WO2020086657A1 - Method and system for administration and monitoring of a heterogeneous environment comprising hardware and software systems - Google Patents

Method and system for administration and monitoring of a heterogeneous environment comprising hardware and software systems Download PDF

Info

Publication number
WO2020086657A1
WO2020086657A1 PCT/US2019/057559 US2019057559W WO2020086657A1 WO 2020086657 A1 WO2020086657 A1 WO 2020086657A1 US 2019057559 W US2019057559 W US 2019057559W WO 2020086657 A1 WO2020086657 A1 WO 2020086657A1
Authority
WO
WIPO (PCT)
Prior art keywords
communication protocol
management server
systems
user interface
managed servers
Prior art date
Application number
PCT/US2019/057559
Other languages
French (fr)
Inventor
Gabriel DUCHATEAU
Original Assignee
Syzygy Software Labs L.L.C.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Syzygy Software Labs L.L.C. filed Critical Syzygy Software Labs L.L.C.
Publication of WO2020086657A1 publication Critical patent/WO2020086657A1/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATION NETWORKS
    • H04W24/00Supervisory, monitoring or testing arrangements
    • H04W24/02Arrangements for optimising operational condition
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0213Standardised network management protocols, e.g. simple network management protocol [SNMP]
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/022Multivendor or multi-standard integration
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/02Standardisation; Integration
    • H04L41/0226Mapping or translating multiple network management protocols
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L41/00Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
    • H04L41/08Configuration management of networks or network elements
    • H04L41/0803Configuration setting
    • H04L41/0806Configuration setting for initial configuration or provisioning, e.g. plug-and-play
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • H04L63/0428Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks wherein the data content is protected, e.g. by encrypting or encapsulating the payload
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/02Protocols based on web technology, e.g. hypertext transfer protocol [HTTP]

