JP2005260926A - Communication controller and network management system using this - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To enable a personal computer usually connected to LAN to connect to an identical LAN from a different spot through a different communication device temporarily while securing security without setting time and trouble. <P>SOLUTION: Servers 1, 2, 5, personal computers 8a, 8b, and a communication device (routers 4a, 4b and the like) which relays data between the servers and the routers are included by LAN. A communication controller 3 is connected to the LAN. The controller 3 includes a storage 31 which memorizes schedule time of the personal computers 8a, 8b to be connected to another part of the identical LAN and used, information of a communication device at other parts of the identical LAN, and setting information of the communication device to enable communication with the computer, and timer 32 to indicate time. After comparing scheduled time and time indicated by the timer 32, settings of the communication device to which the personal computer is planned to be connected are performed on the basis of information of the communication device stored by the storage 31 and setting information before the scheduled time comes. <P>COPYRIGHT: (C)2005,JPO&NCIPI

Description

  The present invention allows a personal computer, which is usually connected to a local area network (LAN), to be used in the same LAN from different locations via different communication devices while ensuring security without setting effort. The present invention relates to a communication control apparatus that can be temporarily connected and a network management system using the communication control apparatus.

  In recent years, software generally called groupware has been widely used in companies and the like. By using groupware, it is possible to efficiently manage schedules for group members and to reserve shared facilities such as conference rooms.

  Further, Patent Document 1 discloses a system that can also reserve a device to be used when reserving use of a conference room or the like. In this system, the reservation terminal registers the use schedule of the conference room in the main management device. The usage schedule is registered with at least a room name, a reservation time, and a device used. Each conference room is provided with a control device for centrally controlling environmental adjustment equipment and audiovisual equipment attached to the conference room. Then, operate the equipment that adjusts the room environment (air conditioning, lighting, etc.) so that the conference room is suitable for use at the reservation time, and set the use equipment set in the use schedule to the reservation time. A device related to a device to be used is operated in a series of steps so as to be usable.

In addition, recently, presentations using a personal computer and a projector are often performed at a meeting or a business talk. In this case, if the person who makes the presentation is an in-house person, bring the portable (notebook) personal computer that I usually use to the conference room and access the company server via the in-house LAN. Preparation is often efficient. For this reason, a LAN cable for accessing an in-house LAN is also laid in the conference room, and a unique IP (Internet Protocol) address or the like may be set for the conference room. In recent years, wireless LANs have also become widespread, and wireless LAN access points are installed in a conference room or in the vicinity of a conference room, and it is also possible to access an in-house server via this.
JP-A-9-128446

  However, since people outside the company also enter the conference room for meetings and business negotiations, security considerations are necessary for connection from the conference room to the in-house LAN so that unauthorized access and eavesdropping do not occur. . In particular, when a wireless LAN is used, special consideration is required because security is weaker than that of a wired LAN.

For this reason, conventionally, in the case of a wired LAN, (1) the unique address set in the conference room is notified only to the conference room user, and the system administrator uses the conference room each time or at an appropriate frequency. (2) Using a DHCP (Dynamic Host Configuration Protocol) server or the like, an IP address corresponding to a MAC (Media Access Control) address is assigned when a personal computer is connected (3) It was common to manage the address of the conference room by one of the methods of using the personal computer that is usually used in the office by using the dynamic V-LAN in the conference room. However, in the method (1), it is necessary to change the setting manually, and there is a problem that the setting change of the user and the burden on the system administrator are heavy. In addition, the method (2) requires a DHCP server, and there is a problem that it takes man-hours for managing the MAC address of the terminal client. Further, if the MAC address is forged, there is a possibility of unauthorized access. Furthermore, in the method (3), the user does not need to change the setting of a personal computer or the like, but a special network device and an authentication server are required, leading to a cost increase.

  In the case of a wireless LAN, if the WEP (Wired Equivalent Privacy) key is fixed, the encryption key may be analyzed. Therefore, it is necessary to change the WEP key at an appropriate frequency. According to the literature, when a large amount of data is transmitted / received in the 802.11b system with the 128-bit WEP key, it is said that if the data is collected for about 8 hours, the WEP key can be identified based on that data. ing. Furthermore, with the recent increase in the speed of the wireless LAN, the time required for the determination of the WEP key is further shortened.

