JP2009003547A - Equipment monitoring device - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an equipment monitoring server for grasping application use states of computers forming a network. <P>SOLUTION: An equipment monitor server 13 is provided with an application use history information collection means connected to a network 10 formed of a plurality of mutually linked client computers 11 or a computer 12 for management for time-sequentially collecting the use history information of an available application in those computers 11 and 12; an application use history information output means for outputting collected use history information; and an available application alternation means for adding, changing and erasing an available application. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a device monitoring apparatus that monitors network components forming a network in time series.

  There is a network security system in which a network user detects an unauthorized intruder into a server via the Internet, notifies the Internet service provider of this, and reversely detects an unauthorized intruder in cooperation with the service provider (patent) Reference 1). This system identifies a monitoring terminal that detects and notifies unauthorized access using the Internet, and identifies the access source of the unauthorized access detected in response to the notification from the monitoring terminal. And a center terminal for notifying users.

The monitoring terminal is connected to a computer system owned by a network user, and the center terminal is connected to a computer system owned by an Internet service provider. The monitoring terminal stores a log of access to the server on the user side connected to the Internet, analyzes the log to detect unauthorized access to the server on the user side, and detects unauthorized access along with the stored log. Notify the center terminal. The center terminal identifies the unauthorized access server from the notified log information, and notifies the user monitoring terminal of the access source server information.
JP 2005-128919 A

  In the network security system disclosed in Patent Document 1, it is not necessary for a network user to specify an access source server for unauthorized access, and the labor and labor of the user are reduced accordingly. However, with this network security system, it is impossible to grasp the usage status of the applications of the network components that form the network, so even if network users bring various applications on their own and use them, Cannot be grasped, and unlimited use of applications in the component devices cannot be regulated. In addition, since this system cannot grasp the installation status and uninstallation status of the application in the component device, it cannot regulate the unnecessary application installation action by the network user. Unauthorized uninstall behavior cannot be regulated.

  An object of the present invention is to provide a device monitoring apparatus that can grasp the application usage status, installation status, and uninstallation status of network configuration devices forming a network.

  The premise of the present invention for solving the above-mentioned problem is a device monitoring apparatus that is connected to a network formed by a plurality of network component devices linked to each other and monitors these network component devices in time series.

  The feature of the present invention based on the above premise is that the device monitoring apparatus collects application history information of usable applications in network configuration devices in time series, and application usage history that outputs the collected usage history information The present invention has an information output unit and a usable application modification unit that adds, changes, and deletes a usable application.

  As an example of the present invention, the usage history information includes the name of the network component device using the application, the user name of the network component device using the application, the number of operation times of the application, the name of the application used, the name of the operation window of the application used, The application use start date and time, the application use end date and time, and the application use time.

  As another example of the present invention, the device monitoring apparatus includes: an application access history information collecting unit that collects access history information to an unusable application in a network component device in time series; and an application access history that outputs the collected access history information Information output means, and unusable application modification means for adding, changing, and deleting unusable applications.

  As another example of the present invention, the access history information includes the name of the network component device that has accessed the application, the user name of the network component device that has accessed the application, the number of accesses to the application, the name of the accessed application, and the date and time of access to the application It is.

  As another example of the present invention, the device monitoring apparatus executes the usable application modification unit and the unusable application modification unit for each network configuration device.

  As another example of the present invention, the device monitoring apparatus includes an installation information collection unit that collects installation information in a time series when an application is installed in a network component device, and an installation information output unit that outputs the collected installation information. , An uninstall information collection means for collecting time-series uninstall information when an application is uninstalled from a network component device, and an uninstall information output means for outputting the collected uninstall information. , The name of the network component that installed the application, the name of the installed application, the installation date and time, and the uninstall information is the name of the network component that uninstalled the application Uninstall the application names, it is uninstall date and time.

  As another example of the present invention, the device monitoring apparatus includes an installed application content output unit that outputs the content of an application installed in a network component device, and an uninstall application that outputs the content of an application uninstalled from the network component device. Content output means.

  As another example of the present invention, the device monitoring apparatus includes an external usage information collection unit that collects external usage information in a time series when network configuration devices are used in an external environment other than the network formed by the configuration devices, External usage information output means for outputting external specification information, specified overtime usage information collection means for collecting overtime specified usage information when network components are used outside the specified time, and the specified specified time collected The device includes an external usage information output means for outputting the external usage information. The external usage information includes the name of the externally used network component device, the user name of the externally used network component device, the external usage count, and the external usage information. Application name used for external use, operation window name of application used for external use, external use start date and time, external use End date and time, external usage time, and usage information after specified time is the name of the network device that was used outside the specified time, the user name of the network device that was used outside the specified time, the number of overtime usage, and the overtime usage The application name used at the time of operation, the operation window name of the application used at the time of overtime use, the start date / time of overtime use, the end date / time of overtime use, and the overtime use time.

  As another example of the present invention, the device monitoring apparatus includes a take-out action information collecting unit that collects take-out action information in a time series when data forbidden to be taken out is to be taken out from a network component device, and collected take-out action information Take-out action information output means, print action information collection means for collecting print action information in a time series when printing prohibited data is to be printed from network configuration devices, and output the collected print action information Print action information output means, and the take-out action information is the name of the network component device that the take-out action was taken out, the number of take-out actions, the date and time of the take-out action, the contents of the take-out operation, and the name of the data to be taken out. The information is the name of the network device on which the printing action was performed, Lint act number, print action date and time, document name you try to print, print action is a printer name that was done.

  As another example of the present invention, the device monitoring apparatus includes: an e-mail transmission information collecting unit that collects e-mail transmission information in a time series when an e-mail is transmitted from a network configuration device; and the collected e-mail transmission information E-mail transmission information output means for outputting, the e-mail transmission information includes the name of the network component device that transmitted the e-mail, the e-mail transmission count, the user name of the network component device that transmitted the e-mail, and the e-mail transmission date and time , The e-mail destination address, and the subject of the sent e-mail.

  As another example of the present invention, the device monitoring apparatus outputs a Web site access information collecting means for collecting Web site access information in a time series when a network component device accesses the Web site, and outputs the collected Web site access information Web site access information output means, external network access information collection means for collecting external network access information when network components access the external network in time series, and external network access for outputting the collected external network access information Information output means, and the website access information is the name of the network component device that accessed the website, the number of website accesses, the website access date and time, the website address, and the connection time to the website. , External network access information, network component device name to access the external network, the external network access number, which is an external network access time, an external network address, connection time to an external network.

  According to the device monitoring apparatus according to the present invention, the usage history information of the usable applications in the network configuration device is collected in time series, so that the network administrator grasps the application usage status in the network configuration device via the device monitoring device. It is possible to monitor the use of the application in the network component device and to regulate the unlimited use of the application. Since this device monitoring device can freely change the available application as needed, it can add a newly available application and allow the network component device to use the application, An application that has become unusable can be changed from a usable application to an unusable application, and use of the application can be prohibited for network configuration devices. Furthermore, unnecessary applications can be deleted from the available applications to organize the available applications.

  The usage history information is the name of the component device that used the application, the user name of the component device that used the application, the number of application operations, the application name used, the operation window name of the application used, the application start date and time, and the application end The device monitoring device, which is the date and time of application usage, allows the network administrator to use the usage history information to grasp in detail the usage status of the application in the network configuration device. Can be reliably monitored.

  Application access history information collection means for collecting access history information to unusable applications in network components in time series, application access history information output means for outputting collected access history information, and addition / change of unavailable applications, Since the device monitoring apparatus having the unusable application modifying means for deleting collects access history information to the unusable applications of the network constituent devices in time series, the network administrator can connect the network constituent equipment via the equipment monitoring device. It is possible to grasp the access status of unusable applications in the network, to monitor the access status of unusable applications in network components, and to deal with unusable applications. It is possible to suppress that access act. Since this device monitoring device can freely change an unusable application as necessary, for the time being, when an application that is not used is added as an unusable application and it becomes necessary to use the application, The application can be changed from an unusable application to a usable application, and the network component device can be permitted to use the application. Further, unnecessary applications can be deleted from the unavailable applications to organize the unavailable applications.

  The device administrator whose access history information is the name of the component device that accessed the application, the user name of the component device that accessed the application, the number of access to the application, the name of the accessed application, and the access date and time of the application is By using the access history information, it is possible to grasp in detail the status of access to an unusable application in a network constituent device, and it is possible to reliably monitor the use of the unusable application in a network constituent device.

  The device monitoring device that executes the usable application modifying means and the unusable application modifying means for each network component device can freely modify the usable application or the unusable application according to each network component device. The use of the permitted application can be permitted in a specific network component device, and the use of the disabled application can be prohibited in the specific network component device. This device monitoring device can specify a specific network component device, change it from an unusable application to a usable application, permit only the specific network component device to use the application, It is possible to specify and change from a usable application to a non-usable application, and prohibit the use of the application only in a specific network component device.