Definitions

  • the present invention lies in the field of the administration, management, and monitoring of computer servers and software systems. Particularly, the present invention is directed to a mediation device and method that allows the administration and monitoring of various complex hardware platforms and software systems through a common protocol.
  • the mediation device comprises various subroutines to identify and communicate with different application servers using various communication protocols and reinterpret commands to and from said application servers in a common protocol so they can be administered and monitored from a remote device using a single application.
  • Computer systems administration currently requires numerous software tools to be able to access all the components in a system.
  • Different businesses with different needs require software and hardware components that may not be simply manageable, making the job of a system administrator tougher every time each component needs maintenance.
  • a system administrator may need a specific software application to manage virtual hardware and carry out operations like adding RAM or installing operating systems.
  • the system administrator may further need to monitor the behavior of an application running on a different server.
  • Each one of the applications required for every different function also requires its own maintenance, such as upgrading, ensuring compatibility, upgrade costs and hardware requirements.
  • This middleware facilitates the creation of management and monitoring tools for these software and hardware systems and allows them to run on any platform where HTTP and HTTPS are used.
  • Examples of the computer systems where these tools can be run include Android and iOS mobile devices and desktops computers running Window's, Linux and Apple OSX.
  • the present invention relates to a device and method for providing an enhanced mechanism to communicate with heterogenous hardware and software systems that use different protocols over a common protocol.
  • the invention creates a common method of communication to relay and process monitoring and administration commands to a mobile and desktop computer system.
  • Management of a hardware and software system is concerned with supervising, controlling, and monitoring the system to fulfill the requirements of both owners and users.
  • the management of a system may be performed by a combination of human and automated components.
  • the present application discloses a mediation and user interface method using a common protocol to administer and monitor heterogenous software and hardware systems and eliminate the need for multiple applications.
  • Systems according to the present application use standard protocols to communicate with a mediation device and the mediation device relays information to the administration application running on mobile and desktop computers.
  • the administration application has the ability to view, change, and monitor state information for these systems.
  • the JMX standard is used to administer software systems tailored by using the Java programming language. With Java programs becoming executable on all types of equipment, from mobile telephones and other onboard equipment to network infrastructures and application servers in the J2EE platform (Java 2 Enterprise Edition).
  • the JMX standard defines an architecture, services, and an applications programming interface (API) for administering and monitoring the resources of software systems. It has given rise to several implementations.
  • the JMX standard is currently defined by the Java Specification. In JMX, a resource to be administered or monitored is never accessed directly, it is administered by way of a particular Java software object dubbed an MBean (Management Bean), which“represents” this resource.
  • An enhanced Secure Shell (SSH) is a protocol having fine-grained access security policy management and enforcement.
  • remote user protocol connections and sessions may be added to the protected object space of a policy management system so that a system administrator may set permissions to access or use a particular secured system resource for each user, and by groups of users.
  • a system administrator may set permissions to access or use a particular secured system resource for each user, and by groups of users.
  • the user accesses the system by Secure Shell, rather than having full, unlimited use and access to system resources once authenticated, the user is granted permission to access only the system resources allowed in the security policy or policies.
  • An enhanced Simple Network Management Protocol (SNMP) management system for telecommunications networks provides many of the sophisticated management techniques enabled by Open Systems Interconnection (OSI), Common Management Information Protocol (CMIP) and Telecommunications Management Network (TMN) protocols, while maintaining the simplicity of SNMP.
  • the enhanced SNMP defines a management state of each SNMP agent, defines events which are to be reported from the agent to the management station, and provides a log for recording particular events and associated agent data values when the events occur.
  • the enhanced SNMP also provides the capability for an alarm, state change, and value change notification to be communicated from the SNMP agents to an SNMP management station when specific events occur at the agent.
  • the HTTP and HTTPS are protocols for sharing resources in a network environment.
  • a computer linked to the Internet may have resources or may provide services that are usable by other computers.
  • a user using one or more embodiments of the invention, can access those resources or services as if they were locally situated.
  • An application running by a client can access a resource on a remote computer by submitting a request via the HTTP and HTTPS protocols.
  • the request is analyzed, converted to proper format, and is transferred over the network lines to a server that can satisfy the request.
  • an application may not be authorized to submit a request directly to a server on the Internet.
  • limitations have been implemented that prohibit a requesting application from obtaining access to resources of a server computer unless that application is a trusted application.
  • a requesting application has a trusted status, then its request for connecting to the server is granted. If a request submitted by an application to a. server is denied, then a server that entrusts the application is identified, and the request is submitted to that server. A program code called a“servlet” is implemented on that server to accept the requests submitted by a trusted application. The submitted requests are analyzed by the server and are forwarded to a resource server that can satisfy the requests. A response from the resource server is routed through the server back to the requesting application.
  • C Advisor currently supports monitoring of Docker over HTTP only implementing the Docker HTTP API, but it is only implementing a single protocol from a single user interface.
  • the current invention aims to address these limitations by- leveraging the complexity of the protocols on the mediation device and providing an easy- to-implement HTTP and HTTPS protocols to the UI administration Module.
  • Ail of the solutions mentioned before allow adding plug-ins for administration of applications through different protocols.
  • these solutions do not translate commands to a single common protocol, making it difficult to send commands from other devices.