  On the other hand, recently, WPA (Wi-Fi protected access) has been standardized by improving wireless LAN security. This method has improved vulnerability to wiretapping and unauthorized access, which are weak points of WEP. In particular, since eavesdropping measures cannot be easily analyzed even if data is accumulated, even if the same shared key is used for a long time, it is relatively safe. However, if the key is left fixed, it is dangerous if the shared key is leaked, so it is desirable to change the key periodically. However, it is a heavy burden on the system administrator to perform this operation manually. Recently, a mechanism for dynamically changing the WEP key by performing authentication by ID and password with a RADIUS (Remote Authentication Dial-In User Service) server is considered, but there is a problem that it takes a lot of time for server operation.

  In view of these problems, the present invention allows a personal computer that is normally connected to a LAN to be used from a different location via a different communication device while ensuring security without taking time for setting. An object of the present invention is to provide a network management system that can be temporarily connected to the network.

  To achieve the above object, a communication control device according to the present invention is a local area network including a server device, a client device, and a communication device that relays data between the server device and the client device. A communication control device to be connected, the scheduled time when a client device connected to the local area network is connected to another location in the same local area network, and a communication device related to the other location. A storage unit that stores information and setting information of the communication device for enabling communication with the client device, a timer that represents time, and compares the scheduled time with the time represented by the timer. Based on the information on the communication device and the setting information stored in the storage unit before the scheduled time arrives. Te, and performs setting of communication devices that will the client device is connected.

  In order to achieve the above object, a network management system according to the present invention includes a local area including a server device, a client device, and a communication device that relays data between the server device and the client device. A network management system that enables a client device connected to the local area network to be connected to another location in the same local area network on a network, and includes a storage unit and a timer, and the communication From the communication control device for setting the device and the client device connected to the local area network, the scheduled time to connect the client device to another location in the same local area network, and the other location Schedule to store information about A communication unit that stores communication device setting information for enabling communication with each client device with respect to each of the client devices connected to the local area network. The apparatus refers to the schedule management unit, stores the scheduled time stored in the schedule management unit, and information on a communication device related to a place where the client device is to be connected, in the storage unit, With reference to the setting information storage unit, the setting information of the communication device for enabling communication with the client device is stored in the storage unit, and the scheduled time is compared with the time represented by the timer, Before the scheduled time arrives, based on the information on the communication device and the setting information stored in the storage unit, the client And performing a set of communication devices that will cement device is connected.

  According to the present invention, it is possible to temporarily connect a personal computer connected to a LAN and using it from a different location to a same LAN via a different communication device while ensuring security without setting time. Can be connected and used.

  As described above, the communication control device according to the present invention is a communication connected to a local area network including a server device, a client device, and a communication device that relays data between the server device and the client device. A control device that is used when a client device connected to the local area network is connected to another location in the same local area network, information on a communication device related to the other location, A storage unit that stores setting information of the communication device for enabling communication with a client device; a timer that represents time; and the scheduled time and the time represented by the timer are compared, and the scheduled Before the time arrives, the class is determined based on the communication device information and the setting information stored in the storage unit. Ant device is configured to perform setting of communication devices that are to be connected.

  In this configuration, the “other location in the same local area network” is, for example, another router in the local area network, and the setting information is, for example, an IP (Internet Protocol) address of the client device. And a MAC (Media Access Control) address. That is, when the client apparatus is brought into a place (for example, a conference room) different from the place where the client apparatus is normally used and used, the communication control apparatus according to the present invention can, for example, Then, the IP address and MAC address of the client device are set. Accordingly, it is possible to connect to the local area network using a client device that is normally used in a place different from the usual. In addition, since settings are made according to only the client device scheduled to be used before the scheduled time arrives, as compared with the conventional method of always giving a fixed IP address or the like to the conference room, There is an advantage that the security level is improved. In addition, since the communication control apparatus makes settings for the communication device, there is an effect that the system administrator does not have to give an IP address or the like each time, and the management burden can be reduced.

