Electrical computers and digital processing systems: support – Multiple computer communication using cryptography – Protection at a particular protocol layer
Reexamination Certificate
1998-08-28
2002-03-26
Wright, Norman M. (Department: 2131)
Electrical computers and digital processing systems: support
Multiple computer communication using cryptography
Protection at a particular protocol layer
C713S152000, C713S153000, C713S152000, C709S223000, C709S224000
Reexamination Certificate
active
06363477
ABSTRACT:
TECHNICAL FIELD
The present invention relates to the field of computer system communication networks. In particular, the present invention pertains to network monitoring and management.
BACKGROUND ART
Computer systems linked to each other in a communication network are commonly used in businesses and like organizations. Computer system communication networks (“networks”) are growing in size—as measured by the number of applications and the number of users they support—due to improvements in network reliability and the recognition of associated benefits such as increased productivity.
As the size of networks increases and as organizations become more reliant on such networks, the importance of effective network management tools also grows. In response to the need for standardization of such tools, primarily to control costs but also because components in a network are likely to originate from many different vendors, the Simple Network Management Protocol (SNMP) was developed and widely adopted. Since implementation of SNMP, a supplement to SNMP known as Remote Network Monitoring (RMON) has been issued, and RMON has been subsequently extended with an addition known as RMON2. RMON and RMON2 provide SNMP with the capability for remote network monitoring; that is, a network manager is able to monitor network performance from a central computer system that has access to other components on the network, referred to as RMON probes, that monitor local areas of the network.
SNMP, RMON and RMON2 thus are network management software tools that provide a set of standards for network management and control, including a standard protocol, a specification for database structure, and a set of data objects. SNMP, RMON and RMON2 are implemented in a network through management information bases (MIBs) which contain instructions specifying the data that are to be collected, how the data are to be identified, and other information pertinent to the purpose of network monitoring. The MIBs are implemented through the RMON probes to monitor the local areas of the network.
Network managers use the SNMP, RMON and RMON2 standards to collect information regarding the performance of the network. By collecting information about network performance and analyzing it, the network manager is able to recognize situations indicating that either a problem is present or impending.
For example, the network manager (or any of the network users, for that matter) may be interested in obtaining performance statistics such as the average and worst-case performance times and the reliability of the network for a particular network application. Such applications generally describe a transaction between a user that is accessing the network through a client computer system and a server computer system that responds to the client computer system with the requested information. Network managers need performance statistics to help them manage and maintain the network and to plan for network improvements. For example, performance statistics can be used to recognize bottlenecks in the network before they cause problems so that corrective action can be taken. If the performance statistics indicate a growing load in one area of the network, network traffic (in the form of data packets that travel through the network's communication equipment) can be routed along a different path. Statistics accumulated over a longer period of time can be used to help decide whether it is necessary to expand particular areas of the network.
Performance statistics are also necessary for businesses and the like to determine whether the network support provided by a vendor of network management services is satisfactory or not. Many businesses contract with vendors for network management services. Such contracts are typically implemented with service level agreements (SLAs) which specify metrics against which the provider of the network management services is measured. These metrics are used to quantify standards of performance that allow businesses to assess not only the performance of the network but also the performance of the network management services provider. SLAs generally include a provision specifying metrics for performance time for critical network applications, where performance time, for example, is considered to be the amount of time between the time a user submits a request via the network and the time until the response to that request is received by the user. An effective network management tool should therefore provide a means for monitoring the network and gathering performance statistics for comparison against the requirements contained in the SLAs. However, as will be seen in the discussion below, the network management tools in the prior art do not provide a ready means of demonstrating compliance with SLAs.
Prior art network management tools have trouble aiding the network manager in determining whether a problem within the network is associated with the network or with the system hardware supporting the network, so that the network manager can identify and implement the appropriate corrective action. For example, if a user places a request for a particular network application to a server computer and a response is not received, the prior art network management tools do not generally identify whether the problem is occurring because of a bottleneck in the network or because the server is not functioning. Therefore, as will be seen in the discussion to follow, the network management tools in the prior art do not provide a ready means of monitoring performance of the entire network so that problems can be quickly detected.
With reference to
FIG. 1
, a prior art method used for network monitoring is illustrated for a simplified network
100
. Network
100
is typically comprised of a plurality of client computer systems
110
a,
110
b
and
110
c
networked with a number of different servers
130
a,
130
b
and
130
c.
For this discussion, the focus is on client computer system
110
c
connected via communication lines
120
and
122
to server computer system
130
c.
Data packets (not shown) from client computer system
110
c
travel to server computer system
130
c
and back on either of communication lines
120
and
122
, depending on the amount of traffic present on those lines due to simultaneous communications between client computer systems
110
a
and
110
b
and server computer systems
130
a,
130
b
and
130
c.
The request data packets issued from client computer system
110
c
contain data that specify the address of client computer system
110
c
and the address of destination server computer system
130
c,
as well as other data pertinent to the network application being used, such as data defining the request being made. The response data packets issued from server computer system
130
c
also contain the sender and destination address as well as other data needed to respond to the request.
With reference still to
FIG. 1
, coupled into communication lines
120
and
122
are other communications equipment such as switches
124
and
125
and routers
126
and
127
. Also on communication lines
120
and
122
are RMON probes
140
and
142
(the term “RMON” refers to both RMON and RMON2). An RMON probe typically operates in a promiscuous mode, observing every data packet that passes only through the communication line to which it is coupled.
RMON MIBs provide the capability to define filters that can be used to limit the number of data packets observed by an RMON probe that are to be captured or counted. Filters are specified using known RMON MIBs and are based on the type of data packet or other packet characteristics associated with the data contained within the data packet. Filters permit the RMON probe to screen observed data packets on the basis of recognition characteristics specified by the filter. Data packets are captured or counted by the RMON probe on the basis of a match (or a failure to match) with the specified recognition characteristics. Filters can be combined using logical “and” and “or” o
Fletcher Richard A.
Lin Carl
3COM Corporation
Song Ho S.
Wagner , Murabito & Hao LLP
Wright Norman M.
LandOfFree
Method for analyzing network application flows in an... does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method for analyzing network application flows in an..., we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method for analyzing network application flows in an... will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2825827