  • the word“invention” includes “inventions”, that is, the plural of “invention”.
  • the Applicant does not in any way admit that the present application does not include more the one patentable and non-obviously distinct invention and Applicant maintains that the present application may include more than one patentably and non-obviously distinct invention.
  • the Applicant hereby asserts, that the disclosure of the present application may include more than one invention, and, in the event that there is more than one invention, that these inventions may be patentable and non-obvious one with respect to the other.
  • manager is used to refer to any entity, human or automated, that can perform management activities in a hardware of software system.
  • the following application discloses a method and system for centralized monitoring and administration of computer systems. It provides a solution for the current problem of requiring different applications for monitoring and administration of servers using different protocols.
  • the present invention comprises translating commands from different protocols to a common protocol.
  • the present invention comprises communicating with a central server trough a common protocol to send commands to servers that run different protocols.
  • the present invention allows for monitoring and administration of ail the computer infrastructure through a single application that can ran on a personal computer or mobile device.
  • FIG. 1 illustrates the system architecture for a preferred embodiment of the present invention.
  • FIG. 2 is a block diagram of the components of a JMX module in an exemplary- embodiment of the present invention.
  • FIG. 3 is a block diagram of the components of an HTTP module in an exemplary embodiment of the present invention.
  • FIG. 4 is a block diagram of the components of an SSH module in an exemplary embodiment of the present invention. DETAILED DESCRIPTION
  • the present invention relates to system, method, computer program product embodiments, and combinations and sub-combinations, together they establish an HTTP and HTTPS message bridge between heterogenous hardware and software systems and a user interface (UI) elements.
  • UI user interface
  • These user interface elements run on mobile and desktop computers.
  • the heterogeneous systems may have a ‘broadcaster’ to send notifications for managed resources.
  • a processor collects state data sent to a message service.
  • the message service is customized to relay messages to UI components (elements) of a mobile or desktop client application. It also enables a user to interact with the UI to monitor and manage resources in a system.
  • An embodiment of the invention includes a centralized management server and zero or more distributed management modules.
  • the management server may contains several modules that help the mediation device manage all the plural systems.
  • the security module utilizes these credentials to allow or deny messages to the plural systems.
  • There is a configuration module used to define the profile of the company using the mediation system, in addition the module is used to monitor the activities of individual users accessing through the UI components.
  • the agent is a Java process running on a host server where a managed resource may or may not reside (e.g. Agent vs. Agentless deployment).
  • the management agent and management server provides a container for agent modules to run, services for runtime support of agent modules, and communication protocols for interaction with the agent services, the modules, and the heterogeneous systems.
  • the management server can identify the properties of a registered system automatically by scanning the system after an IP address has been provided.
  • the present invention proposes a device and method for mediation between heterogeneous systems and user interface elements. These methods allow the administration, monitoring and control of hardware and software systems.
  • the plural systems use a variety of protocols and instrumentation that allow communication with the mediation device.
  • the invention avoids any dependency on the communication protocol and requires no ad hoc development to aggregate the relevant information and administration services.
  • the device is reconfigurable, and makes it possible to dynamically change the logical view of the administered system.
  • the diagram depicts a typical installation of the invention where the mediation device or management server 1 wall connect to different network assets or managed servers using a variety of communication protocols 2, 3, 4, and 5.
  • the mediation device connecting to computer servers 6 running the Linux operating system, over the SSH protocol 2.
  • the diagram shows the mediation device connecting to JAVA containers using JMX 3.
  • the mediation device is connecting to network elements using the SNMP protocol 5.
  • the mediation device connects to some network assets using the HTTP protocol 4.
  • the diagram show's how the mediation device will connect to heterogenous systems and will translate their protocols into a common communication method 7 using HTTP request.
  • the mediation device will be used to relay this request (for example, a user command) to a user interface that could run on a phone or a desktop 8.
  • the mediation device also has an administration module to manage all the configuration and running parameters.
  • the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11
  • the processor will translate the HTTP request into a JMX request and send it to the J MX proxy resource 12 for processing.
  • the JMX proxy resource will then forward the JMX request to the network processor 13.
  • the network processor 13 will be in charge of selecting the proper network asset where the JMX request will be processed.
  • the network processor will then forward the request to the JMX proxy processor 14 together with the proper network asset information Then the JMX proxy processor will connect to the network asset 17 with the help of the JMX connection factory 15.
  • the connection factory will establish the connection 16 to the asset 17 and the proxy processor sends the request for processing. Once the request is processed by the asset 17, the reply is sent back through the same channel to the requesting party.
  • Fig. 3 shows how the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11.
  • the processor will translate the HTTP request into as HTTP request and send it to the network processor 13
  • the network processor will be in charge of selecting the proper network asset 20 where the HTTP request will be processed.
  • the network processor 13 will then forward the request to the HTTP proxy processor 22, which will connect to the network asset with the help of the HTTP connection factory 23.
  • the connection factory 23 will establish the connection 16 to the asset 20 and the proxy processor 22 sends the request for processing.
  • the reply is sent back through the same channel to the requesting party.
  • the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11.
  • the processor will translate the HTTP request into a SSH request and send it to the network processor 13.
  • the network processor will be in charge of selecting the proper network asset where the SSH request will be processed.
  • the SSH proxy processor 18 will connect to the network asset 21 with the help of the SSH connection factory 19.
  • the connection factory 19 will establish the connection 16 to the asset 21 and the proxy processor 18 sends the request for processing.
  • the reply is sent back through the same channel to the requesting party.