  An apparatus monitoring apparatus comprising: installation information collecting means for collecting application installation information to network constituent devices in time series; and uninstall information collecting means for collecting application uninstall information from network constituent equipment in time series. Since the network administrator can grasp the installation and uninstallation status of applications via the device monitoring device, it can regulate unnecessary application installation actions by network users, and Unauthorized uninstallation can be regulated. This device monitoring device outputs the name of the component that installed the application, the name of the installed application, and the installation date as installation information, and the name of the component that uninstalled the application, the name of the uninstalled application, and the date of uninstallation as the uninstall information The administrator can use the installation information and uninstallation information to understand the details of application installation and uninstallation for each network component device. Can be reliably monitored, and the uninstalling action of the application can be reliably monitored for each network component device.

  An apparatus monitoring apparatus having an installed application content output means for outputting the contents of an application installed on a network constituent device and an uninstall application content output means for outputting the content of an application uninstalled from the network constituent device is installed. Even if the contents of the installed applications and the contents of the uninstalled applications are unknown, the contents of those applications are output so that the administrator can know the contents of those applications, and installation is not necessary from the contents of the applications. And whether or not uninstallation is necessary. The device monitoring apparatus can surely regulate an unnecessary application installation action by a network user, and can surely regulate an unauthorized application uninstallation action by a network user.

  External usage information collection means for collecting external usage information when network components are used in an external environment in time series, and overtime usage information when network components are used outside specified times, in time series Since the device monitoring apparatus having the usage information collection means for outside the designated time can grasp the usage status of the network constituent equipment outside the network, and can grasp the usage status of the network constituent equipment outside the designated time. In addition, it is possible to identify a network component device that has been used externally or after a specified period of time, and it is possible to regulate unauthorized actions such as unauthorized removal, falsification, and destruction of important data and confidential data by network users. This device monitoring device is used as external use information as the name of the component device used externally, the user name of the component device used externally, the number of times of external use, the name of the application used during external use, and the name of external use. Output the operation window name, external use start date / time, external use end date / time, and external use time of the selected application, and the name of the component device that was used outside the specified time and the user of the component device that was used outside the specified time Name, number of overtime use, application name used in overtime use, operation window name of application used in overtime use, overtime start date / time, overtime end date / time, overtime use time Because the administrator uses the external usage information and overtime usage information, the administrator can display the details of external usage and overtime usage. Rukoto can, external use and a specified time out the network configuration device by a user of the network can be reliably monitored. This device monitoring device allows the network administrator to accurately grasp the distribution route of various information, the outflow route of various information, the inflow route of various information using external usage information and overtime usage information, Since a fraudulent act by a network user can be restricted, a safe network can be reliably constructed.

  Take-out action information collection means that collects take-out action information in a time series when attempting to take data prohibited from being taken out from a network component device, and printing when attempting to print data prohibited from being printed from a network component device A device monitoring apparatus having a printing action information collecting unit that collects action information in a time series can grasp a network component device in which data is taken out, and a network component device in which data is printed Therefore, unauthorized actions such as unauthorized removal, falsification, and destruction of important data and confidential data by network users can be regulated. This device monitoring device outputs the name of the component that was taken out, the number of times it was taken out, the date and time of the takeout, the contents of the takeout operation, and the name of the data that was about to be taken out. Output component name, number of times of printing, date and time of printing, name of document to be printed, and name of printer where printing was performed. The details of the take-out action and the details of the print action can be known, and the data take-out and data print by the network user can be reliably monitored. This device monitoring device allows network managers to accurately identify illegal data takeouts and illegal printouts of various data using information on takeouts and prints, and suppresses illegal acts by network users Therefore, a secure network can be reliably established.

  A device monitoring apparatus having an e-mail transmission information collecting unit that collects e-mail transmission information in a time series when an e-mail is transmitted from a network component device can grasp an e-mail transmission status in the network component device Therefore, unauthorized transmission and unauthorized transmission of important data and confidential data by a network user can be restricted. This device monitoring device includes the name of the component device that sent the e-mail as e-mail information, the number of times of e-mail transmission, the user name of the component device that sent the e-mail, the e-mail transmission date and time, the e-mail destination address, and the e-mail subject Therefore, the administrator can know the details of the transmitted e-mail by using the e-mail information, and can reliably monitor the e-mail transmission by the user of the network. This device monitoring apparatus is a secure network because the network administrator can accurately grasp the unauthorized transmission of various information by using the email transmission information, and can suppress unauthorized acts by the network users. Can be built reliably.

  Website access information collection means for collecting website access information when a network component device accesses the website in time series, and external network access information when a network component device accesses an external network is collected in time series The device monitoring apparatus having the external network access information collecting means can grasp the access status to the Web site in the network component device and the access status to the external network in the network component device. Unauthorized acts such as unauthorized access to the site and unauthorized access to illegal external networks can be regulated. This device monitoring device outputs the name of the component device that accessed the website, the number of times of accessing the website, the website access date and time, the website address, and the connection time to the website as the website access information, and externally as the external network access information. The name of the component that accessed the network, the number of external network accesses, the external network access date and time, the external network address, and the connection time to the external network are output. The administrator must use the website access information and external network access information. Therefore, it is possible to know the details of the access to the website and the access to the external network, and to reliably monitor the access to the website and the access to the external network by the network user. It can be. This device monitoring apparatus is safe because the network administrator can accurately grasp unauthorized access using website access information and external network access information, and can suppress unauthorized actions by network users. A reliable network can be established.

  The details of the device monitoring apparatus according to the present invention will be described with reference to the accompanying drawings. FIG. 1 is a configuration diagram of a local area network 10 (network) shown as an example. The network 10 includes a plurality of client computers 11 (network constituent devices), a management computer 12 (network constituent devices) managed and stored by an administrator of the network 10, a device monitoring server 13 (device monitoring device), and business management. The server 14 and the hub 15 are formed. In the network 10, the device monitoring server 13 monitors the operation status of the client computer 11 and the management computer 12 logged into the network 10 in a time series and in an endless manner.

  The network 10 is not shown, but a DNS server for setting a correspondence between a host name and an IP address assigned to the host name, a Web server necessary for publishing a home page, and other client computers A database server that provides a function to read and write various data by accepting requests from other servers, a mail server for sending and receiving e-mails, and storing all data such as created texts and images and searching for those data A server group such as a document server to be enabled is connected. The device monitoring server 13 can be used not only for the local area network 10 but also for a wide area network. The device monitoring server 13 can cope with all existing network connection methods such as a bus network, a star network, a peer-to-peer network, and a ring network.

  As the client computer 11, a desktop type or a notebook type is used. A display 16, a keyboard 17, and a mouse 18 are connected to the desktop computer 11 via an interface (wired or wireless). Although not shown, a printer, a scanner, and an external hard disk are connected to the client computer 11 and the management computer 12 via an interface. Existing removable disks such as memory sticks, IC recorders, PDAs and mobile phones can be detachably connected to the computers 11 and 12, and various data are exchanged between the computers 11 and 12 and these removable disks. be able to.

  The device monitoring server 13 and the business management server 14 are computers having a central processing unit and a memory, and are equipped with a large-capacity hard disk. The device monitoring server 13 executes the means described later in the source program (device monitoring server 13, client computer 11, management computer 12, and business management server 14) stored in the instruction file in the memory based on control by the operating system. Agent application) to execute the following means according to the program. The source program is also installed in the client computer 11, the management computer 12, and the business management server 14. The business management server 14 is in charge of management of applications installed on the client computer 11 and the management computer 12, management of applications uninstalled from the computers 11 and 12, schedule management of the computers 11 and 12, power management of the network 10, and the like. .

  The computers 11 and 12 and the servers 13 and 14 forming the network 10 are connected to each other by a high-speed broadband line 19 with a hub 15 interposed therebetween. The client computer 11, the management computer 12, the device monitoring server 13, and the business management server 14 can be connected to the Internet 20 and have an e-mail transmission / reception function. In addition, the client computer 11, the management computer 12, the device monitoring server 13, and the business management server 14 can access a predetermined Web site (not shown) and log in to the predetermined Web site (see FIG. (Not shown) and log in to the network. The data transmission / reception method of the network 10 is a client / server model in which a client and a server communicate with each other, but a peer-to-peer model in which clients communicate with each other without using a server can also be adopted.

  FIG. 2 is a diagram illustrating an example of an authentication procedure display screen displayed on the display 22 of the management computer 12. The device monitoring server 13 authenticates the computer 12 when the management computer 12 is activated (authentication execution means). In the authentication, the computer 12 is logged in to the network 10, and it is determined whether or not the network 12 is allowed to manage the network 10 in the network 10. In other words, it is confirmed whether or not the computer to log in to the network 10 is the management computer 12. Although the authentication method performed by the device monitoring server 13 is password authentication, fingerprint authentication, voiceprint authentication, retina authentication, and IC card authentication can be performed in addition to password authentication. As the password authentication, a one-time password can be adopted. When the computer 12 is activated, the display 22 displays a user name input area 23 and a password input area 24, as shown in FIG. The administrator of the network 10 inputs a user name and a password in the input areas 23 and 24. The device monitoring server 13 compares the input user name and password with those stored in the memory, and determines whether the user name and password are correct. If the user name and password are correct and the authentication result is acceptable, the device monitoring server 13 logs the computer 12 into the network 10. If the user name or password is incorrect and the authentication result is not possible, the device monitoring server 13 prohibits the computer 12 from logging in to the network 10 and causes the display 22 to display a login disabling message.

