Multiplex communications – Communication techniques for information carried in plural... – Adaptive
Reexamination Certificate
2005-09-13
2005-09-13
Cangialosi, Salvatore (Department: 3621)
Multiplex communications
Communication techniques for information carried in plural...
Adaptive
C709S223000, C709S225000
Reexamination Certificate
active
06944183
ABSTRACT:
A unified policy management system for an organization including a central policy server and remotely situated policy enforcers. A central database and policy enforcer databases storing policy settings are configured as LDAP databases adhering to a hierarchical object oriented structure. Such structure allows the policy settings to be defined in an intuitive and extensible fashion. Changes in the policy settings made at the central policy server are automatically transferred to the policy enforcers for updating their respective databases. Each policy enforcer collects and transmits health and status information in a predefined log format and transmits it to the policy server for efficient monitoring by the policy server. For further efficiencies, the policy enforcement functionalities of the policy enforcers are effectively partitioned so as to be readily implemented in hardware. The system also provides for dynamically routed VPNs where VPN membership lists are automatically created and shared with the member policy enforcers. Updates to such membership lists are also automatically transferred to remote VPN clients. The system further provides for fine grain access control of the traffic in the VPN by allowing definition of firewall rules within the VPN. In addition, policy server and policy enforcers may be configured for high availability by maintaining a backup unit in addition to a primary unit. The backup unit becomes active upon failure of the primary unit.
REFERENCES:
patent: 5029206 (1991-07-01), Marino, Jr. et al.
patent: 5448724 (1995-09-01), Hayashi
patent: 5579222 (1996-11-01), Bains et al.
patent: 5677905 (1997-10-01), Bigham et al.
patent: 5758083 (1998-05-01), Singh et al.
patent: 5835481 (1998-11-01), Akyol et al.
patent: 5872779 (1999-02-01), Vaudreuil
patent: 5884325 (1999-03-01), Bauer et al.
patent: 5951639 (1999-09-01), MacInnis
patent: 5987376 (1999-11-01), Olson et al.
patent: 5987508 (1999-11-01), Agraharam et al.
patent: 5991771 (1999-11-01), Falls et al.
patent: 6047322 (2000-04-01), Vaid et al.
patent: 6070243 (2000-05-01), See et al.
patent: 6073175 (2000-06-01), Tavs et al.
patent: 6088451 (2000-07-01), He et al.
patent: 6101541 (2000-08-01), Ellesson et al.
patent: 6104700 (2000-08-01), Haddock et al.
patent: 6128296 (2000-10-01), Daruwalla et al.
patent: 6141686 (2000-10-01), Jackowski et al.
patent: 6148336 (2000-11-01), Thomas et al.
patent: 6148410 (2000-11-01), Baskey et al.
patent: 6157955 (2000-12-01), Narad et al.
patent: 6158010 (2000-12-01), Moriconi et al.
patent: 6167445 (2000-12-01), Gai et al.
patent: 6170009 (2001-01-01), Mandal et al.
patent: 6210272 (2001-04-01), Brown
patent: 6243749 (2001-06-01), Sitaraman et al.
patent: 6272648 (2001-08-01), Findlay et al.
patent: 6286052 (2001-09-01), McCloghrie et al.
patent: 6311205 (2001-10-01), Dutcher et al.
patent: 6363498 (2002-03-01), Howell
patent: 6374295 (2002-04-01), Farrow et al.
patent: 6408399 (2002-06-01), Baughman
patent: 6430710 (2002-08-01), Moriyama et al.
patent: 6442713 (2002-08-01), Block et al.
patent: 6449650 (2002-09-01), Westfall et al.
patent: 6466941 (2002-10-01), Rowe et al.
patent: 6487594 (2002-11-01), Bahlmann
patent: 6502131 (2002-12-01), Vaid et al.
patent: 6516314 (2003-02-01), Birkler et al.
patent: 6523064 (2003-02-01), Akatsu et al.
patent: 6529499 (2003-03-01), Doshi et al.
patent: 6549902 (2003-04-01), Iwai
patent: 6584454 (2003-06-01), Hummel, Jr. et al.
patent: 6587466 (2003-07-01), Bhattacharya et al.
patent: 2003/0115346 (2003-06-01), McHenry et al.
patent: 0 909 074 (1999-04-01), None
patent: 0909074 (1999-04-01), None
patent: 1 026 867 (2000-08-01), None
patent: WO 95/29544 (1995-11-01), None
patent: WO 9529544 (1995-11-01), None
patent: WO 9828880 (1998-07-01), None
patent: WO 98/28880 (1998-07-01), None
PCT Search Report for PCT corresponding application, Application No. PCT/US00/16246, including two cited articles.
Pohlmann, N., “Sichere It-Loesungen,” Net—Zeitschrift Fuer Kommunikationsmanagement, Huthig Verlag, Heilderberg, DE, vol. 51, No. 08/09, 1997, pp. 34-37, XP000720702.