Abstract

A mediation system and process thereof for management an administration of computer servers and software systems. The system allows for monitoring and configuring multiple various hardware and software platforms from a single application by reinterpreting and converting commands received from the user into a command compatible with the managed server. Subroutines identify the communication protocol used by the managed server in order to properly convert the command received from a user in the single application into the proper command for the managed server. The system provides a central administration interface for a plurality of hardware and software systems that is independent on the communication protocol that said systems have available.

Description

METHOD AND SYSTEM FOR ADMINISTRATION AND MONITORING OF A
HETEROGENEOUS ENVIRONMENT COMPRISING HARDWARE AND
SOFTWARE SYSTEMS PRIORITY
This application claims priority from U.S. Provisional Application 62/749,286, filed on October 23, 2018, the contents of which are fully incorporated by reference.
BACKGROUND OF THE INVENTION
Field of the Invention
The present invention lies in the field of the administration, management, and monitoring of computer servers and software systems. Particularly, the present invention is directed to a mediation device and method that allows the administration and monitoring of various complex hardware platforms and software systems through a common protocol. The mediation device comprises various subroutines to identify and communicate with different application servers using various communication protocols and reinterpret commands to and from said application servers in a common protocol so they can be administered and monitored from a remote device using a single application.
Discussion of the Background
Computer systems administration currently requires numerous software tools to be able to access all the components in a system. Different businesses with different needs require software and hardware components that may not be simply manageable, making the job of a system administrator tougher every time each component needs maintenance. For example, a system administrator may need a specific software application to manage virtual hardware and carry out operations like adding RAM or installing operating systems. The system administrator may further need to monitor the behavior of an application running on a different server. Each one of the applications required for every different function also requires its own maintenance, such as upgrading, ensuring compatibility, upgrade costs and hardware requirements.
Currently in the field there are a large number of hardware and software systems that use a variety of communication protocols to relay information about their running state and commands to control their operation. Such protocols include, but are not limited to, SSH, JMX, HTTP, TCPIP, SNMP, 1PMI. For a system administrator to be able to manage and keep track of different servers using several protocols poses a great technical challenge, as different software applications to control and administer these multiple software and hardware systems are required. The present invention addresses this challenge by serving as a middleware that communicates with these systems using their existing protocols and translates the communication to a common and easier to implement communication protocol, for example, HTTP and HTTPS. This middleware facilitates the creation of management and monitoring tools for these software and hardware systems and allows them to run on any platform where HTTP and HTTPS are used. Examples of the computer systems where these tools can be run include Android and iOS mobile devices and desktops computers running Window's, Linux and Apple OSX.
The present invention relates to a device and method for providing an enhanced mechanism to communicate with heterogenous hardware and software systems that use different protocols over a common protocol. The invention creates a common method of communication to relay and process monitoring and administration commands to a mobile and desktop computer system. Management of a hardware and software system is concerned with supervising, controlling, and monitoring the system to fulfill the requirements of both owners and users. The management of a system may be performed by a combination of human and automated components.
The present application discloses a mediation and user interface method using a common protocol to administer and monitor heterogenous software and hardware systems and eliminate the need for multiple applications. Systems according to the present application use standard protocols to communicate with a mediation device and the mediation device relays information to the administration application running on mobile and desktop computers. The administration application has the ability to view, change, and monitor state information for these systems.
The following standard protocols are examples of what is used as means of communication to heterogeneous systems:
The JMX standard is used to administer software systems tailored by using the Java programming language. With Java programs becoming executable on all types of equipment, from mobile telephones and other onboard equipment to network infrastructures and application servers in the J2EE platform (Java 2 Enterprise Edition). The JMX standard defines an architecture, services, and an applications programming interface (API) for administering and monitoring the resources of software systems. It has given rise to several implementations. The JMX standard is currently defined by the Java Specification. In JMX, a resource to be administered or monitored is never accessed directly, it is administered by way of a particular Java software object dubbed an MBean (Management Bean), which“represents” this resource. An enhanced Secure Shell (SSH) is a protocol having fine-grained access security policy management and enforcement. Via an authorization application programming interface, remote user protocol connections and sessions may be added to the protected object space of a policy management system so that a system administrator may set permissions to access or use a particular secured system resource for each user, and by groups of users. Thus, when a user accesses the system by Secure Shell, rather than having full, unlimited use and access to system resources once authenticated, the user is granted permission to access only the system resources allowed in the security policy or policies.
An enhanced Simple Network Management Protocol (SNMP) management system for telecommunications networks provides many of the sophisticated management techniques enabled by Open Systems Interconnection (OSI), Common Management Information Protocol (CMIP) and Telecommunications Management Network (TMN) protocols, while maintaining the simplicity of SNMP. The enhanced SNMP defines a management state of each SNMP agent, defines events which are to be reported from the agent to the management station, and provides a log for recording particular events and associated agent data values when the events occur. The enhanced SNMP also provides the capability for an alarm, state change, and value change notification to be communicated from the SNMP agents to an SNMP management station when specific events occur at the agent.
