JP2009003548A - Equipment management system - Google Patents

Abstract

<P>PROBLEM TO BE SOLVED: To provide an equipment management system for detecting the carrying-in of any external equipment other than network configuration equipment forming a network. <P>SOLUTION: This equipment management system 10 is provided with a plurality of mutually linked computers 11 and 12; and an equipment monitoring server 15 connected to a network 18 formed of those computers 11 and 12 for time-sequentially monitoring those computers 11 and 12. An equipment monitoring server 15 of the system 10 is provided with an unregistered configuration equipment detection means for, when an unregistered computer 13 in which an equipment management application has not been installed yet is connected to the network 18, detecting the unregistered computer 13; an unregistered configuration equipment connection data collection means for time-sequentially collecting the connection data of the unregistered computer 13; and an unregistered configuration equipment connection data output means for outputting the connection data of the unregistered computer 13. <P>COPYRIGHT: (C)2009,JPO&INPIT

Description

  The present invention relates to a device management system including a plurality of network component devices and a device monitoring server that monitors the network component devices in time series.

  There is a network security system in which a network user detects an unauthorized intruder into a server via the Internet, notifies the Internet service provider of this, and reversely detects an unauthorized intruder in cooperation with the service provider (patent) Reference 1). This system identifies a monitoring terminal that detects and notifies unauthorized access using the Internet, and identifies an access source of the unauthorized access detected in response to the notification from the monitoring terminal. And a center terminal that notifies the user.

The monitoring terminal is connected to a computer system owned by a user of the network, and the center terminal is connected to a computer system owned by an Internet service provider. The monitoring terminal stores a log of access to the server on the user side connected to the Internet, detects unauthorized access to the server on the user side by analyzing the log, and detects unauthorized access together with the stored log as a center terminal Notify The center terminal identifies an unauthorized access server from the notified log information, and notifies the user monitoring terminal of the access source server information.
JP 2005-128919 A

  In the system disclosed in Patent Document 1, it is not necessary for a network user to specify an access source server for unauthorized access, and the labor and labor of the user are reduced accordingly. However, in this system, even if an external device other than the network components forming the network is brought in from the outside, and there is no means for detecting that external device connected to the network, there is no limit to the external device on the network. Can be connected. Therefore, it is not possible to prevent an external device that is not suitable for connection from being connected to the network, and it is impossible to prevent the act of storing various data in the network in the external device and taking it out to the outside. In addition, since this system cannot grasp the operation status of the permitted operation and the operation status of the non-permitted operation in the network configuration device, it is difficult to prevent unauthorized actions such as data tampering and data destruction by the network user. .

  An object of the present invention is to provide a device management system that can detect the bringing-in of external devices other than network constituent devices forming a network. Another object of the present invention is to provide a device management system capable of preventing an illegal act by a network user.

  The premise of the present invention for solving the above problems is that a plurality of network component devices linked to each other, a device monitoring server connected to a network formed from these network component devices, and monitoring the network component devices in time series Is an equipment management system.

  As a feature of the present invention based on the above premise, the network configuration device causes the network configuration device to transmit permitted operation data when the network configuration device executes an operation permitted to the network configuration device to the device monitoring server. A device management application is installed that causes the network configuration device to send unauthorized operation data to the device monitoring server when the network configuration device attempts to execute the unauthorized operation.The device monitoring server has not installed the device management application. When a registered network component device is connected to the network, an unregistered component device detection unit that detects the unregistered network component device, and an unregistered component device connection data output unit that outputs connection data of the unregistered network component device Having That.

  As an example of the present invention, the device monitoring server includes a permitted operation data storage unit that stores permitted operation data transmitted from network configuration devices in time series, and a prohibited operation prohibition that prohibits execution of unauthorized operations in the network configuration device. And non-permitted operation data storage means for storing non-permitted operation data transmitted from the network constituent devices in time series.

  As another example of the present invention, the device monitoring server includes specific configuration device exclusion means for excluding specific configuration devices from unregistered network configuration devices among unregistered network configuration devices. When a specific component device excluded from an unregistered network component device is connected to the network, the specific component device is not detected as an unregistered network component device.

  As another example of the present invention, the operation permitted to the network component device is an application use in which the network component device uses a permitted application permitted to be used by the network component device, and the permitted operation data is the network component device. It is the usage history of the permission application in.