  Further, in addition to the above configuration, when the local area network further includes a wireless LAN access point as the communication device, the “other location in the same local area network” is, for example, the local area network The WEP key creation unit for generating a WEP (Wired Equivalent Privacy) key distributed to each client device, wherein the setting information is the client device. It is also preferable to further include an SSID (Service Set ID) and a newly generated WEP key.

  According to this configuration, since the communication control device sets the SSID and the newly generated WEP key for the wireless access point to which the client device is to be connected, the client that is normally used as a wireless LAN client The device can be used with other wireless LAN access points. Further, when the communication control device generates a WEP key and the client device is connected to another wireless LAN access point, the WEP key is used, so there is an advantage that the security level is improved. In addition, since the communication control device generates the WEP key and sets the communication device, the management burden on the system administrator can be reduced.

  The network management system according to the present invention, as described above, on a local area network including a server device, a client device, and a communication device that relays data between the server device and the client device, A network management system that enables a client device connected to the local area network to be connected to another location in the same local area network, comprising a storage unit and a timer, and setting the communication device A communication control device to perform, a client device connected to the local area network, a scheduled time to use the client device connected to another location in the same local area network, and information on the other location A schedule management unit for inputting and storing; For each of the client devices connected to the local area network, a setting information storage unit that stores setting information of a communication device for enabling communication with each client device, and the communication control device includes: Referring to the schedule management unit, the scheduled time stored in the schedule management unit and information on the communication device related to the place where the client device is scheduled to be connected are stored in the storage unit and the setting information storage The communication device setting information for enabling communication with the client device is stored in the storage unit, and the scheduled time is compared with the time represented by the timer. Before arriving, the client device is connected based on the information on the communication device and the setting information stored in the storage unit. It is configured to perform a set of communication equipment that will be.

  In this configuration, the “other location in the same local area network” is, for example, another router in the local area network, and the setting information includes, for example, the IP address and MAC address of the client device. including. That is, when the client device is brought into a place (for example, a conference room) different from the place where the client device is normally used, the communication control device in the network management system according to the present invention is connected to the conference room, for example. The IP address and MAC address of the client device are set for the router. As a result, it is possible to connect to the local area network using a client device that is normally used in a place different from the usual. In addition, since settings are made according to only the client device scheduled to be used before the scheduled time arrives, as compared with the conventional method of always giving a fixed IP address or the like to the conference room, There is an advantage that the security level is improved. In addition, since the communication control apparatus makes settings for the communication device, the system administrator does not have to give an IP address each time, and the management burden can be reduced.

  Further, in addition to the above configuration, when the local area network further includes a wireless LAN access point as the communication device, the “other location in the same local area network” is, for example, the local area network The wireless LAN access point, and the communication control device further includes a WEP key creation unit that generates a WEP key distributed to each client device, and the setting information is newly generated with the SSID of the client device. It is also preferable to further include a modified WEP key.

  According to this configuration, since the communication control device sets the SSID and the newly generated WEP key for the wireless access point to which the client device is to be connected, the client that is normally used as a wireless LAN client The device can be used with other wireless LAN access points. Further, when the communication control device generates a WEP key and the client device is connected to another wireless LAN access point, the WEP key is used, so there is an advantage that the security level is improved. In addition, since the communication control device generates the WEP key and sets the communication device, the management burden on the system administrator can be reduced.

  DESCRIPTION OF EMBODIMENTS Hereinafter, embodiments for carrying out the present invention will be described in detail with reference to the drawings, taking preferred examples thereof.

[First Embodiment]
In the first embodiment, an in-house (inside company) network system is exemplified as an embodiment of the network management system according to the present invention. However, the present invention is not limited to this example, and any local area network other than the in-company network is used. It is possible to apply to.

  FIG. 1 is a block diagram showing a schematic configuration of an in-house network system according to the present embodiment. As shown in FIG. 1, the in-house network system according to the present embodiment includes a collaboration server 1, a database server 2, a communication control device 3, routers 4a and 4b, a program distribution server 5, and the like that are connected to each other via a communication cable. It is a connected configuration. Communication between the collaboration server 1, the database server 2, the program distribution server 5, and other servers (not shown) and personal computers (hereinafter abbreviated as personal computers) 8a and 8b which are client devices is performed by routers 4a and 4b. And relayed by communication devices such as hubs 6a and 6c and wireless LAN access points (hereinafter abbreviated as wireless APs) 7b and 7d.