The HTTP and HTTPS are protocols for sharing resources in a network environment. Typically, a computer linked to the Internet may have resources or may provide services that are usable by other computers. A user, using one or more embodiments of the invention, can access those resources or services as if they were locally situated. An application running by a client can access a resource on a remote computer by submitting a request via the HTTP and HTTPS protocols. The request is analyzed, converted to proper format, and is transferred over the network lines to a server that can satisfy the request. For security reasons, an application may not be authorized to submit a request directly to a server on the Internet. For example, limitations have been implemented that prohibit a requesting application from obtaining access to resources of a server computer unless that application is a trusted application. If a requesting application has a trusted status, then its request for connecting to the server is granted. If a request submitted by an application to a. server is denied, then a server that entrusts the application is identified, and the request is submitted to that server. A program code called a“servlet” is implemented on that server to accept the requests submitted by a trusted application. The submitted requests are analyzed by the server and are forwarded to a resource server that can satisfy the requests. A response from the resource server is routed through the server back to the requesting application.
Monitoring and administration of servers using these different protocols currently requires having access to specific application for each protocol. A system administrator must install and maintain several applications on one or more servers to be able to properly manage the complete infrastructure. Therefore, there is a need for a centralized system that allows for monitoring and administration from a single application.
DESCRIPTION OF THE PRIOR ART
Current solutions to the problem of segregated monitoring and administration of computer systems allow management of servers using separate applications. Centralized solutions, such as cPanel, ITManager.net, JConsole, JProfiler, cAdvisor and MoSKito are used to monitor different network assets but each tool specializes in assets using one protocol for communication. For example, MoSKito and JConsoie are designed to monitor JMX containers from a desktop application, they connect to a server via JMX and query the server directly. ITManager.net specializes in monitoring and controlling network assets running the Windows operating systems. ITManager.net also connects to some other network assets but it is limited to the number of protocols implemented on the Android and iOS systems. C Advisor currently supports monitoring of Docker over HTTP only implementing the Docker HTTP API, but it is only implementing a single protocol from a single user interface. In contrast, the current invention aims to address these limitations by- leveraging the complexity of the protocols on the mediation device and providing an easy- to-implement HTTP and HTTPS protocols to the UI administration Module. Ail of the solutions mentioned before allow adding plug-ins for administration of applications through different protocols. However, these solutions do not translate commands to a single common protocol, making it difficult to send commands from other devices.
BRIEF SUMMARY
All references, including any patents or patent applications cited in this specification are hereby incorporated by reference. No admission is made that any reference constitutes prior art. The discussion of the references states what their authors assert, and the applicants reserve the right to challenge the accuracy and pertinence of the cited documents. It will be clearly understood that, although a number of prior art publications are referred to herein, this reference does not constitute an admission that any of these documents form part of the common general knowledge in the art. It is acknowledged that the term‘comprise’ may, under varying jurisdictions, be attributed with either an exclusive or an inclusive meaning. For the purpose of this specification, and unless otherwise noted, the term‘comprise’ shall have an inclusive meaning - i.e. that it will be taken to mean an inclusion of not only the listed components it directly references, but also other non-specified components or elements. This rationale will also be used when the term‘comprised’ or‘comprising’ is used in relation to one or more steps in a method or process.
When the word“invention” is used in this specification, the word“invention” includes “inventions”, that is, the plural of “invention”. By stating“invention”, the Applicant does not in any way admit that the present application does not include more the one patentable and non-obviously distinct invention and Applicant maintains that the present application may include more than one patentably and non-obviously distinct invention. The Applicant hereby asserts, that the disclosure of the present application may include more than one invention, and, in the event that there is more than one invention, that these inventions may be patentable and non-obvious one with respect to the other.
The term“manager” is used to refer to any entity, human or automated, that can perform management activities in a hardware of software system.
Further, the purpose of the accompanying abstract is to enable the U.S. Patent and Trademark Office and the public generally, and especially the scientists, engineers, and practitioners in the art who are not familiar with patent or legal terms or phraseology, to determine quickly from a cursory inspection the nature and essence of the technical disclosure of the application. The abstract is neither intended to define the invention of the application, which is measured by the claims, nor is it intended to be limiting as to the scope of the invention in any way.
The following application discloses a method and system for centralized monitoring and administration of computer systems. It provides a solution for the current problem of requiring different applications for monitoring and administration of servers using different protocols.
In some embodiments, the present invention comprises translating commands from different protocols to a common protocol.
In some embodiments, the present invention comprises communicating with a central server trough a common protocol to send commands to servers that run different protocols.
In some embodiments, the present invention allows for monitoring and administration of ail the computer infrastructure through a single application that can ran on a personal computer or mobile device.
BRIEF DESCRIPTION OF THE DRAWINGS
FIG. 1 illustrates the system architecture for a preferred embodiment of the present invention.
FIG. 2 is a block diagram of the components of a JMX module in an exemplary- embodiment of the present invention.
FIG. 3 is a block diagram of the components of an HTTP module in an exemplary embodiment of the present invention.
FIG. 4 is a block diagram of the components of an SSH module in an exemplary embodiment of the present invention. DETAILED DESCRIPTION
To provide an overall understanding of the invention, certain illustrative embodiments and examples will now be described. However, it will be understood by one of ordinary skill in the art that the same or equivalent functions and sequences may be accomplished by different embodiments that are also intended to be encompassed within the spirit and scope of the disclosure. The compositions, apparatuses, systems and/or methods described herein may be adapted and modified as is appropriate for the application being addressed and that those described herein may be employed in other suitable applications, and that such other additions and modifications will not depart from the scope hereof.
