically, the delivery of managed network services to customers requires the shipping of a hardware component e.g 100, 101 to the customer's site for each network function required. This can involve multiple independent site visits, depending on the source of the hardware, the timing of upgrades, and other factors. Virtualization only requires one initial site visit to install the server 130, and the network functions software 120 can be installed remotely. A key aspect shown in FIG. 12 is a layer of management software that supports the installation and running of multiple virtual machines or virtual appliances 120 on the servers 130. An essential part of the initial server installation is the installation and activation of this management software layer. It is undesirable to have the installation engineer install this software as it increases the length of time the technician will be on-site, and requires training of the installation engineer.
The IT Industry has developed a standardised method for booting a bare metal server (i.e. a server with absolutely no configuration or operating system pre-installed) using PXE (Pre eXecution Environment), (often pronounced “Pixie”), boot and Dynamic Host Configuration Protocol (DHCP). In most modern servers the Basic Input/Output System (BIOS), that boots a server before it loads the primary operating system, includes sufficient functionality to run PXE. On powering up the client server the BIOS will automatically broadcast a Dynamic Host Configuration Protocol (DHCP) message. This is broadcast because the client server, not yet having been configured, has no information on where to send this message. The server at this point in time only has one piece of information, which is its unique MAC (Ethernet) address that is burned into its Ethernet chip on manufacture. A DHCP server on the Data Centre LAN receives the broadcast and replies with the IP address of the client, plus other information required for networking (e.g. default gateway), the IP address of a Trivial File Transfer Protocol (TFTP) server, and the file name that the client server should download and boot. The file that is booted is the operating system required to run or manage the installation of further applications on the client server.
The above process works well in a secure Data Centre environment but has several issues if it is to be used to boot a bare metal server on an insecure customer site using a third party (potentially insecure) network. In particular, the DHCP server may reside on the customer premise or be part of a third party network service provider and it may not be possible to get this configured to include information about the TFTP server. The service provider may also want to prevent a server, provided by a third party, from instructing the customer premises server to load and boot an unauthorized file.
The service provider may not know the IP addresses assigned to its server in advance, or only one of several IP addresses required by the customer. Multiple IP addresses may be required for:                an Intelligent Platform Management Interface (IPMI) or “lights out management” (LOM) interface. This is an independent Ethernet port connected to a management sub-system that has a processor independent of the main CPUs in the server, whose purpose is to allow management of the server when the CPU has “crashed”.        the installation software 131—it may desirable to reserve the original IP address to be used solely for the customer's own data traffic, and have a separate one for the installation software. This may be used for updates and reconfiguration as well as the initial installation process        management of virtual network functions or virtual appliances installed at a future time on the server.        secure management communications with the server, as TFTP (Trivial File Transfer Protocol) is not inherently secure.        
Alternatives to this approach preclude the basic hardware being delivered directly from the manufacturer to the customer, but require the service provider to “stage” the server hardware via its own facilities so it can be pre-configured and customized before being shipped to the customer premises. This requires servers to be built to order, and they cannot be shipped from any local warehouse, which lengthens the amount of time taken to complete the customer order. Configuration at a separate facility operated by the service provider is time consuming and makes the service provider responsible for the shipping, and the complexity of import & export duties, customs delays, project planning, contracting & liaising with remote agents and customers.
Alternatively, configuration at the factory requires all servers to be custom-built by the hardware vendor, which adds customisation costs and delays, and also requires sharing of software intellectual property with the hardware vendor, and divides responsibility for quality control and update management.
Moreover, with either approach, if a server fails it has to be replaced with a similar bespoke custom-built server, which can delay the fix time and increase the cost of repairs.
According to a first aspect of the invention, there is provided a method of installing an application on a configurable server device, the method comprising the steps of:                connecting the server device to a telecommunications network through an intermediate communications interface device configured to be coupled to the server device;                    initiating and mediating, from the intermediate communications interface device, a tunneled network connection to a network operating centre            receiving, at the configurable server, configuration data downloaded from a program provisioning server hosted by the network operating centre, and            installing the application by configuring the server device in accordance with the configuration data.                        
According to a second aspect of the invention, there is provided a communications interface device configured to be connected to a server device and a telecommunications network and to initiate and mediate a tunneled network connection between the server device and a program provisioning server at a remote part of the telecommunications network.
In the preferred embodiments, the intermediate communications interface device is embodied as one or more pluggable devices. Separate applications may be mediated through separate respective pluggable devices, in communication with each other, for example through an Ethernet bridge or a paired wireless connection, preferably using a secure tunneled connection.
In the embodiment to be described, the intermediate communications interface device is configured to transmit boot-up instructions to the configurable server device, and directs an instruction to the program provisioning server to obtain a unique network address specific to the network operating centre. The program provisioning server hosted by the network operating centre may operate on a dynamic host configuration protocol (DHCP), wherein boot files are retrieved by the configurable server from a Trivial File Transfer Protocol (TFTP) Server forming part of the program provisioning server. The boot file may be accessible to a plurality of configurable servers, and be customized to the respective network address of each configurable server.
The communications interface device is preferably arranged to mediate installation and operation of a first function on the server device by connection with a program provisioning server, and to communicate with a second such pluggable device installed on the server device to mediate installation and operation on the server device of a second function from the, or another, program provisioning server.
With this invention any “bare metal” server can be delivered out of a warehouse to provision a new site, or to repair a failed server, reducing costs, and speeding up delivery and repairs. This allows the configurable server to be delivered to its end-user before configuration, and configuration to be performed by the network operator in situ, but without a site visit, by delivery and plug-in of the small-form device 80, which is typically of a suitable size to be mailed.
The embodiment of the invention to be described makes use of “SmartSFPs”. An SFP is a “small-form factor pluggable device”, that converts a standard electrical network connection into a standard optical connection. A standard SFP is a “dumb” device, but a “smart” one adds additional capabilities to perform diagnostics or operations administration and maintenance of network services.
The invention therefore allows a software application to be installed on a “bare metal” server device (having no pre-installed operating system or configuration) by connecting the server device to a telecommunications network through a SFP (small-form factor pluggable device), the pluggable device being configured to initiate and mediate a tunneled network connection to a network operating centre to allow a dynamic host configuration protocol (DHCP) server hosted by the network operating centre to download configuration data to the bare metal server to install the application. This allows physical installation to be a quick and straightforward process, as the SFP is small enough to be sent through the mail to the location where the bare metal server is to be installed. The software to configure the hardware can then be downloaded once the SFP has established contact with a central server.
This embodiment modifies existing SmartSFP technologies to enable them to be used as a way to deliver a secure method to boot up bare metal servers at the customer premise that can be delivered in the mail without requiring highly skilled technicians at the customer site. Existing methods to boot-up servers over the network are designed for private networks in secure data centres but cannot be safely used over a third party network to boot-up a server shipped to an insecure customer site. This embodiment provides a method to use SmartSFPs to allow secure boot-up of any bare metal server shipped to the customer site using only the standard capabilities of an industry standard x86 BIOS server.