  As another example of the present invention, an operation permitted to the network component device is an external use in which the network component device is used in an external environment other than the network formed by the network component device, and the network component device is out of a specified time. The permitted operation data includes the external usage history when the network component device is used in an external environment and the overtime usage history when the network component device is used outside the specified time. is there.

  As another example of the present invention, an operation permitted for a network component device includes an e-mail transmission in which an e-mail is transmitted via the network component device, and a website access for accessing a website via the network component device. And external network access that accesses an external network via a network component device, and the permitted operation data includes an e-mail transmission history when an e-mail is transmitted from the network component device, and the network component device accesses a website. And the external network access history when the network component device accesses the external network.

  As another example of the present invention, the operations permitted to the network configuration device are application installation for installing the permitted application on the network configuration device and application uninstallation for uninstalling the permitted application from the network configuration device. The operation data includes an application installation history when the permitted application is installed on the network component device, and an application uninstall history when the permitted application is uninstalled from the network component device.

  As another example of the present invention, an unauthorized operation in a network component device is prohibited from using a data take-out operation for taking out prohibited data from a network component device, a data printing operation for printing print-inhibited data from a network component device, and use. Unauthorized access to the unauthorized application, and the unauthorized operation data will be taken out from the network component when the prohibited operation data is taken out from the network component, and the print prohibited data is printed from the network component. These are a print action history when an attempt is made and a non-permitted application access history when a network component device accesses a non-permitted application.

  As another example of the present invention, the device monitoring server includes a permitted application modification unit that adds, changes, and deletes a permitted application, and a disallowed application modification unit that adds, changes, and deletes a disallowed application.

  As another example of the present invention, the device management system prohibits the uninstallation of the device management application in the network configuration device, and uninstalls the device management application in the network configuration device via the device monitoring server.

  As another example of the present invention, the device management system prohibits the upgrade of the device management application in the network configuration device and performs the upgrade of the device management application in the network configuration device via the device monitoring server.

  According to the device management system of the present invention, when an unregistered network component device in which no device management application has been installed is connected to the network, the device monitoring server detects the unregistered network component device, thereby forming a network. Even if an unregistered network component device other than the network component device is brought in from the outside and connected to the network, it can be detected and the connection of the unregistered network component device in the network can be restricted. This device management system can prevent unregistered network component devices that are ineligible for connection to the network, and it also prevents unauthorized take-out of storing various data on the network in unregistered network component devices and taking them outside. Can be prevented. In addition, this device management system can specify the users who own unregistered network components because the device monitoring server can output connection data for unregistered network components and identify unregistered network components individually. And connection of unregistered network components in the network can be reliably suppressed.

  Permitted operation data storage means for the device monitoring server to store the permitted operation data transmitted from the network constituent device in time series, the prohibited operation prohibiting means for prohibiting the execution of the non-permitted operation in the network constituent device, transmitted from the network constituent device In the device management system having the non-permitted operation data storage means for storing the non-permitted operation data in time series, since the device monitoring server collects the permitted operation data of the network constituent devices in time series, the network administrator monitors the device The operation status of the permission operation in the network component device can be grasped via the server. In this device management system, since the device monitoring server collects non-permitted operation data of network configuration devices in time series, it is possible to monitor the operation status of the non-permission operations in the network configuration devices and the non-permission operations in the network configuration devices. Execution can be suppressed.

  The device management system having a specific configuration device exclusion unit that excludes a specific configuration device from the unregistered network configuration device from among the unregistered network configuration devices by the device monitoring server is an When a specific component device needs to be connected to the network from within, the specific component device can be allowed to connect to the network, and the network connection needs can be easily and quickly handled. Can do. In addition, when a specific component device is detected as an unregistered network component device, it takes time to distinguish between the specific component device and the unregistered network component device, but this system, when the specific component device is connected to the network, Since the specific component device is not detected as an unregistered network component device, the troublesomeness of distinguishing the specific component device from the unregistered network component device can be avoided.

  In the device management system in which the permitted operation data is the usage history of the permitted application in the network configuration device, the device monitoring server collects the usage history of the permitted application in the network configuration device in time series. Thus, it is possible to grasp the application usage status in the network component device, to monitor the use of the application in the network component device, and to regulate the unlimited use of the application.