As used in the specification and claims, the singular forms "a", "an" and "the" include plural references unless the context clearly dictates otherwise. For example, the term“a transaction" may include a plurality of transaction unless the context clearly dictates otherwise. As used in the specification and claims, singular names or types referenced include variations within the family of said name unless the context clearly dictates otherwise.
The present invention relates to system, method, computer program product embodiments, and combinations and sub-combinations, together they establish an HTTP and HTTPS message bridge between heterogenous hardware and software systems and a user interface (UI) elements. These user interface elements run on mobile and desktop computers. In addition, the design allows for communication between these plural systems using standard communication protocols. The heterogeneous systems may have a ‘broadcaster’ to send notifications for managed resources. A processor collects state data sent to a message service. The message service is customized to relay messages to UI components (elements) of a mobile or desktop client application. It also enables a user to interact with the UI to monitor and manage resources in a system.
An embodiment of the invention includes a centralized management server and zero or more distributed management modules. The management server may contains several modules that help the mediation device manage all the plural systems. There is a security module to control access to all the managed systems, this module assigns a user and a password so individual users can connect to the system. The security module utilizes these credentials to allow or deny messages to the plural systems. There is an encryption module in charge of protecting the user and passwords used to connect to plural systems, this module encrypts and decrypts the passwords during the operation of the mediation system. There is a configuration module used to define the profile of the company using the mediation system, in addition the module is used to monitor the activities of individual users accessing through the UI components. There is an assets module used to configure every single one of the plural systems to be managed. This module is in charge of keeping all information organized in a logical manner so the UI components can query, manage, and change the state of the registered plural systems in an embodiment, the agent is a Java process running on a host server where a managed resource may or may not reside (e.g. Agent vs. Agentless deployment). In accord ance with an embodiment of the invention, the management agent and management server provides a container for agent modules to run, services for runtime support of agent modules, and communication protocols for interaction with the agent services, the modules, and the heterogeneous systems. In another exemplar)^ embodiment, the management server can identify the properties of a registered system automatically by scanning the system after an IP address has been provided.
The present invention proposes a device and method for mediation between heterogeneous systems and user interface elements. These methods allow the administration, monitoring and control of hardware and software systems. The plural systems use a variety of protocols and instrumentation that allow communication with the mediation device. The invention avoids any dependency on the communication protocol and requires no ad hoc development to aggregate the relevant information and administration services. The device is reconfigurable, and makes it possible to dynamically change the logical view of the administered system.
As shown in Fig. 1, the diagram depicts a typical installation of the invention where the mediation device or management server 1 wall connect to different network assets or managed servers using a variety of communication protocols 2, 3, 4, and 5. In the example it shows the mediation device connecting to computer servers 6 running the Linux operating system, over the SSH protocol 2. Also, the diagram shows the mediation device connecting to JAVA containers using JMX 3. In addition, the mediation device is connecting to network elements using the SNMP protocol 5. Finally, the mediation device connects to some network assets using the HTTP protocol 4. The diagram show's how the mediation device will connect to heterogenous systems and will translate their protocols into a common communication method 7 using HTTP request. The mediation device will be used to relay this request (for example, a user command) to a user interface that could run on a phone or a desktop 8. The mediation device also has an administration module to manage all the configuration and running parameters. In Fig. 2, using a mobile device 8, the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11 The processor will translate the HTTP request into a JMX request and send it to the J MX proxy resource 12 for processing. The JMX proxy resource will then forward the JMX request to the network processor 13. The network processor 13 will be in charge of selecting the proper network asset where the JMX request will be processed. The network processor will then forward the request to the JMX proxy processor 14 together with the proper network asset information Then the JMX proxy processor will connect to the network asset 17 with the help of the JMX connection factory 15. The connection factory will establish the connection 16 to the asset 17 and the proxy processor sends the request for processing. Once the request is processed by the asset 17, the reply is sent back through the same channel to the requesting party.
Fig. 3 shows how the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11. The processor will translate the HTTP request into as HTTP request and send it to the network processor 13 The network processor will be in charge of selecting the proper network asset 20 where the HTTP request will be processed. The network processor 13 will then forward the request to the HTTP proxy processor 22, which will connect to the network asset with the help of the HTTP connection factory 23. The connection factory 23 will establish the connection 16 to the asset 20 and the proxy processor 22 sends the request for processing. Once the request is processed by the asset
20, the reply is sent back through the same channel to the requesting party.
A similar process is shown in Fig 4, for the SSH protocol. In the diagram, the mediation device will receive an HTTP request through the controller 9, the mediation device will use an OAuth module 10 to validate the request, then it will send it for processing to the server proxy where the correct version of the container processor will be selected 11. The processor will translate the HTTP request into a SSH request and send it to the network processor 13. The network processor will be in charge of selecting the proper network asset where the SSH request will be processed. Then the SSH proxy processor 18 will connect to the network asset 21 with the help of the SSH connection factory 19. The connection factory 19 will establish the connection 16 to the asset 21 and the proxy processor 18 sends the request for processing. Once the request is processed by the asset
21, the reply is sent back through the same channel to the requesting party.
While the disclosure includes reference to specific embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing fro the true spirit and scope of the disclosure. In addition, many modifications may be made without departing from the essential teachings of the disclosure. When reference is made to specific known applications or systems, it will be understood by those skilled in the art that various substitutes and alternatives may be available.

