Data processing: database and file management or data structures – Database design – Data structure types
Reexamination Certificate
1999-03-30
2002-04-23
Corrielus, Jean M. (Department: 2172)
Data processing: database and file management or data structures
Database design
Data structure types
C707S793000, C707S793000, C707S793000, C709S225000, C709S229000
Reexamination Certificate
active
06377955
ABSTRACT:
FIELD OF THE INVENTION
The present invention generally relates to data processing. The invention relates more specifically to generating reports that show information relating to networks, and further relates to methods and apparatus for generating user-specified reports of network accounting information.
BACKGROUND OF THE INVENTION
A network system generally includes a number of network devices, such as switches, routers, and others, connected so as to allow communication among the devices and end station devices such as desktop machines, servers, hosts, printers, fax machines, and others. Many companies have a desire to provide remote access to their computer networks. By allowing remote access, individuals can connect to the computer network to use it to work and obtain resource information while located at a remote site.
A popular method of providing remote access to a network is through the use of a dial-in network access server (NAS) that controls access to the network. For example, the server model AS5300, commercially available from Cisco Systems Inc., can be used to provide dial-in access to a company's network. Individuals can access the network system by dialing into the network access server from a Remote Node to establish a connection. In this context, the term Remote Node refers to a client device such as a personal computer (PC) or router that can be used to dial in and establish a connection with the network access server.
Managing the dial-in connections that are made to a large number of network access servers can require significant administrative support. Not only must administrative support personnel ensure that network security is maintained, but they must also ensure that remote access to the network is properly provided to those individuals that are authorized to access the network remotely, and that appropriate response times are maintained once a connection is established. When the network access servers are part of an Internet Service Provider (ISP) or other commercial institution, accurate accounting of connection time is required so that customers may be billed correctly. These functions are generically known as authorization, authentication and accounting (AAA).
One method of managing connections to a group of network access servers is through use of a shared accounting server, such as authorization, authentication and accounting (AAA) server software component of CiscoSecure ACS, which is commercially available from Cisco Systems Inc. With a shared accounting server, connection accounting information that is associated with the dial-in connections that are established with the different network access servers can be maintained at one location. In this context, the connection accounting information represents statistical data about the connections that were made or which were attempted to be made with a group of network access servers. For standardization purposes, certain accounting protocols have been developed that define the accounting information that is to be communicated between a network access server and a shared accounting server. For example, the Remote Authentication Dial In User Service (RADIUS) Accounting protocol can be used for carrying accounting information between network access servers and a shared accounting server. The RADIUS Accounting protocol is defined in detail in such documents as Request For Comment (RFC) 2138 and RFC 2139. Existing network systems are based on standard accounting protocols such as the RADIUS Accounting protocol. In these systems, a shared accounting server typically stores the accounting information in one or more files.
FIG. 3
illustrates RADIUS accounting data
300
in a file containing two exemplary RADIUS Accounting records
302
,
304
that describe connections that were made between a shared accounting server and a group of network access servers. Timestamp values
306
,
308
indicate the respective creation date and time for records
302
,
304
. Once the RADIUS Accounting information is stored, an administrator may access the information to determine specific information about particular connection that was established with a particular network access server.
However, a drawback with storing the RADIUS Accounting information in a file, as depicted in Table 1, is that interpreting the significance of the data can be both difficult and extremely time consuming. Thus, to aid in the interpretation of the data, a mechanism may generate a report that summarizes or interprets certain information about the connections. For example, a report may indicate the number of times a particular port was used by each of the network access servers. Alternatively, a report may indicate the connection speed used for a particular connection. In another alternative, a report indicates the total number of connections that were established with the group of network access servers for a particular day.
However, a drawback with generating such reports is that different information may be important to different network administrators. For example, a particular administrator may require a report that depicts the number of connections that were established with a particular network access server, while a different administrator may require a report that depicts the connection speed that was established for each connection.
In addition, different administrators may require that the information be displayed in different formats. For example, one administrator may require that a report be generated that depicts the number of connections that were established with a network access server on a week-by-week basis. Alternatively, another administrator may require that a report be generated that depicts the number of connections that were established with a network access server on an hour-by-hour basis. Thus, each administrator may require that different types of reports be generated.
As a result, in past approaches, generating such different reports has required custom, hard-coded software that must be modified whenever a new report is created. In addition, if an administrator later determines that a new report type is required, additional software will typically be required to produce the new report type. The software that generates a particular report is typically fixed and must undergo frequent revision as the administrator requests new capabilities. Based on the foregoing, there is a clear need for a mechanism that can produce reports that contain accounting information that is desired by a particular individual.
There is also a need for a mechanism that can produce reports that contain information in the particular format that is desired by the individual.
Requests for new reports may cause projects to have larger than normal maintenance efforts. Further, requests for new reports typically are handled by the vendor of the network equipment or the vendor of the AAA server software. If the vendor has insufficient engineering resources available, further delay is caused until an engineer becomes available. Thus, there is a need for a mechanism whereby a third party, such as a customer or a value-added reseller (VAR) of the vendor's equipment or software, can create reports or modify existing reports.
SUMMARY OF THE INVENTION
The foregoing needs, and other needs and objects that will become apparent from the following description, are achieved in the present invention, which comprises, in one aspect, a method of generating a report that describes performance characteristics of a computer network based on RADIUS accounting information that is produced by the network in operation, comprising the steps of creating and storing archive data comprising a selected portion of the RADIUS accounting information; creating and storing configuration information that defines the report and comprises a report type identifier that is associated with one or more RADIUS attributes that identify data values in the archive data and that is associated with a generic report type; and one or more attribute values that specify bounds of r
Clark Glenwood Ray
Hartmann Charles L.
Cisco Technology Inc.
Corrielus Jean M.
Hickman Palermo & Truong & Becker LLP
LandOfFree
Method and apparatus for generating user-specified reports... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and apparatus for generating user-specified reports..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and apparatus for generating user-specified reports... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2853207