  The device management system whose permitted operation data is the external usage history when the network configuration device is used in an external environment and the overtime usage history when the network configuration device is used outside the specified time is the network configuration outside the network The device usage status can be ascertained, and the usage status of network configuration devices outside the specified time can be determined. Therefore, network configuration devices that have been used externally or outside the specified time can be identified, and the network It is possible to regulate illegal acts such as unauthorized take-out, falsification, destruction, etc. of important data and confidential data by users. This device management system allows the system administrator to accurately grasp the distribution route, outflow route, and inflow route of various data using the external usage history and overtime usage history. Unauthorized acts by users can be restricted, and a safe network can be reliably constructed.

  E-mail transmission history when permitted operation data is transmitted from network configuration device, website access history when network configuration device accesses website, external network when network configuration device accesses external network The device management system, which is an access history, can grasp the transmission status of e-mails in network configuration devices, and therefore can restrict unauthorized transmission and unauthorized transmission of important data and confidential data by network users. Since this device management system can grasp the access status to the website in the network component device and the access status to the external network in the network component device, unauthorized access to the illegal website by the user of the network component device. And fraudulent acts such as unauthorized access to illegal external networks. In this device management system, the system administrator can accurately grasp the unauthorized transmission of various data using the email transmission history, and further, unauthorized access using the website access history and external network access history. Therefore, it is possible to reliably suppress an illegal act by a network user and to build a safe network.

  The device management system whose permitted operation data is the application installation history when the permitted application is installed on the component device and the application uninstall history when the permitted application is uninstalled from the component device is the device management server by the system administrator The application installation status and uninstallation status can be ascertained via the Internet, so it is possible to restrict unnecessary application installation actions by network users and to restrict unauthorized application uninstallation actions by network users. be able to.

  The network configuration device has accessed the carry-out action history when the prohibited operation data is taken out from the network component device, the print action history when the print prohibition data is attempted to be printed from the network component device, or the unauthorized application. The device management system, which is an unauthorized application access history, can grasp the network configuration device where the prohibited data was taken out and know the network component device where the prohibited print data was printed Therefore, unauthorized actions such as unauthorized take-out, falsification, and destruction of important data and confidential data by network users can be regulated. In this device management system, the system administrator can accurately grasp illegal takeout of various data and illegal printout of various data using the takeout action history and print action history. It can be surely suppressed and a safe network can be constructed. In addition, since this device management system collects access history information for unauthorized applications of network components in time series, the system administrator accesses the unauthorized applications in network components via the device monitoring server. And the access status of the non-permitted application in the network constituent devices can be monitored, and the access act on the non-permitted application can be suppressed.

  A device management system that has a permitted application modification means for adding, changing, and deleting permitted applications by the device monitoring server, and a prohibited application modifying means for adding, changing, and deleting permitted applications is freely permitted as necessary. Therefore, it is possible to add a newly permitted application and allow the network component device to use the application, and from the permitted application to the unauthorized application It can be changed to prohibit the use of the application on the network component equipment. Furthermore, unnecessary applications can be deleted from the permitted applications to organize the permitted applications. Since this device management system can freely modify unauthorized applications as necessary, for the time being, when an application that is not used is added as a prohibited application and it becomes necessary to use that application, The application can be changed from a non-permitted application to a permitted application, and network configuration devices can be permitted to use the application. Furthermore, unnecessary applications can be deleted from the unauthorized applications to organize the unauthorized applications.

  A device management system that prohibits the uninstallation of device management applications on network configuration devices and uninstalls device management applications on network configuration devices via the device monitoring server is required to uninstall device management applications on each network configuration device. By prohibiting, it is possible to prevent the device management application from being freely uninstalled for each network component device, and to prevent the monitoring function of the monitoring server for the network component device from being lost.

  A device management system that prohibits device management application upgrades on network components and upgrades device management applications on network components via a device monitoring server must prohibit device management application upgrades on each network component Thus, it is possible to prevent the device management application from being freely upgraded for each network configuration device, and to unify the grades of the device management application in the network configuration device.