  FIG. 3 is a diagram illustrating an example of computer facility information, and FIG. 4 is a diagram illustrating an example of an application list. 3 and 4, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 stores link information while managing link information among the client computer 11, the management computer 12, and the business management server 14 (link information management means). The link information includes hardware data forming the network 10, hardware network topology data, hard disk data of the computers 11 and 12, application data installed in the computers 11 and 12, and the like. The link information is stored in the hard disk of the device monitoring server 13 together with the link information confirmation date and time. When the hardware, network topology, hard disk or the like is changed, the link information stored in the hard disk of the device monitoring server 13 is rewritten, and the latest information after the change and the rewrite date and time are stored. However, the link information before being rewritten is stored in the hard disk without being erased.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then selects computer facility information from a report item on a report display screen (not shown) displayed on the display of the computer 12 To do. When the computer facility information is selected, the computer facility information is displayed on the display 22 as shown in FIG. In FIG. 3, as computer facility information, a computer name is displayed in a computer name display area 25, an OS version is displayed in an OS version display area 26, a memory capacity is displayed in a memory capacity display area 27, a CPU is displayed in a CPU display area 28, and a CPU is displayed in a CPU speed display area 29. A hard disk (free capacity / total capacity) is displayed in the CPU speed and hard disk display area 30.

  When an application list is selected from the report items displayed on the display 22 and the computers 11 and 12 are designated, a list of applications installed on the computers 11 and 12 is displayed on the display 22 as shown in FIG. Is done. In FIG. 4, as a list of applications, a computer name is displayed in the computer name display area 31 and an application is displayed in the application display area 32. By using the link information, the administrator of the network 10 can grasp the hardware configuration that forms the network 10, the devices that form the network 10, installed applications, and the like, and manages the operating system and hard disk Can be easily performed.

  FIGS. 5 and 6 are diagrams showing an example of application usage history information, and show weekly application usage history of the client computer 11 and the management computer 12. In FIGS. 5 and 6, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the application usage status of the client computer 11 and the management computer 12 logged into the network 10 in a time-series and endless manner. When the computers 11 and 12 use the usable application, the device monitoring server 13 collects usage history information of the application in time series, and stores the collected usage history information on the hard disk (application usage history information collecting means). . When the client computer 11 or the management computer 12 starts an available application installed therein and the computers 11 and 12 use the application, usage history information of the application is output from the computers 11 and 12 to the device monitoring server 13. The The device monitoring server 13 stores the usage history information output from the computers 11 and 12 on the hard disk. When there is a use history information output request from the management computer 12, the device monitoring server 13 displays the use history information stored in the hard disk on the display 22 of the management computer 12, and the use history information is connected to the computer 12. Output from the printer (application usage history information output means). The device monitoring server 13 can output the usage history information by dividing the usage history information into predetermined periods such as daily, weekly, or monthly.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the usage history information is obtained from the report item on the report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When the usage history information is selected and the period is designated, the usage history in the designated period is displayed on the display 22 as shown in FIG. In FIG. 5, as the use history information, the period specified in the period display area 33, the computer name (computer name using the application) in the computer name display area 34, the MAC address in the MAC address display area 35, and the work group / domain display The work group / domain is displayed in the area 36, the initial start time is displayed in the initial start time display area 37, the final end time is displayed in the final end time display area 38, and the operation count of the application is displayed in the operation count display area 39.

  When the computer name displayed in the underlined portion on the screen of FIG. 5 is selected, details of the usage history of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. FIG. 6 shows the details of the usage history as the month and day in the month and day display area 40, the computer name in the computer name display area 41, the workgroup / domain in the workgroup / domain display area 42, and the IP address in the IP address display area 43. The MAC address is displayed in the MAC address display area 44. Further, the power ON / OFF recording display area 45 has a power ON / OFF recording, the user name display area 46 has a user name (user name of the computer 11 or 12 using the application), and a start date / time display area 47 has a start date / time (application date / time). Use start date and time, end date and time display area 48 end date and time (application use end date and time), operation time display area 49 operation time (application use time), application name display area 50 application name (used application name) The operation window name (operation window name of the used application) is displayed in the operation window name display area 51. The administrator can output the usage history shown in FIGS.

  In this network 10, the device monitoring server 13 collects application use history information in the client computer 11 and the management computer 12 in time series, so that an administrator of the network 10 can connect the computers 11 and 12 via the device monitoring server 13. It is possible to grasp the application usage status of the computer 11, monitor the usage of the application in the computers 11 and 12, and regulate the unlimited use of the application.

  7 and 8 are diagrams showing examples of access history information, and show weekly access histories of the client computer 11 and the management computer 12. In FIGS. 7 and 8, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the access status of the client computer 11 and the management computer 12 logged in to the network 10 to the unusable application in time series and endlessly. When the device monitoring server 13 tries to install an unusable application from the business management server 14 to the client computer 11 or the management computer 12, the device monitoring server 13 collects access history information to the unusable application in the computers 11 and 12 in time series. The collected access history information is stored in the hard disk (application access history information collecting means).

  The device monitoring server 13 monitors applications installed on the client computer 11 and the management computer 12 from the business management server 14 and outputs permission or non-permission of application installation to the business management server 14. When the computers 11 and 12 request the application management server 14 to install an application, the application management server 14 inquires the device monitoring server 13 about whether or not the application can be installed. When the application relating to the inquiry is not installable (unusable application), the device monitoring server 13 outputs an installation non-permission to the business management server 14. When the business management server 14 receives the installation disapproval, the business management server 14 outputs access history information of the computers 11 and 12 that requested installation of the unusable application to the device monitoring server 13. The device monitoring server 13 stores the access history information output from the business management server 14 on the hard disk. When there is a request to output access history information from the management computer 13, the device monitoring server 13 displays the access history information stored in the hard disk on the display 22 of the management computer 13 and connects the access history information to the management computer 13. Output from the designated printer (application access history information output means). The device monitoring server 13 can output the access history information by dividing it into predetermined periods such as daily, weekly, and monthly.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the access history information is obtained from the report item on the report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When access history information is selected and a period is designated, access history information for the designated period is displayed on the display 22 as shown in FIG. In FIG. 7, as the access history information, the computer name (computer name that accessed the unusable application) is displayed in the computer name display area 53 and the work group / domain is displayed in the work group / domain display area 54 as the period specified in the period display area 52. In the user name display area 55, the user name (user names of the computers 11 and 12 that have accessed the unusable application) is displayed, and in the access number display area 56, the number of accesses (the number of accesses to the application) is displayed.

  When the computer name displayed in the underlined portion on the screen of FIG. 7 is selected, the details of the access history of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. FIG. 8 shows the details of the access history as the month / day in the month / day display area 57, the computer name in the computer name display area 58, the work group / domain in the work group / domain display area 59, and the IP address in the IP address display area 60. The MAC address is displayed in the MAC address display area 61. Further, a user name is displayed in the user name display area 62, an access date and time (access date and time to an unusable application) is displayed in the access date and time display area 63, and an application name (name of an unusable application that has been accessed) is displayed in the application name display area 64. . The administrator can output the access history shown in FIGS. 7 and 8 from the printer.

  In this network 10, since the device monitoring server 13 collects access history information for the unusable applications of the client computer 11 and the management computer 12 in time series, the administrator of the network 10 can connect the computer 11 via the device monitoring server 13. , 12, the access status of the unusable application in the computers 11, 12 can be monitored, and the access action to the unusable application can be suppressed.

  FIG. 9 is a diagram illustrating an example of a setting screen for adding, changing, and deleting a usable application. In the network 10, the usable application can be added, changed, or deleted via the device monitoring server 13 (usable application modifying means). An example of adding a usable application is as follows. After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the application setting that can be used is set from a report item on a report display screen (not shown) displayed on the display 22 of the computer 12. Select. When the usable application setting is selected, a usable application setting screen shown in FIG. 9 is displayed.

  The administrator inputs the application name in the application name input area 65, inputs the computer name in the computer name input area 66, and identifies the application name and the computers 11 and 12 that use the application. When the administrator clicks the add icon on the screen after inputting them, the input application name and computer name are output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 stores the new application name output from the management computer 12 in the hard disk, and identifies the computers 11 and 12 that use the application (computer name, workgroup / domain, MAC address, IP address). Etc.) on the hard disk. The new application is directly installed on the business management server 14, stored in the server 16, and then downloaded from the business management server 16 to the computers 11 and 12. When the addition of the usable application is completed, the added application name is displayed in the application name display area 67 on the display 22 of the computer 12 as shown in FIG. 9, and the computer name that uses the application is displayed as the computer name. It is displayed in area 68.