Claims

Claims:
1. A heterogeneous hardware and software administration system comprising:
a management server;
one or more computer readable storage devices,
one or more computer processors;
one or more managed servers;
wherein each one of said one or more managed servers is functionally connected to said management server through a communication protocol;
program instructions stored on the one or more computer readable storage devices for execution by at least one of the one or more computer processors, the stored program instructions comprising:
progra instructions for a user interface,
program instructions for controlling access to said plurality of managed servers;
program instructions for encrypting identifying data of said plurality of managed servers,
program instructions for accepting user commands through said user interface;
program instructions for converting said user commands into
configuration commands compatible with the communication protocol for each one of said one or more managed servers.
2. The system of claim 1, wherein said management server is accessible through a mobile device using the HTTP communication protocol.
3. The system of claim 1, wherein said user interface is a graphical user interface.
4. The system of claim 1, wherein said communication protocol is one of SSH, JMX, HTTP or SNMP.
5. The syste of claim 1 wherein said management server is a mobile device.
6. A method for hardware and software administration comprising the steps of:
configuring a management server to interact with one or more managed servers; wherein each one of said one or more managed servers is functionally connected to said management server through a communication protocol;
accepting, by said management server through a user interface, user commands for managing said one or more managed servers;
converting said user commands into configuration commands compatible with the communication protocol used by each one of said one or more managed servers;
processing, by each of said management servers, said configuration commands
7. The method of claim 6, wherein said management server is accessible through a mobile device using the HTTP communication protocol.
8. The method of claim 6, wherein said user interface is a graphical user interface.
9. The method of claim 6, wherein said communication protocol is one of SSH, JMX,
HTTP or SNMP.
10. The method of claim wherein said management server is a mobile device.
PCT/US2019/057559 2018-10-23 2019-10-23 Method and system for administration and monitoring of a heterogeneous environment comprising hardware and software systems WO2020086657A1 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US201862749286P 2018-10-23 2018-10-23
US62/749,286 2018-10-23