  The details of the device management system according to the present invention will be described below with reference to the accompanying drawings. FIG. 1 is a configuration diagram of a device management system 10 shown as an example. In FIG. 1, the connection of the unregistered computer 13 (unregistered network component device) to the network 18 is indicated by a two-dot chain line, and the connection of the specific computer 14 (specific component device) to the network 18 is indicated by a one-dot chain line. The device management system 10 includes a plurality of client computers 11 (network configuration devices), a management computer 12 (network configuration devices) managed and stored by an administrator of the system 10, a plurality of unregistered computers 13, and an unregistered computer. 13 includes a plurality of specific computers 14 excluded from the device 13, a device monitoring server 15 (device monitoring device), a business management server 16, and a hub 17. The computers 11, 12, 13, 14 and the servers 15, 16 are linked to each other to form a local area network 18 (network). In this system 10, the device monitoring server 14 monitors the connection of the unregistered computer 13 and the specific computer 14 to the network 18 in a time-series and endless manner, and the operation status of the client computer 11 and the management computer 12 logged into the network 18. Are monitored in time series and endlessly.

  Although not shown, the network 18 is a DNS server for setting a correspondence between a host name and an IP address assigned to the host name, a Web server necessary for publishing a home page, other client computers, and other A database server that provides a function to read and write various data upon receiving requests from the server, a mail server for sending and receiving e-mails, and storing all created text and image data so that they can be searched A server group such as a document server is connected. The system 10 can be used not only for the local area network 18 but also for a wide area network. In addition, all existing network connection methods such as a bus network, a star network, a peer-to-peer network, and a ring network can be supported.

  As the client computer 11, a desktop type or a notebook type is used. Notebook computers are used for the management computer 12, the unregistered computer 13, and the specific computer 14. A display 19, a keyboard 20, and a mouse 21 are connected to the desktop computer via an interface (wired or wireless). Although not shown, a printer, a scanner, and an external hard disk are connected to the client computer 11 and the management computer 12 via an interface. Existing removable disks such as memory sticks, IC recorders, PDAs, mobile phones and the like can be detachably connected to the computers 11, 12, 13, 14 and the computers 11, 12, 13, 14 and these removable disks Various data can be exchanged between them.

  The client computer 11 and the management computer 12 are allowed to transmit permitted operation data when the computers 11 and 12 execute operations permitted to the client computer 11 and the management computer 12 to the device monitoring server 15 and perform operations other than the permitted operations. A device management application (agent application) that causes the computer 11 or 12 to transmit non-permitted operation data to the device monitoring server 15 when the computers 11 and 12 try to execute the non-permitted operation is installed. The device management application is installed not only on the computer 11 but also on the device monitoring server 15 and the business management server 16, and causes the management computer 12, the device monitoring server 15, and the business management server 16 to execute each unit described later. Note that no device management application is installed in the unregistered computer 13 or the specific computer 14.

  The device monitoring server 15 and the business management server 16 are computers having a central processing unit and a memory, and are equipped with a large capacity hard disk. The device monitoring server 15 activates a device management application (agent application) stored in the instruction file in the memory based on control by the operating system, and executes the following means according to the application. The business management server 16 is responsible for management of applications installed on the client computer 11 and management computer 12, management of applications uninstalled from the computers 11 and 12, schedule management of the computers 11 and 12, power management of the network 10, and the like. .

  The computers 11, 12, 13, 14 and the servers 15, 16 are connected to each other by a high-speed broadband line 22 with a hub 17 interposed therebetween. The client computer 11, management computer 12, unregistered computer 13, specific computer 14, device monitoring server 15, and business management server 16 can be connected to the Internet 23 and have an e-mail transmission / reception function. Further, the computers 11, 12, 13, and 14 and the servers 15 and 16 can access a predetermined Web site (not shown) and log in to the site, and a predetermined external network (not shown). You can access and log in to that network. The data transmission / reception method of the network 18 is a client / server model in which communication is performed between a client and a server, but a peer-to-peer model in which communication is performed between clients without using a server can also be adopted.

  FIG. 2 is a diagram illustrating an example of a display screen of the authentication procedure displayed on the display 25 of the management computer 12. The device monitoring server 15 authenticates the computer 12 when the management computer 12 is activated (authentication execution means). In the authentication, the computer 12 is logged into the network 18, and it is determined whether or not the network 12 manages the network 18 in the network 18. In other words, it is confirmed whether or not the computer to log in to the network 18 is the management computer 12. The authentication method performed by the device monitoring server 15 is password authentication. In addition to password authentication, fingerprint authentication, voice print authentication, retina authentication, and IC card authentication can also be performed. As the password authentication, a one-time password can be adopted. When the computer 12 is activated, the display 25 displays a user name input area 28 and a password input area 29 as shown in FIG. The administrator of the system 10 inputs a user name and a password in these input areas 28 and 29. The device monitoring server 15 compares the input user name and password with those stored in the memory, and determines whether the user name and password are correct. If the user name and password are correct and the authentication result is acceptable, the device monitoring server 15 logs the computer 12 into the network 18. If the user name or password is incorrect and the authentication result is impossible, the device monitoring server 15 prohibits the computer 12 from logging in to the network 18 and causes the display 25 to display a login impossible message.