  In this network 10, even if it becomes necessary to make all the computers 11, 12 or the specific computers 11, 12 use a new application, the application can be freely added. And it can respond quickly. The device monitoring server 13 determines whether or not the newly available application can be used in the client computer 11 and the management computer 12 and also displays the application usage status of the computers 11 and 12 in a time-series and endless manner. The usage history information in the computers 11 and 12 is collected in time series (application usage history information collecting means).

  An example of changing the usable application is as follows. The administrator of the network 10 performs an authentication procedure to log in the management computer 12 to the network 10, and then selects an available application setting from the report item on the report display screen displayed on the display 22. Next, a check mark is put in the designation area 69 displayed on the usable application setting screen, the usable application to be changed is designated, and the usable application to be changed to the unusable application is specified. When the administrator clicks the change icon on the screen after putting a check mark in the designated area 69, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 changes the application output from the management computer 12 from usable to unusable.

  In addition, when the changed unusable application is applied only to the specific computers 11 and 12, the administrator puts a check mark in the designation area 69, designates the usable application to be changed, and designates the computer in the computer name input area 66. Enter a name. After the input, when the administrator clicks the change icon on the screen, the specified application name and computer name are output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 changes the application output from the management computer 12 from usable to unusable, and stores the identification numbers of the computers 11 and 12 to which the application is applied in the hard disk.

  In this network 10, even if it becomes necessary to disable the usable application in all the computers 11, 12 or the specific computers 11, 12, the usable application can be freely changed to the unusable application. Therefore, it is possible to easily and quickly respond to an application unusable request. The device monitoring server 13 monitors the access status of the client computer 11 and the management computer 12 to the newly disabled application in time series and endlessly, and the access history information on the disabled application in the computers 11 and 12 is obtained. Collect in time series (application access history information collection means).

  An example of deleting a usable application is as follows. The administrator of the network 10 performs an authentication procedure to log in the management computer 12 to the network 10, and then selects an available application setting from the report item on the report display screen displayed on the display 22. Next, a check mark is put in the designation area 69 displayed on the usable application setting screen, the usable application to be deleted is designated, and the usable application to be deleted is specified. When the administrator clicks the delete icon on the screen after putting a check mark in the designated area 69, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 erases the usable application name to be deleted from the hard disk and instructs the business management server 14 to uninstall the application. The business management server 14 uninstalls the usable application to be deleted from the hard disks of the computers 11 and 12 in accordance with the instruction from the device monitoring server 13.

  When deleting an available application from only the specific computers 11 and 12, the administrator puts a check mark in the designation area 69, designates the usable application to be deleted, and designates the computer name in the computer name input area 66. input. After the input, when the administrator clicks the change icon on the screen, the specified application name and computer name are output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 deletes the usable application name and the computer name to be deleted from the hard disk and instructs the business management server 14 to uninstall the application in the designated computers 11 and 12. The business management server 14 uninstalls the usable application to be deleted from the hard disks of the designated computers 11 and 12 according to the instruction of the device monitoring server 13. In this network 10, even if it becomes necessary to delete an available application, the application can be freely deleted. Therefore, it is possible to easily and quickly respond to an application deletion request, and organize the available applications. Can be easily performed.

  FIG. 10 is a diagram illustrating an example of a setting screen for adding, changing, and deleting an unusable application. In this network 10, an unusable application can be added, changed, or deleted via the device monitoring server 13 (unusable application modifying means). An example of adding an unusable application is as follows. After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, it cannot be used from a report item on a report display screen (not shown) displayed on the display 22 of the management computer 12. Select application settings. When the unusable application setting is selected, the unusable application setting screen shown in FIG. 10 is displayed.

  The administrator inputs an application name in the application name input area 70, inputs a computer name in the computer name input area 71, and specifies the computer 11 and 12 to which the application name and the unusable application are applied. When the administrator clicks the add icon on the screen after inputting them, the specified unusable application name and computer name are output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 stores the unusable application name output from the management computer 12 on the hard disk, and stores the identification numbers of the computers 11 and 12 to which the application is applied on the hard disk. The unusable application is directly installed in the business management server 14 and stored in the server 14. When the addition of the unusable application is completed, the added unusable application name is displayed in the application name display area 72 on the display 22 of the computer 12 as shown in FIG. 10, and the computer name to which the application is applied is displayed. It is displayed in the computer name display area 73.

  An example of changing an unusable application is as follows. The administrator of the network 10 performs an authentication procedure to log in the management computer 12 to the network 10, and then selects an unusable application setting from the report item on the report display screen displayed on the display 22. Next, a check mark is put in the designation area 74 displayed on the unusable application setting screen, the unusable application to be changed is designated, and the unusable application to be changed to the usable application is specified. When the administrator clicks a change icon on the screen after putting a check mark in the designated area 74, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 changes the application output from the management computer 12 from unusable to usable.

  In addition, when applying the changed usable application only to the specific computers 11 and 12, the administrator puts a check mark in the designation area 74 to designate the unavailable application to be changed, and the computer name input area 71 has a computer. Enter a name. After the input, when the administrator clicks the change icon on the screen, the specified application name and computer name are output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 changes the application output from the management computer 12 from unusable to usable, and stores the identification numbers of the computers 11 and 12 to which the application is applied in the hard disk.

  In this network 10, even if it becomes necessary to make all computers 11, 12 or specific computers 11, 12 use unusable applications, unusable applications can be freely changed to usable applications. It is possible to easily and quickly respond to the usage request. The device monitoring server 13 determines whether or not the application changed to be usable can be used in the client computer 11 or the management computer 12 and also displays the application use state changed to the use of the computers 11 and 12 in time series and in an endless manner. The usage history information in the computers 11 and 12 is collected in time series (application usage history information collecting means).

  Further, in this network 10, an application that is not scheduled to be used for the time being is installed (added) in the business management server 14 in advance, and when it becomes necessary to use the application, the application is changed to be usable. The application can be used or not used as required. The device monitoring server 13 monitors the access status of the client computer 11 and the management computer 12 to the newly disabled application in time series and endlessly, and the access history information on the disabled application in the computers 11 and 12 is obtained. Collect in time series (application access history information collection means).

  An example of deleting an unusable application is as follows. The administrator of the network 10 performs an authentication procedure to log in the management computer 12 to the network 10, and then selects an unusable application setting from the report item on the report display screen displayed on the display 22. Next, a check mark is put in the designation area 74 displayed on the unavailable application setting screen, the unavailable application to be deleted is designated, and the unavailable application to be deleted is specified. When the administrator clicks the delete icon on the screen after putting a check mark in the designated area 74, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 13. The device monitoring server 13 erases the unusable application name to be deleted from the hard disk and instructs the business management server 14 to uninstall the application. The business management server 14 uninstalls the unusable application to be deleted from the hard disk according to the instruction from the device monitoring server 13. In this network 10, even if it becomes necessary to delete an unusable application, the application can be freely deleted. Therefore, it is possible to easily and quickly respond to an application deletion request. Can be easily performed.

  FIG. 11 is a diagram illustrating an example of the application installation status, and FIG. 12 is a diagram illustrating the contents of the installed application. In FIGS. 11 and 12, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the installation of applications from the business management server 14 to the client computer 11 and the management computer 12 in time series and endlessly. When the application is installed on the computers 11 and 12 from the business management server 14, the device monitoring server 13 collects the installation information in time series and stores the collected installation information on the hard disk (installation information collecting means).

  When the business management server 14 installs an application in the computers 11 and 12 in response to a request from the computers 11 and 12, the business management server 14 inquires the device monitoring server 13 about whether or not the application can be installed. When the application concerning the inquiry is installable (usable application), the device monitoring server 13 outputs an installation permission to the business management server 14. Upon receiving installation permission from the device monitoring server 13, the business management server 14 downloads an application to the computers 11 and 12 and outputs installation information to the device monitoring server 13. The device monitoring server 13 stores the installation information output from the business management server 14 on the hard disk. When there is a request to output installation information from the management computer 12, the device monitoring server 13 displays the installation information stored in the hard disk on the display 22 of the computer 12, and outputs the installation information from a printer connected to the computer 12 ( Installation information output means). The device monitoring server 13 can output the installation information divided into predetermined periods such as daily, weekly, and monthly.

  The management computer 12 can request the device monitoring server 13 to output the contents of applications installed in the computers 11 and 12. When there is a request to output the contents of the installed application, the device monitoring server 13 displays the contents of the application on the display 22 of the management computer 12 and outputs the contents of the application from a printer connected to the computer 12. (Installed application content output means). The contents of the application are an outline of applications such as document creation software, spreadsheet software, translation software, database construction software, communication software, security software, etc., and are input to the server 14 at the same time when the application is installed in the business management server 14. Stored in the hard disk of the business management server 14.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then selects installation information from a report item on a report display screen (not shown) displayed on the display 22 of the computer 12 And specify the period. When installation information is selected and a period is designated, the application installation status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 11, as installation information, the computer name (computer name on which the application is installed) is displayed in the computer name display area 74, the date (installation date) is displayed in the date display area 75, and the application name (installed application name is displayed in the application name display area 76. ) Is displayed. When the application name is highlighted on the screen shown in FIG. 11 and the contents display is clicked, the contents of the application are displayed in the application contents display area 77 together with the computer name and application name, as shown in FIG.

