Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network monitoring
Reexamination Certificate
2001-12-21
2004-06-22
El-Hady, Nabil (Department: 2155)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network monitoring
C709S223000, C709S226000, C709S230000, C709S244000
Reexamination Certificate
active
06754705
ABSTRACT:
FIELD OF THE INVENTION
The present invention relates to enterprise network systems, and more particularly to analyzing enterprise network systems.
BACKGROUND OF THE INVENTION
In general, a “network analyzer” is a program that monitors and analyzes network traffic, detecting bottlenecks and problems. Using this information, a network manager can keep traffic flowing efficiently. A network analyzer may also be used to capture data being transmitted on a network. The term “network analyzer” may further be used to describe a program that analyzes data other than network traffic. For example, a database can be analyzed for certain kinds of duplication. One example of a network analyzer is the SNIFFER ANALYZER™ device manufactured by NETWORK ASSOCIATES, INC™.
FIG. 1
shows a typical network analyzer
100
deployment attached to a single switch
102
. As shown, several personal computers
104
are coupled to Server A
106
and Server B
108
via a switch array
110
. This deployment sees broadcast and multicast traffic plus any unicast traffic to or from the network analyzer
100
only. In other words, the network analyzer
100
provides only a constrained view that is incapable of providing a complete picture of traffic between the personal computers and servers.
FIG. 2
depicts a network analyzer
200
deployment using spanning. This deployment sees all broadcast and multicast traffic, plus any unicast traffic to and from Server A. However, extra load has been added to the switch
202
.
FIG. 3
depicts a network analyzer
300
deployment using a Virtual Local Area Network (VLAN)
302
. This deployment sees broadcast and multicast traffic and any unicast traffic to or from the computers on VLAN
1
, but the load on the switch
304
is now excessive.
At one time, repeated flat networks were the standard in an enterprise setting. Prior art network analyzer systems can only typically see one broadcast domain. This is due in large part to the fact that these systems were designed for flat repeated networks. Thus, such network analyzer systems function as an adequate solution in a “point” troubleshooting role, but do not scale to provide a true enterprise troubleshooting and monitoring capability.
Over time, there has been a steady migration away from flat networks towards fully switched networks. Given network topologies today, prior art network analyzer systems, as currently designed, cannot provide a complete solution that is capable of monitoring, detecting and troubleshooting problems on a corporate enterprise level. Even with monitoring modules on every switch, everything still cannot be seen, and there is a high cost associated with deploying this many monitoring modules.
There is thus a need to provide network analyzer functionality in an enterprise-wide fashion to allow company network managers to monitor their geographically dispersed networks from a central location. Additionally, companies need the ability to accomplish this in a rapid, dynamic way to facilitate quick reaction to problems that can occur at any point within a corporate network.
What is further needed is a network analyzer solution that is capable of scaling to a total enterprise solution, and further capable of monitoring the entire corporate network at once while fully addressing the current paradigm of fully switched environments.
DISCLOSURE OF THE INVENTION
A system and associated method and computer program product are provided for analyzing a network. Included is a plurality of agents coupled to a plurality of computers interconnected via a network. Each agent is adapted to collect information relating to at least one of the computers. Further provided is a plurality of host controllers coupled to the agents for collecting the information from the agents. Still yet, a plurality of zone controllers is coupled to the host controllers for collecting the information from the host controllers.
In one embodiment, each agent may be adapted to collect the information relating to at least one of the computers for a first predetermined time interval. Such agents may further receive an indication of the first predetermined time interval from the host controllers. Moreover, the agents may collect the information in response to a demand received from the host controllers. In use, the agents may communicate with the host controllers utilizing a layer three (possibly encrypted) protocol. Further, the agents may include less than 1 MB.
In another embodiment, the host controllers may be adapted for collecting the information from the agents for a second predetermined time interval greater than the first predetermined time interval. Still yet, the host controllers may receive an indication of the first predetermined time interval from the zone controllers. Moreover, the host controllers may collect the information in response to a demand received from the zone controllers. In use, the host controllers may also be adapted for generating a map based on the information. As an option, the host controllers may communicate with the zone controllers utilizing an encrypted layer three protocol.
In still yet another embodiment, the zone controllers may be adapted for collecting the information from the host controllers at predetermined intervals. Such zone controllers may be adapted for receiving the map from the host controllers. In use, the zone controllers may be adapted for reporting on computers included in an associated zone based on the information and the map received from the host controllers.
REFERENCES:
patent: 5781703 (1998-07-01), Desai et al.
patent: 6108782 (2000-08-01), Fletcher et al.
patent: 6266694 (2001-07-01), Duguay et al.
patent: 6314460 (2001-11-01), Knight et al.
patent: 6363391 (2002-03-01), Rosensteel, Jr.
patent: 2002/0138437 (2002-09-01), Lewin et al.
patent: 98/42103 (1998-09-01), None
patent: 00/08806 (2000-02-01), None
patent: 00/77687 (2000-12-01), None
patent: 01/31539 (2001-05-01), None
patent: 01/55862 (2001-08-01), None
patent: 01/84270 (2001-11-01), None
Elwell Ken W.
Joiner Herbert V.
El-Hady Nabil
Hamaty Christopher J.
Networks Associates Technology Inc.
Silicon Valley IP Group PC
Zilka Kevin J.
LandOfFree
Enterprise network analyzer architecture framework does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Enterprise network analyzer architecture framework, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Enterprise network analyzer architecture framework will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3310961