  FIG. 3 is a diagram illustrating an example of computer facility information, and FIG. 4 is a diagram illustrating an example of an application list. 3 and 4, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 stores link data while managing link data among the client computer 11, the management computer 12, and the business management server 16 (including other servers) (link data management means). The link data includes hardware data forming the network 18, hardware network topology data, hard disk data of the computers 11 and 12, application data installed in the computers 11 and 12, and the like. The link data is stored in the hard disk of the device monitoring server 15 together with the link data confirmation date and time. When the hardware, network topology, hard disk, or the like is changed, the link data stored in the hard disk of the device monitoring server 15 is rewritten, and the latest data after the change and the rewrite date and time are stored. However, the link data before being rewritten is stored in the hard disk without being erased.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then obtains computer facility information from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. select. When the computer facility information is selected, the computer facility information is displayed on the display 25 as shown in FIG. In FIG. 3, as computer facility information, a computer name is displayed in a computer name display area 30, an OS version is displayed in an OS version display area 31, a memory capacity is displayed in a memory capacity display area 32, a CPU is displayed in a CPU display area 33, and a CPU speed display area 34 is displayed. A hard disk (free capacity / total capacity) is displayed in the CPU speed and hard disk display area 35. When an application list is selected from the report items displayed on the display 25 and the computers 11 and 12 are designated, a list of applications installed on the computers 11 and 12 is displayed on the display 25 as shown in FIG. Is done. In FIG. 4, as a list of applications, a computer name is displayed in the computer name display area 36 and an application is displayed in the application display area 37. The administrator of the system 10 can grasp the hardware configuration, installation application, and the like that form the network 18 by using the link information, and can easily manage the operating system and the hard disk. .

  FIGS. 5 and 6 are diagrams showing an example of network connection data of the unregistered computer 13 and show network connection history of the unregistered computer 13 in units of days. In FIGS. 5 and 6, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the connection of the unregistered computer 13 to the network 18 in time series and endlessly. As indicated by a two-dot chain line in FIG. 1, the device monitoring server 15 detects when an unregistered computer 13 is connected to the network 18 (unregistered component device detection means), and stores unregistered computer connection data. Collect in a time series and store the collected unregistered computer connection data in the hard disk (unregistered component device connection data collecting means). In the memory of the device monitoring server 15, the MAC addresses of the client computer 11 and the management computer 12 are stored in advance. When a computer is newly connected to the network 18, the device monitoring server 15 detects the MAC address of the connected computer and compares the detected MAC address with the MAC address stored in the memory. As a result of comparing the MAC addresses, if the detected MAC address matches the MAC address stored in the memory, the device monitoring server 15 determines that the connected computer is not an unregistered computer, and connects the computer to the network 18. Log in.

  Conversely, if the detected MAC address does not match the MAC address stored in the memory as a result of comparing the MAC addresses, the device monitoring server 15 determines that the connected computer is the unregistered computer 13, and Store registered computer connection data on hard disk. When there is an output request for unregistered computer connection data from the management computer 12, the device monitoring server 15 displays the unregistered computer connection data stored in the hard disk on the display 25 of the computer 12, and the unregistered computer connection data is displayed on the computer 12. Is output from a printer connected to (unregistered component connection data output means). The device monitoring server 15 can output unregistered computer connection data in a predetermined period such as daily, weekly, or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then connects to an unregistered computer from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. Select the data and specify the due date. When unregistered computer connection data is selected and a due date is designated, the unregistered computer connection status in units of days is displayed on the display 25 as shown in FIG. In FIG. 5, as the unregistered computer connection data, the date specified in the period display area 38, the date when the unregistered computer 13 is connected to the month / day display area 39, and the number display area 40 in the day unit of the unregistered computer 13. The number of connections is displayed. When the date displayed in the month / day display area 39 on the screen of FIG. 5 is selected, the details of the unregistered computer connection status on the selected date are displayed on the display 25 as shown in FIG. In FIG. 6, as the details of the unregistered computer connection status, the date specified in the period display area 41, the unregistered computer name in the computer name display area 42, and the work of the unregistered computer 13 in the work group / domain display area 43 are shown. The group / domain, IP address display area 44 displays the IP address of the unregistered computer 13, and the MAC address display area 45 displays the MAC address of the unregistered computer 13. The administrator can output the unregistered computer connection status of FIGS. 5 and 6 from the printer.