  FIG. 13 is a diagram illustrating an example of an application uninstall status, and FIG. 14 is a diagram illustrating the contents of the uninstalled application. In FIGS. 13 and 14, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the uninstallation of applications from the client computer 11 and the management computer 12 in a time series and in an endless manner. When the usable application is uninstalled from the computers 11 and 12 via the business management server 14, the device monitoring server 13 collects the uninstall information in time series and stores the collected uninstall information in the hard disk ( Uninstallation information collection means).

  When the business management server 14 uninstalls an application from the computers 11 and 12 in response to a request from the computers 11 and 12, the business management server 14 inquires of the device monitoring server 13 whether or not the application can be uninstalled. When the application related to the inquiry can be uninstalled, the device monitoring server 13 outputs an uninstall permission to the business management server 14. Upon receiving the uninstall permission from the device monitoring server 13, the business management server 14 uninstalls the application from the computers 11 and 12 and outputs the uninstall information to the device monitoring server 13. The device monitoring server 13 stores the uninstallation information output from the business management server 14 on the hard disk.

  If the application relating to the inquiry cannot be uninstalled, the device monitoring server 13 outputs an uninstallation non-permission to the business management server 14. When the business management server 14 receives the uninstallation disapproval from the device monitoring server 13, the business management server 14 displays that the uninstallation is impossible on the displays 16, 21, and 22 of the computers 11 and 12. When there is a request to output uninstall information from the management computer 12, the device monitoring server 13 displays the uninstall information stored in the hard disk on the display 22 of the computer 12, and displays the uninstall information from a printer connected to the computer 12. Output (uninstallation information output means). The device monitoring server 13 can output the uninstallation information divided into predetermined periods such as daily, weekly, monthly, and the like.

  The management computer 12 can request the device monitoring server 13 to output the contents of the application uninstalled from the computers 11 and 12. When there is a request for outputting the contents of the uninstalled application, the device monitoring server 13 displays the contents of the application on the display 22 of the management computer 12 and outputs the contents of the application from a printer connected to the computer 12. (Uninstall application contents output means) The content of the uninstalled application is the same as that of the installed application, and is stored in the hard disk of the business management server 14.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then selects uninstallation information from a report item (not shown) displayed on the display 22 of the computer 12. Specify the period. When the uninstall information is selected and the period is specified, the application uninstall status in the specified period is displayed on the display 22 as shown in FIG. In FIG. 13, as the uninstall information, the computer name (computer name from which the application was uninstalled) is displayed in the computer name display area 78, the date (uninstallation date) is displayed in the date display area 79, and the application name (uninstalled) is displayed in the application name display area 80. The name of the installed application) is displayed. When the application name 80 is highlighted on the screen of FIG. 13 and the contents display is clicked, the contents of the application are displayed in the application contents display area 80 together with the computer name and application name, as shown in FIG.

  FIGS. 15 and 16 are diagrams showing examples of print history information, and show weekly print histories of the computers 11 and 12. In FIGS. 15 and 16, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the print status of the client computer 11 and the management computer 12 logged into the network 10 in time series and endlessly. When the computers 11 and 12 print data, the device monitoring server 13 collects the print history information in time series, and stores the collected print history information in the hard disk (print history information collecting means). When the computers 11 and 12 print data using a printer connected thereto, the print history information is output from the computers 11 and 12 to the device monitoring server 13. The device monitoring server 13 stores the print history information output from the computers 11 and 12 on the hard disk. When there is a print history information output request from the management computer 12, the device monitoring server 13 displays the print history information stored in the hard disk on the display 22 of the computer 12, and print history information from a printer connected to the computer 12. Output (print history information output means). The device monitoring server 13 can output the print history information by dividing it into a predetermined period such as daily, weekly, or monthly.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then selects print history information from a report item (not shown) displayed on the display 22 of the computer 12. Specify the period. When the print history information is selected and the period is designated, the print history information for the designated period is displayed on the display 22 as shown in FIG. In FIG. 15, as the print history information, the period is displayed in the period display area 82, the computer name is displayed in the computer name display area 83 (the name of the computer that performed printing), the MAC address is displayed in the MAC address display area 84, and the work group / domain display area 85 is displayed. In the work group / domain, the user name in the user name display area 86 (the user name of the computer 11 or 12 that performed printing), the total number of printed pages in the print total page number display area 87, and the number of prints in the print number display area 88. It is displayed.

  When the computer name 83 displayed in the underlined portion in the screen of FIG. 15 is selected, details of the print history of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. FIG. 16 shows the details of the print history as the month / day in the month / day display area 89, the computer name in the computer name display area 90, the work group / domain in the work group / domain display area 91, and the IP address in the IP address display area 92. The MAC address is displayed in the MAC address display area 93. Further, the user name is displayed in the user name display area 94, the print date and time is displayed in the print date and time display area 95, the document name is displayed in the document name display area 96, the number of print pages is displayed in the print page number display area 97, and the printer name is displayed in the printer name display area 98. Has been. The administrator can output the print history shown in FIGS. 15 and 16 from the printer. In this network 10, since the device monitoring server 13 collects print history information in the computers 11 and 12 in time series, the administrator of the network 10 grasps the printing status in the computers 11 and 12 via the device monitoring server 13. In addition, it is possible to monitor printing in the computers 11 and 12 and to regulate unlimited printing actions by users of the network 10.

  17 and 18 are diagrams illustrating an example of file access information, and show weekly file access of the computers 11 and 12. In FIGS. 17 and 18, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the file access status of the client computer 11 and the management computer 12 logged into the network 10 in time series and endlessly. When the computers 11 and 12 access a predetermined file, the device monitoring server 13 collects the file access information in time series, and stores the collected file access information in the hard disk (file access information collecting means). When the computers 11 and 12 access a file stored in the memory, the file access information is output from the computers 11 and 12 to the device monitoring server 13. The device monitoring server 13 stores the file access information output from the computers 11 and 12 on the hard disk. When there is a request for outputting file access information from the management computer 12, the device monitoring server 13 displays the file access information stored in the hard disk on the display 22 of the computer 12, and the file access information is sent from a printer connected to the computer 12. Output (file access information output means). The device monitoring server 13 can output the file access information divided into predetermined periods such as daily, weekly, and monthly.

  An administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then obtains file access information from a report item on a report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When file access information is selected and a period is designated, the file access status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 17, as file access information, the computer name (the name of the computer that performed the access) is displayed in the computer name display area 100, the MAC address is displayed in the MAC address display area 101, and the work group / domain is displayed in the period display area 99. The work group / domain is displayed in the area 102, the user name (user name of the computer 11 or 12 that has accessed) is displayed in the user name display area 103, and the access count is displayed in the access count display area 104.

  When the computer name displayed in the underlined portion on the screen of FIG. 17 is selected, the details of the file access status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 18, as the details of the file access status, the date is displayed in the month / day display area 105, the computer name in the computer name display area 106, the work group / domain in the work group / domain display area 107, and the IP in the IP address display area 108. The MAC address is displayed in the address / MAC address display area 109. Further, the user name is displayed in the user name display area 110, the access date and time is displayed in the access date and time display area 111, the operation content is displayed in the operation content display area 112 (copy, cut, write, delete, holder creation, name change, etc.), and the file name display area. The file name is displayed in 113, and the file name before change is displayed in the file name display area 114 before change. The administrator can output the file access status shown in FIGS. 17 and 18 from the printer. In this network 10, since the device monitoring server 13 collects file access information in the computers 11 and 12 in time series, the administrator of the network 10 grasps the file access status of the computers 11 and 12 via the device monitoring server 13. The use of files in the computers 11 and 12 can be monitored, and the unlimited use of files by users of the network 10 can be restricted.

  19 and 20 are diagrams showing an example of external usage information, and show weekly external usage of the computers 11 and 12. In FIGS. 19 and 20, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the use of the client computer 11 and the management computer 12 other than the network 10 in a time series and in an endless manner. When the computers 11 and 12 are used in an external environment other than the network 10, the device monitoring server 13 collects the external usage information in time series and stores the collected external usage information in the hard disk (external usage information collection). means). Upon receiving an external usage information output request from the management computer 12, the device monitoring server 13 displays the external usage information stored in the hard disk on the display 22 of the computer 12 and displays the external usage information from a printer connected to the computer 12. Output (external usage information output means). The device monitoring server 13 can output the external use information divided into predetermined periods such as daily, weekly, and monthly.