  The router 4a is connected to a hub 6a installed in the office A and a wireless AP 7b installed in the office B. The router 4b is connected to a hub 6c installed in the conference room C and a wireless AP 7d installed in the conference room D. The personal computer 8a in the office A is connected to the hub 6a by a LAN cable. On the other hand, the personal computer 8b in the office B can be connected to the wireless AP 7b as a wireless LAN client. In FIG. 1, for simplicity of explanation, one hub and one wireless AP installed in each office or conference room are shown, but the number of these is arbitrary. Also, hubs and wireless APs may be mixed in the same office room. Further, in the configuration of FIG. 1, there is one personal computer connected to the hub 6a, but any number of personal computers can be connected according to the number of ports of the hub. If the hubs are connected in cascade, more personal computers can be connected.

  The collaboration server 1 provides various functions such as a schedule management function, a conference room reservation function, an equipment reservation function, and the like, in order to provide a schedule management section 11, a conference room reservation section 12, an equipment reservation section 13, and the like (others are not shown). Have These functions are used by accessing the collaboration server 1 from a client (such as the personal computer 8a).

  The database server 2 stores name information of users who use this in-house network system and information related to the IP address and MAC address of the personal computer used by each user. Note that the IP address and MAC address can be automatically detected when a personal computer is connected. When the collaboration server 1 is accessed, the name code is used as an ID, and it is automatically created. Is also possible. In addition, data related to the schedule managed by the collaboration server 1 may be stored in cooperation with the collaboration server 1. FIG. 2 shows an example of data stored in the database server 2. In the example of FIG. 2, a 7-digit name code uniquely assigned to each user and the name are stored as the name information. In addition, the IP address and MAC address of the personal computer used by each user are registered.

  The communication control device 3 includes a storage device 31, a timer 32, and a WEP key creation unit 33, and enables use of a personal computer in a conference room in conjunction with the collaboration server 1 and the database server 2.

  Here, in the in-house network system of the present embodiment having the above-described configuration, a procedure for making a conference room reservation and the operation of each unit will be described. First, the case of reserving the use of a wired LAN personal computer in a conference room will be described with reference to FIGS.

  FIG. 3 is a flowchart showing a procedure for reserving a conference room in the in-house network system of the present embodiment. FIG. 4 is an explanatory diagram illustrating an example of data stored in the collaboration server 1, and FIG. 5 is an explanatory diagram illustrating an example of data stored in the communication control device 3.

  First, the user accesses the collaboration server 1 from a personal computer in the office and makes a conference room reservation (step S1 in FIG. 3). Here, the user inputs the conference room reservation time, the conference room, the name, and the name code. The input information is sent to the conference room reservation unit 12. Note that the name and name code may be automatically acquired from login information to the collaboration server 1. In FIG. 1, thick arrows indicated by circled numbers indicate how data or control commands are exchanged at each step. For example, the circled number 1 in FIG. 1 corresponds to step S1. Thereby, reservation information as shown in FIG. 4 is stored in the collaboration server 1. This reservation information includes time data indicating the reservation time of the conference room, the name code and name of the reservation person (conference room user), and arbitrary data such as billing data in addition to the reserved conference room name. You can leave.

  Next, the conference room reservation unit 12 of the collaboration server 1 sends the reservation time, the conference room, the name, and the name code of the conference room among the reservation information acquired in step S1 to the communication control device 3 (step S2). The communication control device 3 stores these data sent from the collaboration server 1 in the storage device 31.

  Next, the communication control device 3 accesses the database server 2 and acquires the IP address and MAC address data of the user's personal computer based on the name code sent from the collaboration server 1 in step S2 (step S3). ). Then, the communication control device 3 associates the data acquired in step S2 and step S3 with each other and stores them in the storage device 31 (step S4). As a result, data as shown in FIG. 5 is stored in the storage device 31. In FIG. 5, the reserved conference room name is stored in the storage device 31, but the collaboration server 1 uses the reserved conference room name as information for identifying the router set in the conference room. You may make it send to the communication control apparatus 3, after converting.