  In this system 10, when the unregistered computer 13 is connected to the network 18, the device monitoring server 15 detects the unregistered computer 13, so that the computers 11 and 12 and the servers 15 and 16 that form the network 18 Even if the registered computer 13 is brought in from the outside and connected to the network 18, it can be detected and the connection of the unregistered computer 13 in the network 18 can be restricted. This system 10 can prevent connection of an unregistered computer 13 that is ineligible for connection to the network 18, and can also carry out unauthorized take-out of storing various data in the network 18 in the unregistered computer 13 and taking it out to the outside. Can be prevented. Further, in this system 10, since the device monitoring server 15 can output the connection data of the unregistered computer 13 and specify the unregistered computer 13 individually, the user who owns the unregistered computer 13 can be specified. It is possible to reliably suppress connection of the unregistered computer 13 in the network 18.

  FIG. 7 is a diagram illustrating an example of an unregistered computer exclusion setting screen. In this system 10, the device monitoring server 15 can exclude the specified specific computer 14 from the unregistered computers 13 among the unregistered computers 13 in which the device management application is not installed (specific configuration device excluding means). Further, the excluded specific computer 14 can be changed again to the unregistered computer 13 (specific configuration device changing means). If the connection of the unregistered computer 13 is detected, the device monitoring server 15 automatically displays various data of the detected unregistered computer 13 on the unregistered computer exclusion setting screen as shown in FIG. Unregistered component addition display means).

  An example of the unregistered computer exclusion setting will be described as follows. The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then excludes unregistered computers from report items on a report display screen (not shown) displayed on the display 25 of the computer 12. Select a setting. When the unregistered computer exclusion setting is selected, an unregistered computer exclusion setting screen shown in FIG. 7 is displayed. A plurality of unregistered computers 13 detected by the device monitoring server 15 are displayed on the unregistered computer exclusion setting screen. In the unregistered computer exclusion setting screen, the computer name display area 46 displays the computer name of the unregistered computer 13, and the workgroup / domain display area 47 displays the workgroup / domain of the unregistered computer 13. ing.

  The administrator puts a check mark in the exclusion designation area 48 corresponding to the unregistered computer 13 to be changed, designates at least one of the unregistered computers 13, and changes the unregistered computer 13 to the specific computer 14. Is identified. When the administrator clicks the change icon on the screen after putting a check mark in the exclusion designation area 48, the specified unregistered computer 13 is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the unregistered computer 13 output from the computer 12 to the specific computer 14 and stores the identification number, MAC address, and the like of the specific computer 14 in the hard disk. The administrator inputs the computer name in the computer name input area 49 and inputs the work group / domain in the work group / domain input area 50 to specify the unregistered computer 13 to be changed, and then clicks the change icon. Thus, the unregistered computer 13 can be changed to the specific computer 14.

  As indicated by a one-dot chain line in FIG. 1, when the specific computer 14 is connected to the network 18, the device monitoring server 15 detects the MAC address of the connected specific computer 14, and stores the detected MAC address and the memory in the memory. The MAC address is compared. As a result of comparing the MAC addresses, if the detected MAC address matches the MAC address stored in the memory, the device monitoring server 15 determines that the connected computer is the specific computer 14, and designates the computer as the unregistered computer 13. Do not detect.

  Conversely, the administrator removes the check mark from the exclusion designation area 48 corresponding to the specific computer 14 to be changed, and specifies the specific computer 14 to be changed from the specific computer 14 to the unregistered computer 13. When the administrator clicks the change icon on the screen after removing the check mark placed in the exclusion designation area 48, the specified specific computer 14 is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the specific computer 14 output from the computer 12 to an unregistered computer 13 and erases the changed identification number, MAC address, etc. of the specific computer 14 from the hard disk. Further, the administrator inputs the computer name in the computer name input area 49, inputs the work group / domain in the work group / domain input area 50, specifies the specific computer 14 to be changed, and then clicks the change icon. The specific computer 14 can be changed to the unregistered computer 13. When the specific computer 14 changed to the unregistered computer 13 is connected to the network 18, the device monitoring server 15 detects it (unregistered component device detection means) and collects unregistered computer connection data in time series. Then, the collected unregistered computer connection data is stored in the hard disk (unregistered component device connection data collecting means).