  The computers 11 and 12 output an identification number (computer name, IP address, MAC address, etc.) that identifies them to the device monitoring server 13 at regular time intervals (3 minute intervals, 5 minute intervals, etc.). The device monitoring server 13 determines that the computers 11 and 12 have left the network 10 when the identification numbers output at regular intervals from the computers 11 and 12 are interrupted even once, and from the computers 11 and 12 for a certain period of time. When the identification number is output again at intervals, it is determined that the computers 11 and 12 are connected to the network 10 again, and it is determined that the computers 11 and 12 are used in the external environment. When the device monitoring server 13 determines that the computers 11 and 12 have been used in the external environment, the computer 11 and 12 use the identification numbers (computer names, IP addresses, MAC addresses, etc.) of the computers 11 and 12 and the usage history in the external environment. , 12 and the read identification number and external usage history are stored in the hard disk.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing the authentication procedure, the external use information is obtained from the report item on the report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When the external use information is selected and the period is designated, the external use status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 19, as the external use information, the computer name (externally used computer name) is displayed in the computer name display area 116, the MAC address is displayed in the MAC address display area 117, and the work group / domain is displayed in the period specified in the period display area 115. A work group / domain is displayed in area 118, a user name (user name of externally used computers 11 and 12) is displayed in user name display area 119, and an external use count is displayed in external use count display area 120.

  When the computer name displayed in the underlined portion on the screen of FIG. 19 is selected, the details of the external usage status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 20, as the details of the external usage status, the date is displayed in the month / day display area 121, the computer name is displayed in the computer name display area 122, the work group / domain is displayed in the work group / domain display area 123, and the IP is displayed in the IP address display area 124. The MAC address is displayed in the address / MAC address display area 125. Further, the external use start time display area 126 has an external use start time, the external use end time display area 127 has an external use end time, the user name display area 128 has a user name, the application use start time display area 129 has an application use start time, Application use end time display area 130, application use end time, application operation time display area 131, application operation time, application name display area 132, application name (application name used for external use), operation window name display area The operation window name (the operation window name of the application used at the time of external use) is displayed at 133. The administrator can output the external usage statuses of FIGS. 19 and 20 from the printer.

  In this network 10, the device monitoring server 13 collects the usage status of the external computers 11 and 12, and the administrator can grasp the usage status of the external computers 11 and 12. , 12 can be specified, and unauthorized actions such as unauthorized removal of important data, confidential data, etc., alteration of the data, destruction of the data, etc. by the user of the network 10 can be regulated.

  FIGS. 21 and 22 are diagrams showing an example of usage information outside the designated hours, and show the usage outside the designated hours during the week of the computers 11 and 12. In FIGS. 21 and 22, the display of specific names, numerical values, and the like of each item is omitted. The device monitoring server 13 monitors the use of the client computer 11 and the management computer 12 outside the specified time in a time-series and endless manner. When the computers 11 and 12 are used outside the designated time, the device monitoring server 13 collects the usage information outside the designated time in time series, and stores the collected overtime usage information on the hard disk (collecting external usage information). means). A designated time (usable time) of the computers 11 and 12 is output from the business management server 14 to the device monitoring server 13. The device monitoring server 13 determines whether the use of the computers 11 and 12 is within the specified time or outside the specified time by using the timer function. Is stored on the hard disk. The usage status of the computers 11 and 12 within the specified time is monitored by the device monitoring server 13. When the management computer 12 requests the management computer 12 to output the specified overtime use information, the device monitor server 13 displays the specified overtime use information stored in the hard disk on the display 22 of the computer 12, and the specified overtime use information is displayed on the computer 12. Is output from the printer connected to the (outside specified use information output means). The device monitoring server 13 can output the specified overtime use information by dividing it into a predetermined period such as a day unit, a week unit, or a month unit.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the administrator uses the report item on a report display screen (not shown) displayed on the display 22 of the computer 12 for overtime use. Select information and specify period. When the non-designated usage information is selected and the period is designated, as shown in FIG. 21, the designated non-designated usage status is displayed on the display 22 as shown in FIG. FIG. 21 shows the period specified in the period display area 134 as the overtime use information, the computer name in the computer name display area 135, the MAC address in the MAC address display area 136, and the workgroup / domain display area 137 in the workgroup / domain. The domain name and the user name display area 138 display the user name, and the number of times outside the designated time use display area 139.

  When the computer name displayed in the underlined portion on the screen of FIG. 21 is selected, the details of the usage status outside the specified time of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 22, as details of the usage situation outside the designated time, the month and date display area 140 is the month and day, the computer name display area 141 is the computer name (the computer name used outside the designated time), and the workgroup / domain display area 142 is displayed. , The work group / domain, the IP address display area 143 displays the IP address, and the MAC address display area 144 displays the MAC address. Further, the user name display area 145 has a user name (user names of the computers 11 and 12 used outside the designated time), the overtime use start time display area 146 has an overtime use start time, and an overtime use end time display area 147. In the operation time display area 148, the operation time (overtime use time), in the application name display area 149, the application name (application name used during overtime use), and in the operation window name display area 150 The name of the operation window (the name of the operation window of the application that was used during overtime use) is displayed. The administrator can output the usage status outside the designated time shown in FIGS.

  In this network 10, the device monitoring server 13 collects the usage status of the computers 11 and 12 outside the specified time, and the administrator can grasp the usage status of the computers 11 and 12 outside the specified time. The computers 11 and 12 that have been used can be identified, and unauthorized actions such as unauthorized removal of important data, confidential data, etc., alteration of the data, destruction of the data, etc. by users of the network 10 can be regulated. .

  FIGS. 23 and 24 are diagrams showing examples of take-out action information, and show the take-out action status of the computers 11 and 12 for each day. In FIGS. 23 and 24, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the taking-out action from the client computer 11 and the management computer 12 of data prohibited from being taken out in time series and endlessly. When the device monitoring server 13 tries to take out data prohibited from being taken out from the computers 11 and 12, the device monitoring server 13 collects the information on taking-out activity in time series and stores the collected information on taking-out activity in the hard disk (taking-out information collecting means) ). The method of prohibiting data export includes a method of specifying the computers 11 and 12 and prohibiting data export from the computers 11 and 12, and prohibiting copying of data stored in a drive mounted on the computers 11 and 12. There are a method (prohibition of copying to the drive), a method of prohibiting writing to the drive mounted on the computers 11 and 12, and a method of specifying specific data and prohibiting copying of the data.

  The device monitoring server 13 performs a copy operation on a copy-prohibited drive when a data take-out action (data access or data copy in the computers 11 and 12) is performed on the computers 11 and 12 where data take-out is prohibited. If a write action is performed on the write-protected drive, or if a copy action is performed on the copy-prohibited data, it is determined that the data is taken out, and the information on the take-out action is stored in the hard disk. A copy prohibition message is displayed on the displays 16, 21, and 22 of the computers 11 and 12. When there is a request for outputting take-out action information from the management computer 12, the device monitoring server 13 displays the take-out action information stored in the hard disk on the display 22 of the computer 12, and the take-out action information is displayed from a printer connected to the computer 12. Output (taking-out action information output means). The device monitoring server 13 can output the carry-out action information in a predetermined period such as daily, weekly, or monthly.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then takes out action information from report items on a report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When the take-out action information is selected and the period is designated, the take-out action status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 23, as take-out action information, the computer name (the name of the computer where the take-out action was performed) is displayed in the computer name display area 152 and the work group / domain display area 153 is the work group / domain as specified in the period display area 151. The user name is displayed in the user name display area 154 (the user name of the computer 11 or 12 where the take-out action was performed), and the number of take-out actions is displayed in the take-out action number display area 155.

  When the computer name displayed in the underlined portion on the screen of FIG. 23 is selected, the details of the carry-out action status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 24, as the details of the status of the taking-out action, the date is displayed in the month / day display area 156, the computer name is displayed in the computer name display area 157, the work group / domain is displayed in the work group / domain display area 158, and the IP address is displayed in the IP address display area 159. The MAC address is displayed in the address / MAC address display area 160. Furthermore, the user name is displayed in the user name display area 161, the date and time of the take-out action display area 162, the date and time of the take-out action, the contents of the take-out operation display area 163 (copy, cut, file search, etc.), and the file name in the file name display area 164. The file name before change (data name to be taken out) is displayed in the file name display area 165 before change. The administrator can output the carry-out action status shown in FIGS. 23 and 24 from the printer.

  In this network 10, the device monitoring server 13 collects the status of the computer 11, 12 taking out, and the administrator can grasp the computer 11, 12 where the data has been taken out. It is possible to regulate unauthorized actions such as unauthorized removal of important data and confidential data, tampering with such data, and destruction of such data.

  25 and 26 are diagrams showing an example of print action information, and show the weekly print action status of the computers 11 and 12. In FIGS. 25 and 26, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the printing action of the data prohibited from printing in the client computer 11 and the management computer 12 in time series and endlessly. When the device monitoring server 13 tries to print data prohibited from printing from the computers 11 and 12, the device monitoring server 13 collects the print action information in time series and stores the collected print action information in the hard disk (print action information collection). means). The method of prohibiting data printing is to specify the computers 11 and 12 and prohibit printing of data in the computers 11 and 12, and to specify the drive mounted on the computers 11 and 12 and store the data in the drive. There are a method of prohibiting data printing and a method of specifying specific data and prohibiting printing of the data.