  The process at the time of conference room reservation is completed by the above steps S1 to S4.

  Next, processing when the conference room is used will be described with reference to FIGS. 6 and 7.

  When the communication control device 3 compares the time of the timer 32 with the time data (conference room reservation time) stored in the storage device 31, the scheduled use time of the conference room approaches (in step S11). YES) Based on the IP address and MAC address stored in the storage device 31, necessary settings are made for the router connected to the conference room (step S12). For example, in the data example shown in FIG. 5, Taro Matsushita's personal computer is connected to the router 4b so that Mr. Taro Matsushita's personal computer can be used in the conference room C from 16:00 on July 23, 2003. Set the IP address and MAC address.

  As a result, Mr. Taro Matsushita brought his personal computer 8a, which is usually used in the office room A, into the conference room C from 16:00 on July 23, 2003 to the hub 6c as shown in FIG. , The router 4b correctly recognizes the personal computer 8a and can communicate. Thereby, Taro Matsushita can access various servers on the in-house LAN in the conference room C using the personal computer 8a.

  In addition, after the conference room reservation time ends, or after the conference ends even within the reservation time, the communication control device 3 may delete the data set for the router as described above. This is preferable for preventing unauthorized access.

  The above is the procedure and operation when a wired LAN personal computer is used in a conference room. Next, the flowchart of FIG. 8 is mainly used when a personal computer having a wireless LAN client function is used in a conference room with a wireless AP. Will be described with reference to FIG.

  First, the user accesses the collaboration server 1 from a personal computer in the office and makes a conference room reservation (step S21 in FIG. 8). At this time, the user inputs the fact that the wireless LAN personal computer is used in addition to the conference room reservation time, the conference room name, the name, and the name code. Note that the name and name code may be automatically acquired from login information to the collaboration server 1. As a result, it is assumed that reservation information as shown at the bottom of FIG. 4 is stored in the collaboration server 1.

  Next, the collaboration server 1 sends the reservation time of the conference room, the conference room, the name, and the name code among the reservation information acquired in step S21 to the communication control device 3 (step S22). The communication control device 3 stores these data sent from the collaboration server 1 in the storage device 31.

  Next, the communication control device 3 accesses the database server 2 and acquires the IP address and MAC address data of the user's personal computer based on the name code sent from the collaboration server 1 in step S22 (step S23). ). Then, the communication control device 3 associates the data acquired in step S22 and step S23 with each other and stores them in the storage device 31 (step S24).

  Next, the communication control device 3 generates a WEP key in the WEP key creation unit 33 and stores it in the storage device 31 (step S25). As a result, the storage device 31 stores data as shown at the bottom of FIG. 5 for the user who reserved the use of the wireless LAN personal computer in the conference room. Although the SSID of the wireless AP in the conference room may be changed or randomized, there is an inconvenience that it is difficult to know which SSID is used in the conference room when the user uses it. In the wireless AP, a unique SSID is used. The number of bits of the WEP key is arbitrary, but a larger number of bits is preferable because the security level is improved.

  However, the above example is merely an example, and in order to improve security, the WEP key and SSID may be arbitrarily changed and sent as a profile to the user's PC. Moreover, it is good also as a setting (so-called stealth setting) which cannot see SSID from a general user. Furthermore, in order to improve convenience, the SSID of the wireless AP in the conference room can be set to the same SSID that the user normally uses in the office.

  When the WEP key creation unit 33 generates the WEP key in step S25, a plurality of users make reservations for using the wireless LAN in the same conference room, or a plurality of conference rooms are adjacent to each other. If there is a reservation for using the wireless LAN, the same WEP key is assigned to these users. Since a wireless AP often covers a plurality of conference rooms as well as a single conference room, if a unique WEP key is assigned to each user's reservation, other users are using the wireless AP. Nevertheless, the WEP key may be changed.

  Based on the WEP key data sent from the communication control device 3, the program distribution server 5 sends the wireless LAN profile to the user's personal computer (in this example, the personal computer 8b) who has reserved the use of the wireless LAN personal computer in the conference room. Information is sent (step S26).

