The present invention is related to network management systems in general and, more particularly, to a system, processor-implemented method and graphical user interface for building virtual private networks.
In order to enable geographically disparate sites such as branches of a bank or regional offices of a large corporation to communicate with one another, it is common for such organizations to create virtual private networks (VPNs), which lie on top of a public network infrastructure. The operator of the underlying public network, typically a telecommunications service provider (or xe2x80x9ctelcoxe2x80x9d), charges a fee for the set-up of a VPN, while the customer achieves end-to-end interconnectivity without having to worry about finding a path through the network, bandwidth usage patterns or equipment failures.
In greatly simplified terms, a VPN is typically built by following a four-phase process. The first phase is for the customer desirous of a VPN to specify a set of requirements in a high-level format. High-level data provided by the customer may include such information as the geographic location of customer sites and the number of telephones or video stations present or desired at each site. The second phase is for the telco staff to translate those high-level requirements into low-level requirements of a more technical nature, such as capacity and latency specifications.
The third phase involves the telco staff provisioning and configuring the underlying public network in order to meet the low-level requirements which have transpired from the previous phase. Finally, the fourth phase includes the telco charging the customer for the provisioning and configuration activities performed in the third phase.
Unfortunately, a major drawback with the conventional manner of creating a VPN is that the above-mentioned second phase (i.e., translating high-level requirements into low-level ones) requires that the telco train its technical staff until they attain a certain level of competency. This often takes weeks or months at a cost of thousands of dollars per employee. Furthermore, the third phase (configuring the underlying public network) may also disadvantageously take weeks or months to complete, especially if the customer wishes to be consulted when alternative options of configuring the network are available.
Moreover, command inputs entered into a network management system in the course of executing the third (provisioning) phase are typically entered by several people other than the individual who had interfaced with the customer during the first phase involving the specification of high-level requirements. The result is an increase in the telco""s staffing costs and in the probability of a human error being committed in the course of building the VPN.
Clearly, there is a need in the industry to provide a utility which allows VPNs to be built faster, more reliably and in a more cost-effective manner.
The invention can be summarized as a method of setting up a VPN within a main network, which includes the steps of maintaining current configuration information on the main network, receiving high-level requirements to be met by the VPN and causing the main network to be automatically reconfigured to accommodate the high-level requirements. The main network may be the Internet or the public switched telephone network. The method may be implemented by a network management system (NMS) and may be stored as a set of instructions on a computer-readable storage medium.
Preferably, the method includes additional steps between the steps of receiving high-level requirements and causing the main network to be reconfigured. For instance, there is preferably an additional step of translating the set of high-level requirements into a set of low-level requirements, which is preferably followed by a step of generating at least one option for configuring the main network such that the set of low-level requirements is met.
Preferably, the user is presented with a selection mechanism by virtue of which a particular option may be selected. This is known as the xe2x80x9cselected optionxe2x80x9d. After an option is selected in this manner, the method preferably includes the additional step of graphically displaying a logical view of the main network configured in accordance with the selected option.
Preferably, the method includes the step of providing a graphical selection mechanism for allowing the user to choose between committing the selected option to the NMS or or modifying the selected option.
If the user chooses to modify the option, then the method preferably includes the steps of accepting user-generated reductions in the high-level requirements corresponding to the selected option, modifying the detailed technical specification corresponding to the selected option in accordance with said reductions, converting the modified detailed technical specification into a modified set of graphical elements; and displaying said set of modified graphical elements as a modified logical view of the main network.
The invention can also be summarized as a processor-implemented graphical user interface (GUI) method assisting a user in building a VPN. The GUI method includes providing a first interactive graphical mechanism for allowing the user to enter high-level requirements associated with each of a plurality of customer sites. The GUI method also includes providing a second interactive graphical mechanism for allowing the user to request the generation of at least one option for configuring a main network in accordance with said high-level requirements.
In response to a user input requesting the generation of at least one option, the GUI method includes providing a third interactive graphical mechanism for allowing the user to select one of the generated options. Next, in response to a user input selecting an option, the GUI method includes displaying a logical view of the VPN in accordance with the selected option.
Finally, the GUI method includes providing a fourth interactive graphical mechanism for allowing the user to commit the selected configuration option to a network management system.
By allowing a user to specify service requirements in an elementary language and then to select from a number of automatically generated and graphically displayed options for configuring the main network, the present invention eliminates the bulk of the time conventionally spent in building a VPN. Also, the resulting VPN-building procedure is more reliable and cheaper for the telecommunications service provider.