  When the printing operation is performed on the computers 11 and 12 whose printing is prohibited, the device monitoring server 13 performs the printing operation on the printing prohibited drive, the printing operation on the printing prohibited data, The print action is determined and the print action information is stored in the hard disk. A print prohibition message is displayed on the displays 16, 21, and 22 of the computers 11 and 12. When there is a print action information output request from the management computer 12, the device monitoring server 13 displays the print action information stored in the hard disk on the display 22 of the computer 12, and the print action information is sent from a printer connected to the computer 12. Output (print action information output means). The device monitoring server 13 can output the print action information in a predetermined period such as daily, weekly, or monthly.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the printing action information is obtained from the report item on the report display screen (not shown) displayed on the display 22 of the computer 12. Select and specify the period. When the print action information is selected and the period is specified, the print action status in the specified period is displayed on the display 22 as shown in FIG. In FIG. 25, as the print action information, the computer name (computer name on which the print action is performed) is displayed in the computer name display area 167 and the work group / domain display area 168 is the work group / domain for the period specified in the period display area 166. The user name display area 169 displays the user name (the user name of the computer 11 or 12 that performed the printing action), and the printing action count display area 170 displays the printing action count.

  When the computer name displayed in the underlined portion in the screen of FIG. 25 is selected, the details of the printing action status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 26, as details of the printing action status, a period is displayed in the period display area 171, a computer name is displayed in the computer name display area 172, a work group / domain is displayed in the work group / domain display area 173, an IP address is displayed in the IP address display area 174, The MAC address is displayed in the MAC address display area 175. Further, the user name is displayed in the user name display area 176, the date and time of printing is displayed in the print action date and time display area 177, the document name (document name to be printed) is displayed in the document name display area 178, and the printer name (print action) is displayed in the printer name display area 179. Is displayed). The administrator can output the printing action statuses of FIGS. 25 and 26 from the printer.

  In this network 10, the device monitoring server 13 collects the print action statuses of the computers 11 and 12, and the administrator can grasp the computers 11 and 12 that have performed the print action on the print prohibition data. Unauthorized actions such as unauthorized removal of important data and confidential data by the user, falsification of the data, and destruction of the data can be regulated.

  27 and 28 are diagrams showing an example of the e-mail transmission information, and show the weekly e-mail transmission status of the computer. In FIGS. 27 and 28, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors e-mail transmission in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 send e-mails to the other computers 11 and 12 of the network 10 and send e-mails outside the network 10 using the Internet 20, the e-mail transmission signal is sent to the computers 11 and 12 12 to the device monitoring server 13. The device monitoring server 13 detects e-mail transmission in the computers 11 and 12 based on e-mail transmission signals output from the computers 11 and 12. When the device monitoring server 13 detects the mail transmission, the device monitoring server 13 collects the e-mail transmission information in time series and stores the collected e-mail transmission information in the hard disk (e-mail transmission information collection means). When there is an output request for email transmission information from the management computer 12, the device monitoring server 13 displays the email transmission information stored in the hard disk on the display 22 of the computer 12, and the email transmission information is connected to the computer 12. Output from the printer (e-mail transmission information output means). The device monitoring server 13 can output the e-mail transmission information by dividing it into a predetermined period such as daily, weekly, or monthly.

  The administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, and then sends e-mail transmission information from a report item on a report display screen (not shown) displayed on the display 22 of the computer 12. And select a period. When e-mail transmission information is selected and a period is designated, the e-mail transmission status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 27, as e-mail transmission information, a computer name is displayed in the computer name display area 181, a MAC address is displayed in the MAC address display area 182, and a work group / domain is displayed in the work group / domain display area 183 as the period specified in the period display area 180. The number of email transmissions is displayed in the email transmission number display area 184.

  When the computer name displayed in the underlined portion in the screen of FIG. 27 is selected, details of the e-mail transmission status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 28, as details of the email transmission status, the month and day (email transmission date and time) in the month and day display area 185, the computer name (computer name that sent the email) in the computer name display area 186, the workgroup / domain The work area / domain is displayed in the display area 187, the IP address is displayed in the IP address display area 188, and the MAC address is displayed in the MAC address display area 189. Further, the sender (user name of the computer 11, 12 that sent the e-mail) is displayed in the sender display area 190, the e-mail transmission date / time is displayed in the e-mail transmission date / time display area 191, the destination (e-mail transmission destination address) is displayed in the destination display area 192, A subject (subject e-mail subject) is displayed in the subject display area 193. The administrator can output the e-mail transmission status shown in FIGS. 27 and 28 from the printer. In this network 10, the device monitoring server 13 collects the e-mail transmission status of the computers 11 and 12, and the administrator can grasp the e-mail transmission status in the computers 11 and 12. Unauthorized transmission and unauthorized transmission can be regulated.

  29 and 30 are diagrams showing an example of the website access information, and show the website access status of the computers 11 and 12 for the week. In FIGS. 29 and 30, the display of specific names, numerical values, and the like of each item is omitted. The device monitoring server 13 monitors the access to the Web site in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 access the website using the Internet 20, a website access signal is output from the computers 11 and 12 to the device monitoring server 13. The device monitoring server 13 detects an access to the website in the computers 11 and 12 based on the website access signal output from the computers 11 and 12. When the device monitoring server 13 detects access to the website, it collects the website access information in time series and stores the collected website access information in the hard disk (website access information collection means). When there is a request for outputting website access information from the management computer 12, the device monitoring server 13 displays the website access information stored in the hard disk on the display 22 of the computer 12, and the website access information is connected to the computer 12. Output from the printer (Website access information output means). The device monitoring server 13 can output the website access information by dividing it into a predetermined period such as daily, weekly or monthly.

  The administrator of the network 10 performs an authentication procedure, logs in the management computer 12 to the network 10, and then selects Web site access information from a report item (not shown) displayed on the display 22 of the computer 12. Specify the period. When the website access information is selected and the period is designated, the website access status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 29, as the website access information, the computer name (computer name that accessed the website) is displayed in the computer name display area 195, the MAC address is displayed in the MAC address display area 196, and the work group / workgroup / period is specified in the period display area 194. The domain display area 197 displays the work group / domain, the website access count display area 198 displays the access count, the byte count display area 199 displays the byte count, and the packet count display area 200 displays the packet count.

  When the computer name displayed in the underlined portion on the screen of FIG. 29 is selected, details of the website access status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 30, as the details of the website access status, the month and day display area 201 displays the month and day (Website access date and time), the computer name display area 202 displays the computer name, the workgroup / domain display area 203 displays the workgroup / domain, An IP address is displayed in the IP address display area 204, and a MAC address is displayed in the MAC address display area 205. Further, the website address is displayed in the website address display area 206, the protocol is displayed in the protocol display area 207, the number of bytes is displayed in the byte number display area 208, the number of packets is displayed in the packet number display area 209, and the connection time is displayed in the connection time display area 210. Connection time) is displayed. The administrator can output the Web site access status of FIGS. 29 and 30 from the printer. In this network 10, the device monitoring server 13 collects the website access status of the computers 11 and 12, and the administrator can grasp the status of access to the website on the computers 11 and 12. Unauthorized and unauthorized access to illegal websites can be restricted.

  FIGS. 31 and 32 are diagrams showing an example of external network access information, and show weekly Web site access statuses of the computers 11 and 12. In FIGS. 31 and 32, the display of specific names and numerical values of each item is omitted. The device monitoring server 13 monitors the access to the external network in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 access the external network using the Internet 20, an external network access signal is output from the computers 11 and 12 to the device monitoring server 13. The device monitoring server 13 detects access to the external network in the computers 11 and 12 based on the external network access signal output from the computers 11 and 12. When the access to the external network is detected, the device monitoring server 13 collects the external network access information in time series, and stores the collected external network access information in the hard disk (external network access information collection unit). When there is a request for output of external network access information from the management computer 12, the device monitoring server 13 displays the external network access information stored in the hard disk on the display 22 of the computer 12, and the external network access information is connected to the computer 12. Output from the printer (external network access information output means). The device monitoring server 13 can output the external network access information divided into predetermined periods such as daily, weekly, and monthly.

  After the administrator of the network 10 logs in the management computer 12 to the network 10 by performing an authentication procedure, the external network access information is displayed from a report item on a report display screen (not shown) displayed on the display 22 of the computer 12. And select a period. When the external network access information is selected and the period is designated, the external network access status in the designated period is displayed on the display 22 as shown in FIG. In FIG. 31, as the external network access information, the computer name (computer name that accessed the external network) is displayed in the computer name display area 212, the MAC address is displayed in the MAC address display area 213, the work group / workgroup / The domain display area 214 is the work group / domain, the external network access count display area 215 is the external network access count, and, among the traffic from the outside, the byte count display area 216 is the byte count and the packet count display area 217 is the packet count. Among these traffics, the byte number display area 218 displays the byte number and the packet number display area 219 displays the packet number.