  Through the above steps S21 to S26, the process at the time of conference room reservation is completed.

  Next, processing when the conference room is used will be described with reference to FIGS. 9 and 10.

  When the communication control device 3 compares the time of the timer 32 with the time data (conference room reservation time) stored in the storage device 31, the use start time of the conference room approaches (step S31 in FIG. 9). And YES), data is set in the router 4b based on the IP address and MAC address stored in the storage device 31 (step S32). For example, in the data example shown in FIG. 5, Hanako Matsushita's personal computer is connected to the router 4b so that the personal computer of Hanako Matsushita can be used in the conference room D from 10:00 on July 28, 2003. Set the IP address and MAC address. Further, the communication control device 3 sets the wireless AP 7d of the conference room D based on the SSID and WEP key stored in the storage device 31 (step S33).

  As a result, Hanako Matsushita brought his personal computer 8b, which is usually used in the office B, to the conference room D from 10:00 on July 28, 2003, as shown in FIG. By selecting the wireless LAN profile, it becomes possible to access various servers on the in-house LAN via the wireless AP 7d (step S34).

  Note that after the reservation time of the conference room D ends, or after the conference ends even within the reservation time, the communication control device 3 stores the data set as described above for the router 4b and the wireless AP 7d. Deletion is preferable in order to prevent unauthorized access.

  The communication control device 3 compares the time of the timer 32 with the use end time of the conference room D represented by the time data stored in the storage device 31 (step S35). Then, when it is detected that the time of timer 32 has passed the use end time of conference room D (YES in step S35), a new WEP key (for example, a random value) is assigned to wireless AP 7d of conference room D (step S35). At the same time, the MAC filtering of the router 4b is canceled (step S37).

  Although it is preferable to turn off the power of the wireless AP when the conference room is not used, in this example, the wireless AP is turned on by changing the WEP key and canceling the MAC filtering. However, security when not in use is ensured.

  It is said that the analysis of the WEP key by a third party trying to perform unauthorized access is possible in about several hours. Therefore, when using the WEP key, from the viewpoint of security enhancement, as described above, the communication device is set so that the server can be accessed from the conference room only while the reserved legitimate user uses the conference room. It is preferable to do. On the other hand, when using a wireless LAN device that complies with the WPA or 802.11i standard, it is not necessary to change the setting of the communication device every time the user uses the conference room. For example, once a day, at night Even if the setting is changed when not used, there is no particular problem in terms of security.

  As described above, according to the present embodiment, a personal computer that is normally connected to a LAN is used via a hub or a wireless AP at a different location while not requiring the setting work and ensuring security. It is possible to temporarily connect to the same LAN.

  The above embodiment is merely an example, and various modifications can be made within the technical scope of the invention. For example, in this embodiment, an example in which three types of servers, a collaboration server, a data server, and a program distribution server, are shown. However, the present invention is implemented using a single server that integrates the functions of these servers. It is also possible to do. Further, in the present embodiment, an example in which a router for an office room and a router for a conference room are separately provided has been described, but the number of routers and the connection relationship are not limited to this and are arbitrary.

  In the above description of the present embodiment, the network management system built on the LAN is exemplified. However, the above-described network management method can also be applied to a system in which a plurality of LANs 100 and 200 are connected via a layer 2 (L2) WAN 300 as shown in FIG. That is, for example, a PC that is normally used while connected to the LAN 100 can be brought into the offices A and B and the conference rooms C and D on the LAN 200 side and used. In the configuration shown in FIG. 11, the LANs 100 and 200 include hubs 101 and 201 for connecting to other LANs via the WAN 300, respectively.

[Second Embodiment]
A network management system according to the second embodiment of the present invention will be described below. In this embodiment, for example, in a company having a plurality of offices, the LANs 100 and 200 of the offices are connected to each other via the WAN 400 of the layer 3 (L3). In the network management system according to the present embodiment, a user who normally uses a personal computer on the LAN 100 can bring his or her personal computer into an office or conference room on the LAN 200 as follows. .

