A portion of the disclosure of this patent document contains material which is subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by anyone of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent files or records, but otherwise reserves all copyright rights whatsoever.
The invention relates to computer and telecommunication network monitoring and management and, more particularly, to methods and systems for correlating collected event data with administrators, management policies and procedures.
When most end users think about information technology (IT), they are more concerned with reliability and speed of the business critical services that IT delivers than the growing infrastructure that supports those services. Meanwhile, reliance on an ever-widening web of network, system, database and application resources makes these services even harder to manage.
With this critical reliance on the network, and the services provided, it is essential to pinpoint the probable cause of real or potential service delivery problems and resolve them quickly. To do this, administrators must first understand the entire infrastructure, the IT resources that support it, and how they work together to deliver services. Incoming events must be continuously sifted through to detect those affecting an enterprises ability to sustain service levels.
Improving service levels while reducing costs is every IT manager""s goal, whether the service is being provided to an external subscriber or an internal end user within a corporate enterprise. The key to realizing these goals is optimizing processes and ensuring that policies are well planned and enforced.
In many organizations, the process of handling network and system faults is much less than one hundred percent efficient. Often, tangible economic benefits can be realized by simply automating the task of analyzing the impact of network faults on services, business units and customers. Further efficiencies can be achieved by optimizing policies for fault escalation and resolution.
Identifying and maintaining the following information is critical to maintaining acceptable network service levels:
1) What business processes are impacted by incoming faults?
2) How should work be prioritized and responsibility assigned for incoming faults?
3) What policies should be followed for resolving incoming faults?
Network access becomes increasingly critical to the performance and success of organizations. There is thus a need for a system for allowing network operators to quickly determine answers to the preceding three points.
It is an object of the present invention to solve the problems described above associated with existing network management systems.
It is another object of the present invention to allow network administrators to quickly and correctly determine what users and business processes are impacted by incoming faults so as to minimize the impact to critical business processes.
It is another object of the present invention to allow administrators to determine how work should be prioritized and responsibility assigned for incoming faults.
It is another object of the present invention to determine what policies should be followed when resolving faults.
It is another object of the present invention to raise network service levels by reducing mean time to service restoration by automating escalation and response procedures.
It is another object of the present invention to enable organizations to leverage vital information scattered across disparate databases without going through a difficult process of co-locating databases or re-keying data into a common format.
It is another object of the present invention to enhance IT flexibility by allowing data to remain decentralized yet accessible from a central control point.
The above and other objects are achieved by an impact analysis software system residing on a computer connected to a network in an enterprise. The system analyzes the impact of network events on the network, and includes a number of modules, including a number of data source adapters for interfacing with external data sources to thereby allow access by the system to enterprise-related data in the external data sources. The system further includes an impact analysis data structure populated with data accessed from the external data sources and defining relationships between the enterprise-related data. One or more action tree data structures comprise a routine which, when executed, acts upon the relationships defined by the impact analysis data structure to handle events. A message processor reads the network events and select one of the action tree data structures to handle each read network event.
In some embodiments, the external data sources store data using a plurality of different formats, and the data source adapters comprise a data source adapter corresponding to each data source format. The system includes a selection routine for selecting one of the data source adapter corresponding to a given external data source.
As a result, the system and corresponding process leverages data presently stored throughout a corporate enterprise. The system utilizes the data source adapters to access a plurality of third party data sources including relational databases developed by Sybase Inc. and Oracle Inc., data sources accessed via the LDAP protocol, data stored in HTML or text format, etc. By creating and storing relationships among the disparate data sources, the system is able to effectively utilize existing corporate knowledge to achieve its goals. Moreover, the data utilized need not be kept in a proprietary form nor must it be administered from a central site. Local database administrators can continue to manage their data while it is simultaneously capitalized upon by the present invention to build relationships between systems, business units and users/administrators.
In some embodiments, the impact analysis data structure comprises a plurality of organizational nodes each representative of an enterprise element and populated with data accessed by the system through the use of the data source adapters, and one or more hierarchy structures of said organizational nodes, said hierarchy structures defining relationships of organizational nodes to one another by the data contained therein, said hierarchy structures representative of structures and business processes of the enterprise.
In some embodiments, the system further comprises an event handler to receive and queue data regarding network events from an event server. When an event arrives indicating, for example, that a router port is down, the system will determine the business unit associated with this port. It can then locate a list of people responsible for the router, scan the rotation to determine who is on call based on the current date and notify the party by e-mail, paging or other suitable method. If no response is received, the system automatically notifies the administrator""s manager or the next person listed in the business unit""s chain of command. Once the event is resolved, the system will halt the escalation.
Policies can be defined by associating documents of any type, e.g. text or HTML, with a particular component or a person who is responsible for resolving the problem encountered. Administrators can also examine policies related to specific events by simply selecting an event and requesting that the system send all documentation, users, and any other information associated with a particular event or class of events.