Sun, N., “Internal Firewalls Can Protect Subnetworks from Unauthorized Access,” Computer Technology Review, Westworld Production Co.: Los Angeles, vol. 17, No. 6, Jun. 1, 1997, pp. 14, 16, 18, XP000740492.
Common Information Model(CIM)Specification; Specification; Version 2.2; Distributed Management Task Force, Inc.; Jun. 14, 1999; pp-1-97.
Directory-enabled Networks, Information Model and Base Schema; Version 3.0c5; pp. 1-113 (1999).
DMTF LDAP Schema for the CIM ν2.4 Core Information Model ν1.0, May 6, 2002; DMTF Specification, DSP0117; Distributed Management Task Force, Inc. (DMTF) 2000; pp. 1-55.
Dynamic Host Configuration Protocol(DHCP)Service; Version 0.0-1; Feb. 18, 1998; 7 pp.
Network Services—Internet Protocol Security; Version 0.0-2; Feb. 17, 1998; 7 pp.
Signaled Quality of Service; Version0.0-14; Jan. 12, 1998; 6 pp.
Simple Network Management Protocol; posted Feb. 20, 2002; pp. 1-10.
Biswas, Debasish;Application Class of Service Schemata; Berkeley Networks Inc.; Feb. 19, 1998; pp. 1-7.
Case, J. et al.;Introduction to Version 3 of the Internet-standard Network Management FrameworkNetwork Working Group, Request for Comments: 2570; Apr. 1999; 20 pp.
Case, J. et al.;A Simple Network Management Protocol(SNMP); Network Working Group, Request for Comments: 1157; May 1990; 32 pp.
Chaudhury, R. et al.;Directory Schema for Service Level Administration of Differentiated Services and Integrated Services in Networks; pp. 1-17.
Moore, B. et al.;Information Model for Describing Network Device QoS Datapath Mechanisms; Policy Framework Working Group; Internet-Draft; Category: Standards Track; Feb., 2002; pp. 1-90.
Moore, B. et al.;Policy Core Information Model—Version 1 Specificiation; Network Working Group; Request for Comments; 3060; Feb. 2001; pp. 1-100.
Rajan, R. et al.;A Simple Framework and Architecture for Networking Policy draft-rajan-policy-framework-00.txt; Internet Engineering Task Force; Internet Draft; May 23, 1999; 27 pp.
Rajan, R.;Networking Policy Condition Information Model; Internet Engineering Task Force; Internet Draft; Apr. 5, 1999; pp. 1-17.
Rajan, R.;Policy Action Classes for Differentiated Services and Integrated Services; Internet Engineering Task Force; Apr. 5, 1999; pp. 1-23.
Snir, Y. et al.;Policy QoS Information Model; Policy Framework Working Group; Nov. 2001; pp. 1-69.
“Policy-Based Networking: Working Hand In Hand with DEN,” From the Internet, Archives ENTmag.com, Nov. 1988, Retrieved from Internet: <URL: http://www.entmag.com/archives/print.asp?EditorialsID=4305>, Retrieved on Aug. 20, 2003.
Nomura, Yuji; Chugo, Akira; Adachi,Motomitsu; Toriumi, Masahito; “A Policy-Based Networking Architecture for Enterprise Networks,” 1999, pp. 636-640, IEEE.
Blight, David C. and Hamada, Takeo, “Policy-Based Networking Architecture for QoS Internetworking in IP Management—Scalable Architecture for Large-Scale Enterprise-Public Interoperation,” Integrated Network Management, Distributed Management for the Networked Millennium, Proceedings of the Sixth IFIP/IEEE International Symposium on Boston, MA., USA, May 24-28, 1999, pp. 813-826, IEEE, Piscataway, NJ., USA.
“Today's Policy Management Scenarios,” 1998, Derminisitic.com.
Apostolopoulos, T.K., Daskalou, V.C., Katsikas, S.K., and Moulinos, K.D., “Enforcing Security Policies in Large Scale Communication Networks,” Reliable Distributed Systems Proceedings, Seventeenth IEEE Symposium on West Lafayette, IN., USA, Oct. 20-23, 1998, pp. 393-397, IEEE Comput. Soc, Los Alamitos, CA., USA.
Marriot, Damian and Sloman, Morris, “Management Policy Service for Distributed Systems,” Services in Distributed and Networked Environments, Proceedings of Third International Workshop on Macau, Jun. 3-4, 1996, pp. 2-9, IEEE Comput. Soc, Los Alamitos, CA., USA.
“Cisco Secure Policy Manager,” Internet Article, Online, May 8, 1999, pp. 1-4, Retrieved from the
Apsani Lavanya
Iyer Mahadevan
Malviya Pankaj
Alcatel
Cangialosi Salvatore
Hoersten Craig A.
Sewell V. Lawrence
LandOfFree
Object model for network policy management does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Object model for network policy management, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Object model for network policy management will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-3367330