  In the system according to the present embodiment, the user cannot use the IP address used on the LAN 100 as it is on the LAN 200. Therefore, a user who normally uses a personal computer on the LAN 100 needs to obtain an IP address that can be used on the LAN 200 in order to use the personal computer on the LAN 200.

  Here, in the system of the present embodiment, a processing procedure when a user on the LAN 100 reserves a conference room on the LAN 200 will be described with reference to FIG. First, the user accesses the collaboration server 1 from a personal computer on the LAN 100 and makes a conference room reservation (step S41 in FIG. 12). Here, the user inputs the conference room reservation time, the conference room, the name, and the name code. The input information is sent to the conference room reservation unit 12. Note that the name and name code may be automatically acquired from login information to the collaboration server 1.

  Next, the conference room reservation unit 12 of the collaboration server 1 sends the reservation time of the conference room, the conference room, the name, and the name code among the reservation information acquired in step S41 to the communication control device 3 (step S42). The communication control device 3 stores these data sent from the collaboration server 1 in the storage device 31.

  Next, the communication control device 3 accesses the database server 2, and based on the name code sent from the collaboration server 1 in step S42, the IP address of the user's personal computer can be used in the conference room reserved by the user. Whether or not (step S43).

  If the determination result in step S43 is YES, the communication control device 3 acquires data necessary for setting the IP address and wireless AP of the user's personal computer from the database server 2 (step S44), and acquires it in step S42. The data is stored in the storage device 31 in association with the data (step S45).

  On the other hand, if the determination result in step S43 is NO, the communication control device 3 sets the IP address for the guest specified in advance as an IP address that can be used in the conference room reserved by the user to the storage device 31. Remember. Further, the communication control device 3 distributes the profile information including the IP address and the wireless LAN setting information of the conference room from the program distribution server 5 to the user's personal computer (step S46). The distributed profile is stored in the user's personal computer. With the above processing, the conference room reservation is completed.

  Then, when the scheduled use start time of the conference room comes (YES in step S47), the communication control device 3 is necessary for the conference room router and the wireless AP reserved by the user based on the data in the storage device 31. Setting is performed (step S48). Next, the user can use his / her personal computer from the conference room by selecting the profile distributed in step S46 from the profiles registered in the personal computer and setting the profile in the personal computer. (Step S49). It should be noted that it is preferable that the profile can be selected with a single touch using a GUI because the user's operation is simplified.

  In addition, when the scheduled use end time of the conference room has passed, the communication control device 3 cancels the settings of the router and the wireless AP to prevent unauthorized access, as described in the first embodiment. It is preferable.

  In addition to the above method, as shown in FIG. 13, a method of automatically distributing addresses using a DHCP server is also conceivable. In this case, when a user reserves a conference room on the LAN 200, the MAC address of the user is read from the database server 2 and registered in the DHCP 202 on the LAN 200. The setting information of the wireless LAN is distributed as a profile from the program distribution server 5 to the user's personal computer as described above.

  Then, when the scheduled use start time of the conference room comes, the DHCP server 202 distributes the IP address only to the user's personal computer in which the MAC address is registered. Thereby, the IP address on the LAN 200 is set to the personal computer brought into the conference room by the user. In this case, the user's personal computer needs to be set to automatically acquire the IP address.

  If the user selects and sets a profile distributed from the program distribution server 5, the user can use the personal computer in the conference room. According to this method, since the WEP key and IP address of the wireless LAN are not distributed to users who have not made reservations such as conference rooms, unauthorized access is prevented. The DHCP server may be installed collectively on the center side (on the LAN where the collaboration server or the like is installed), or may be installed on the LAN of each office.

  In the present embodiment, reservation of a conference room or the like using a wireless LAN has been described. However, reservation of a conference room or the like using a wired LAN can be similarly performed.

  The present invention temporarily connects a personal computer that is normally connected to a LAN from a different location via a different communication device while maintaining the security and without the need for setting. It is useful as a communication control device or a network system that can be used.