  This system 10 permits the connection of the specific computer 14 to the network 18 when a specific computer 13 needs to be connected to the network 18 from the unregistered computers 13 in which the device management application is not installed. And the need for connection of the unregistered computer 13 to the network 18 can be easily and quickly handled. Further, when the specific computer 14 is detected as the unregistered computer 13, it takes time to distinguish between the specific computer 14 and the unregistered computer 13, but the system 10 is configured so that the specific computer 14 is connected to the network 18. Since the specific computer 14 is not detected as the unregistered computer 13, the troublesomeness of distinguishing the specific computer 14 from the unregistered computer 13 can be avoided. If it becomes inappropriate to connect the specific computer 14 to the network 18, the specific computer 14 can be changed to the unregistered computer 13, and therefore the network 18 of the specific computer 14 whose connection is ineligible. Connection to can be regulated.

  FIGS. 8 and 9 are diagrams showing examples of application usage histories, and show weekly application usage histories of the client computer 11 and the management computer 12. In FIGS. 8 and 9, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the application usage status of the client computer 11 and the management computer 12 logged into the network 18 in time series and endlessly. When the computers 11 and 12 use the usable application, the device monitoring server 15 collects usage history data of the application in time series and stores the collected usage history data on the hard disk (of the permitted operation data storage means). Application usage history data collection means). When the client computer 11 or the management computer 12 starts an available application installed therein and the computers 11 and 12 use the application, use history data of the application is output from the computers 11 and 12 to the device monitoring server 15. The The device monitoring server 15 stores the usage history data output from the computers 11 and 12 on the hard disk. When there is a use history data output request from the management computer 12, the device monitoring server 15 displays the use history data stored in the hard disk on the display 25 of the computer 12, and uses the use history data from a printer connected to the computer 12. Output (application usage history data output means). The device monitoring server 15 can output the usage history data by dividing it into a predetermined period such as daily, weekly, or monthly.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing the authentication procedure, the application usage history is recorded from the report items on the report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When an application usage history is selected and a period is designated, the usage history for the designated period is displayed on the display 25 as shown in FIG. In FIG. 8, as the use history data, the computer name (computer name using the application) is displayed in the computer name display area 52, the MAC address is displayed in the MAC address display area 53, and the work group / domain is displayed in the period display area 51. The work group / domain is displayed in the area 54, the initial start time is displayed in the initial start time display area 55, the final end time is displayed in the final end time display area 56, and the operation count of the application is displayed in the operation count display area 57.

  When the computer name displayed in the computer name display area 52 is selected on the screen of FIG. 8, the details of the application usage history of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 9, as the details of the usage history data, the month and day display area 58 shows the usage date of the application, the computer name display area 59 shows the computer name, the workgroup / domain display area 59 shows the workgroup / domain, and the IP address display area. The IP address is displayed in 61 and the MAC address is displayed in the MAC address display area 62. Further, the power ON / OFF recording display area 63 has a power ON / OFF recording, the user name display area 64 has a user name (user name of the computer 11, 12 using the application), and a start date / time display area 65 has a start date / time (application date / time). Use start date and time, end date and time display area 66 end date and time (application use end date and time), operation time display area 67 operation time (application use time), application name display area 68 application name (used application name) In the operation window name display area 69, the operation window name (the operation window name of the used application) is displayed. The administrator can output the usage history shown in FIGS.

  In this system 10, the device monitoring server 15 collects application usage history data in the client computer 11 and the management computer 12 in time series. Therefore, the administrator of the system 10 passes the computers 11 and 12 via the device monitoring server 15. It is possible to grasp the application usage status of the computer 11, monitor the usage of the application in the computers 11 and 12, and regulate the unlimited use of the application. Further, by using the details of the usage history, the administrator of the system 10 can grasp the usage status of the application in the computers 11 and 12 in detail, and reliably monitor the usage of the application in the computers 11 and 12. be able to.