Publications (1)

Publication Number Publication Date
WO2020086657A1 true WO2020086657A1 (en) 2020-04-30

Family

ID=70331635

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2019/057559 WO2020086657A1 (en) 2018-10-23 2019-10-23 Method and system for administration and monitoring of a heterogeneous environment comprising hardware and software systems

Country Status (1)

Country Link
WO (1) WO2020086657A1 (en)

Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050071439A1 (en) * 2003-09-29 2005-03-31 Peter Bookman Mobility device platform
US20110191474A1 (en) * 2008-01-28 2011-08-04 Trevor Fiatal System and method of a relay server for managing communications and notification between a mobile device and application server
US20140108794A1 (en) * 2012-10-16 2014-04-17 Citrix Systems, Inc. Controlling mobile device access to secure data
US20140149554A1 (en) * 2012-11-29 2014-05-29 Ricoh Co., Ltd. Unified Server for Managing a Heterogeneous Mix of Devices
US20150296505A1 (en) * 2010-07-26 2015-10-15 Seven Networks, Inc. Mobile traffic optimization and coordination and user experience enhancement
US20160041997A1 (en) * 2012-12-21 2016-02-11 Commvault Systems, Inc. Data storage system for analysis of data across heterogeneous information management systems

Patent Citations (6)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050071439A1 (en) * 2003-09-29 2005-03-31 Peter Bookman Mobility device platform
US20110191474A1 (en) * 2008-01-28 2011-08-04 Trevor Fiatal System and method of a relay server for managing communications and notification between a mobile device and application server
US20150296505A1 (en) * 2010-07-26 2015-10-15 Seven Networks, Inc. Mobile traffic optimization and coordination and user experience enhancement
US20140108794A1 (en) * 2012-10-16 2014-04-17 Citrix Systems, Inc. Controlling mobile device access to secure data
US20140149554A1 (en) * 2012-11-29 2014-05-29 Ricoh Co., Ltd. Unified Server for Managing a Heterogeneous Mix of Devices
US20160041997A1 (en) * 2012-12-21 2016-02-11 Commvault Systems, Inc. Data storage system for analysis of data across heterogeneous information management systems

Similar Documents

Publication Publication Date Title
US9270658B2 (en) Auditing communications
US10554402B2 (en) System for retrieval of email certificates from remote certificate repository
JP7225326B2 (en) Associating User Accounts with Corporate Workspaces
JP6263537B2 (en) LDAP-based multi-tenant in-cloud identity management system
EP2332285B1 (en) Methods and systems for securely managing virtualization platform
US10044765B2 (en) Method and apparatus for centralized policy programming and distributive policy enforcement
US20140020062A1 (en) Techniques for protecting mobile applications
JP2017097858A (en) Application self-service for assured log management in cloud environments
US11368462B2 (en) Systems and method for hypertext transfer protocol requestor validation
US11163584B2 (en) User device compliance-profile-based access to virtual sessions and select virtual session capabilities
RU2415466C1 (en) Method of controlling identification of users of information resources of heterogeneous computer network
US10447818B2 (en) Methods, remote access systems, client computing devices, and server devices for use in remote access systems
US20150304237A1 (en) Methods and systems for managing access to a location indicated by a link in a remote access system
US11805108B2 (en) Secure volume encryption suspension for managed client device updates
US20220103526A1 (en) Policy integration for cloud-based explicit proxy
WO2020086657A1 (en) Method and system for administration and monitoring of a heterogeneous environment comprising hardware and software systems
US11695736B2 (en) Cloud-based explicit proxy with private access feature set
US11748505B2 (en) Secure data processing in a third-party cloud environment
US20230195493A1 (en) Virtual device enrollment and management
Lu et al. Securing Your Collaborative Jupyter Notebooks in the Cloud using Container and Load Balancing Services
US20210192063A1 (en) Secure data leakage control in a third party cloud computing environment

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 19875383

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 19875383

Country of ref document: EP

Kind code of ref document: A1