It is a block diagram which shows schematic structure of the internal network system concerning one Embodiment of this invention, Comprising: It is a figure which shows the structure at the time of a conference room reservation. It is explanatory drawing which shows an example of the data stored in a database server in the in-house network system concerning one Embodiment of this invention. It is a flowchart which shows the procedure at the time of making use reservation of the wired LAN personal computer in a meeting room in the in-house network system concerning one Embodiment of this invention. It is explanatory drawing which shows an example of the data stored in a collaboration server in the in-house network system concerning one Embodiment of this invention. It is explanatory drawing which shows an example of the data stored in a communication control apparatus in the in-house network system concerning one Embodiment of this invention. It is a flowchart which shows the procedure at the time of using a wired LAN personal computer in a meeting room in the in-house network system concerning one Embodiment of this invention. It is a block diagram showing a schematic structure of an in-house network system concerning one embodiment of the present invention, and is a figure showing an example of composition at the time of meeting room use. It is a flowchart which shows the procedure at the time of making use reservation of the wireless LAN personal computer in a meeting room in the in-house network system concerning one Embodiment of this invention. It is a flowchart which shows the procedure at the time of using a wireless LAN personal computer in a meeting room in the in-house network system concerning one Embodiment of this invention. It is a block diagram showing a schematic structure of an in-house network system concerning one embodiment of the present invention, and is a figure showing an example of composition at the time of meeting room use. It is a block diagram which shows the example of schematic structure of the network system concerning the 2nd Embodiment of this invention. It is a flowchart which shows the procedure at the time of use reservation and actual use of the wireless LAN personal computer in a meeting room in the network system concerning the 2nd Embodiment of this invention. It is a block diagram which shows the example of schematic structure of the network system concerning the 2nd Embodiment of this invention.

Explanation of symbols

DESCRIPTION OF SYMBOLS 1 Collaboration server 2 Database server 3 Communication control apparatus 4a * 4b Router 5 Program distribution server 6a * 6c Hub 7b * 7d Wireless AP
8a and 8b PC 31 Storage device 32 Timer 33 WEP key creation part

Claims (6)

A communication control device connected to a local area network including a server device, a client device, and a communication device that relays data between the server device and the client device,
A scheduled time when a client device connected to the local area network is connected to another location in the same local area network and used, information on communication devices related to the other location, and communication with the client device. A storage unit for storing setting information of the communication device for enabling;
And a timer that represents the time,
The client device compares the scheduled time with the time represented by the timer and, based on the communication device information and the setting information stored in the storage unit, before the scheduled time arrives. A communication control apparatus for setting a communication device to be connected. The other location in the same local area network is another router in the local area network,
The communication control device according to claim 1, wherein the setting information includes an IP address and a MAC address of the client device. The local area network further includes a wireless LAN access point as the communication device,
The other location in the same local area network is another wireless LAN access point in the local area network,
The communication control device further includes a WEP key creation unit that generates a WEP key distributed to each client device,
The communication control device according to claim 2, wherein the setting information further includes at least one of an SSID and a WEP key of the client device. A client device connected to the local area network is connected to the same local area network on a local area network including a server device, a client device, and a communication device that relays data between the server device and the client device. A network management system that can be used by connecting to other locations in the network,
A communication control device comprising a storage unit and a timer, and configured to set the communication device;
A schedule for inputting and storing a scheduled time to use the client device connected to another location in the same local area network and information on the other location from the client device connected to the local area network The management department,
For each of the client devices connected to the local area network, a setting information storage unit that stores setting information of a communication device for enabling communication with each client device,
The communication control device includes:
Referring to the schedule management unit, the scheduled time stored in the schedule management unit and information on a communication device related to a place where the client device is scheduled to be connected are stored in the storage unit, and the setting information With reference to the storage unit, the communication device setting information for enabling communication with the client device is stored in the storage unit,
The client device compares the scheduled time with the time represented by the timer and, based on the communication device information and the setting information stored in the storage unit, before the scheduled time arrives. A network management system for setting a communication device to be connected. The other location in the same local area network is another router in the local area network,
The network management system according to claim 4, wherein the setting information includes an IP address and a MAC address of the client device. The local area network further includes a wireless LAN access point as the communication device,
The other location in the same local area network is another wireless LAN access point in the local area network,
The communication control device further includes a WEP key creation unit that generates a WEP key distributed to each client device,
The network management system according to claim 5, wherein the setting information further includes at least one of an SSID and a WEP key of the client device.

Images