  When the computer name displayed in the underlined portion on the screen of FIG. 31 is selected, the details of the external network access status of the selected computers 11 and 12 are displayed on the display 22 as shown in FIG. In FIG. 32, as the details of the external network access status, the date (external network access date / time) is displayed in the month / day display area 220, the computer name is displayed in the computer name display area 221, the work group / domain is displayed in the work group / domain display area 222, An IP address is displayed in the IP address display area 223, and a MAC address is displayed in the MAC address display area 224. Furthermore, the external IP display area 225 is an external IP (external network address), the protocol type display area 226 is a protocol type, the port display area 227 is a port, the protocol display area 228 is a protocol, and the number of bytes of traffic from the outside is displayed. 229 is the number of bytes, the packet number display area 230 is the number of packets, the connection time display area 231 is the connection time, and of the traffic from the inside, the byte number display area 232 is the number of bytes, the packet number display area 233 is the number of packets, and the connection time The connection time is displayed in the display area 234. The administrator can output the external network access status shown in FIGS. 31 and 32 from the printer.

  In this network 10, the device monitoring server 13 collects the external network access status of the computers 11 and 12, and the administrator can grasp the access status of the computers 11 and 12 to the external network. Unauthorized access to illegal external networks and unauthorized access can be regulated.

  The device monitoring server 13 includes link information, usage history information, access history information, installation information, uninstallation information, external usage information, overtime use information, take-out activity information, print activity information, e-mail transmission information, and website access. Information and external network access information are encrypted based on a predetermined encryption method (encryption means) and stored in the hard disk. The device monitoring server 13 decrypts the encrypted information when outputting the information to the management computer 12. In this network 10, the device monitoring server 13 encrypts various types of information based on a predetermined encryption method. Therefore, even if the information leaks out from the device monitoring server 13, the content of the information is not decrypted. Therefore, it is possible to prevent leakage of the information contents to the outside. In addition, since the information is encrypted, the contents are not falsified, and the correctness and truthfulness of the information contents can be ensured. Since the link information is encrypted in this network 10, the link status of each device in the network 10 is not analyzed, and unauthorized entry into the network 10 can be reliably prevented.

  In addition to the RSA method, any one of the EPOC encryption method, the Rabin encryption method, the Diffie-Hellman key distribution ElGamal encryption method, and the elliptical Diffie-Hellman key distribution elliptical Elmalmal encryption method should be used as the public key encryption method. You can also. As the encryption method, a common key encryption method can be used alone. As the common key encryption method, any one of the DES encryption method, the FEAL encryption method, the IDEA encryption method, the MISTY encryption method, the MULTI authentication method, and the RC2 / 4/5 encryption method can be used. As the encryption method, a MIX encryption method using both a public key encryption method (RSA encryption method) and a common key encryption method (DES encryption method) can also be used.

The block diagram of the local area network shown as an example. The figure which shows an example of the display screen of the authentication procedure displayed on the display of a computer. The figure which shows an example of computer equipment information. The figure which shows an example of an application list. The figure which shows an example of the usage history information of an application. The figure which shows an example of the usage history information of an application. The figure which shows an example of access history information. The figure which shows an example of access history information. The figure which shows an example of the setting screen of addition, a change, and deletion of a useable application. The figure which shows an example of the setting screen of addition, a change, and deletion of an unusable application. The figure which shows an example of an application installation condition. The figure which shows the content of the installed application. The figure which shows an example of an application uninstall condition. The figure which shows the content of the uninstalled application. The figure which shows an example of print log information. The figure which shows an example of print log information. The figure which shows an example of file access information. The figure which shows an example of file access information. The figure which shows an example of external use information. The figure which shows an example of external use information. The figure which shows an example of use information outside designated time. The figure which shows an example of use information outside designated time. The figure which shows an example of take-out action information. The figure which shows an example of take-out action information. The figure which shows an example of printing action information. The figure which shows an example of printing action information. The figure which shows an example of electronic mail transmission information. The figure which shows an example of electronic mail transmission information. The figure which shows an example of website access information. The figure which shows an example of website access information. The figure which shows an example of external network access information. The figure which shows an example of external network access information.

Explanation of symbols

10 Network 11 Client computer (Network component equipment)
12 Management computer (network component equipment)
13 Device monitoring server (device monitoring device)
14 Business management server 16 Display 21 Display 22 Display

Claims (11)

In a device monitoring device connected to a network formed from a plurality of network component devices linked to each other and monitoring those network component devices in time series,
The device monitoring apparatus collects, in time series, usage history information of usable applications in the component devices, application usage history information output means for outputting the collected usage history information, and the usage An apparatus monitoring apparatus comprising: usable application modification means for adding, changing, and deleting a usable application.   The usage history information includes the name of the component device that has used the application, the user name of the component device that has used the application, the number of operations of the application, the name of the application that has been used, the operation window name of the application that has been used, The device monitoring apparatus according to claim 1, which is a use end date and time and an application use time.   The device monitoring apparatus includes: application access history information collecting means for collecting access history information to unusable applications in the component devices in time series; application access history information output means for outputting the collected access history information; The device monitoring apparatus according to claim 1, further comprising: an unusable application modifying unit that adds, changes, and deletes unusable applications.   4. The device monitoring apparatus according to claim 3, wherein the access history information includes a name of a component device that has accessed the application, a user name of the component device that has accessed the application, the number of accesses to the application, the name of the accessed application, and the date and time of access to the application. .   The apparatus monitoring apparatus according to claim 3 or 4, wherein the apparatus monitoring apparatus executes the usable application modification unit and the unusable application modification unit for each of the constituent devices.   The device monitoring apparatus includes an installation information collection unit that collects installation information in a time series when an application is installed in the component device, an installation information output unit that outputs the collected installation information, and an application from the component device. Uninstall information collection means for collecting the uninstall information in a time series and uninstall information output means for outputting the collected uninstall information, wherein the install information installs the application Component name, installed application name, installation date and time, and the uninstall information includes the name of the component device that uninstalled the application, the name of the uninstalled application, The equipment monitoring device according to any one claims 1 to 5 is installed date.   The device monitoring apparatus includes an installed application content output unit that outputs the content of an application installed in the component device, and an uninstall application content output unit that outputs the content of an application uninstalled from the component device. Item 6. The device monitoring apparatus according to Item 6.   The device monitoring device outputs external usage information collecting means for collecting external usage information in time series when the component devices are used in an external environment other than the network formed by the component devices, and outputs the collected external specification information External usage information output means that collects the usage information outside the specified time when the component device is used outside the specified time, and outputs the collected usage information outside the specified time that is collected in time series Application information used when the external use information includes the name of the component device used externally, the user name of the component device used externally, the number of times of external use, and the external use. Name, operation window name of application used for external use, external use start date and time, external use end date and time, external use time The information includes the name of the component device that was used outside the specified time, the user name of the component device that was used outside the specified time, the number of overtime use, the name of the application that was used during the overtime, and the overtime use The device monitoring apparatus according to any one of claims 1 to 7, which is an operation window name, an overtime use start date and time, an overtime use end date and time, and an overtime use time of a used application.   The device monitoring device includes a take-out action information collecting unit that collects take-out action information in a time series when data that is prohibited to be taken out from the component device, and a take-out action information that outputs the collected take-out action information. Output means, printing action information collecting means for collecting printing action information in a time series when printing prohibited data is printed from the component device, and printing action information output for outputting the collected printing action information The take-out action information is the name of the component device in which the take-out action was performed, the number of take-out actions, the date and time of the take-out action, the contents of the take-out operation, and the name of the data to be taken out. The name of the component device that performed the action, the number of times of printing, the date and time of printing, the print Yo and the document name, the equipment monitoring device according to any one claims 1 to 8 print action is the printer name made.   The device monitoring apparatus includes: an e-mail transmission information collecting unit that collects e-mail transmission information in a time series when an e-mail is transmitted from the component device; and e-mail transmission information that outputs the collected e-mail transmission information And the e-mail transmission information includes the name of the component device that has transmitted the e-mail, the number of times of e-mail transmission, the user name of the component device that has transmitted the e-mail, the e-mail transmission date and time, the e-mail transmission destination address, The device monitoring apparatus according to any one of claims 1 to 9, which is a subject of a transmitted electronic mail.   The device monitoring apparatus includes a website access information collecting unit for collecting website access information when the component device accesses the website in time series, and a website access information output for outputting the collected website access information. Means, external network access information collection means for collecting external network access information when the component device accesses an external network in time series, and external network access information output means for outputting the collected external network access information. The website access information is the name of a component device that has accessed the website, the number of website accesses, the website access date and time, the website address, and the connection time to the website, and the external network access information , Construction equipment name access the external network, the external network access number, the external network access time, an external network address, the equipment monitoring device according to any one of claims 1 to 10 which is a connection time to the external network.

Images