  10 and 11 are diagrams showing examples of application access history, and show weekly access histories of the client computer 11 and the management computer 12. In FIGS. 10 and 11, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the access status of the client computer 11 and the management computer 12 logged into the network 18 to the unauthorized application in a time-series and endless manner. When the device monitoring server 15 tries to install the unauthorized application from the business management server 16 to the client computer 11 or the management computer 12, the device monitoring server 15 collects access history data of the unauthorized application in the computers 11 and 12 in time series. Then, the collected access history data is stored in the hard disk (application access history data collection means in the non-permitted operation data storage means).

  The device monitoring server 15 monitors applications installed on the client computer 11 and the management computer 12 from the business management server 16 and outputs permission or non-permission of application installation to the business management server 16. When the computers 11 and 12 request the application management server 16 to install an application, the application management server 16 inquires the device monitoring server 15 about whether or not the application can be installed. When the application relating to the inquiry is not installable (non-permitted application), the device monitoring server 15 outputs a non-installation permission to the business management server 16 (non-permitted operation prohibiting means). When the business management server 16 receives the installation non-permission, the business management server 16 outputs access history data of the computers 11 and 12 that requested installation of the non-permission application to the device monitoring server 15. The device monitoring server 15 stores the access history data output from the business management server 16 on the hard disk. When there is an access history data output request from the management computer 12, the device monitoring server 15 displays the access history data stored in the hard disk on the display 25 of the management computer 12 and connects the access history data to the management computer 12. Output from the designated printer (application access history data output means). The device monitoring server 15 can divide and output the access history data by a predetermined period such as daily, weekly, or monthly.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, the application access history is recorded from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When an application access history is selected and a period is designated, the application access history for the designated period is displayed on the display 25 as shown in FIG. In FIG. 10, as the access history data, the computer name (computer name that accessed the unauthorized application) is displayed in the computer name display area 71, and the work group / domain is displayed in the work group / domain display area 72 as the period specified in the period display area 70. In the user name display area 73, the user name (user names of the computers 11 and 12 that have accessed the non-permitted application) is displayed, and in the access number display area 74, the number of accesses (the number of accesses to the non-permitted application) is displayed.

  When the computer name displayed in the computer name display area 71 is selected on the screen of FIG. 10, the details of the application access history of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 11, as the details of the access history data, the date of access to the application is displayed in the date display area 75, the computer name is displayed in the computer name display area 76, and the workgroup / domain and IP address are displayed in the workgroup / domain display area 77 An IP address is displayed in area 78, and a MAC address is displayed in MAC address display area 79. Further, a user name is displayed in the user name display area 80, an access date and time (access date and time to an unauthorized application) is displayed in the access date and time display area 81, and an application name (name of an unauthorized application to be accessed) is displayed in the application name display area 82. . The administrator can output the access history shown in FIGS. 10 and 11 from the printer.

  In this system 10, since the device monitoring server 15 collects access history data to the unauthorized applications of the client computer 11 and the management computer 12 in time series, the administrator of the system 10 passes the computer 11 via the device monitoring server 15. , 12 can be grasped, the access situation of the unauthorized application in the computers 11, 12 can be monitored, and the access action to the unauthorized application can be regulated. In addition, by using the details of the access history, the administrator of the system 10 can grasp in detail the access status to the unauthorized application in the computers 11 and 12, and the use of the unauthorized application in the computers 11 and 12. Can be reliably monitored.

  FIG. 12 is a diagram illustrating an example of a setting screen for adding, changing, and deleting a permitted application. In this system 10, the device monitoring server 15 can add, change, and delete a permitted application (permitted application modifying means). An example of adding a permitted application is as follows. The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then sets permitted application settings from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. select. When permitted application setting is selected, a permitted application setting screen shown in FIG. 12 is displayed.

  The administrator inputs the application name in the application name input area 83, inputs the computer name in the computer name input area 84, and identifies the application name and the computers 11 and 12 that use the application. When the administrator clicks the add icon on the screen after inputting them, the input application name and computer name are output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 stores the new application name output from the management computer 12 in the hard disk, and the identification numbers (computer name, workgroup / domain, MAC address, IP address) of the computers 11 and 12 that use the application. Etc.) on the hard disk. The new permitted application is directly installed on the business management server 16, stored in the server 16, and then downloaded from the business management server 16 to the computers 11 and 12. When the addition of the permitted application is completed, the added application name is displayed in the application name display area 85 on the display 25 of the computer 12 as shown in FIG. 12, and the computer name that uses the application is displayed in the computer name display area. 86.

  In this system 10, even if it becomes necessary to make all the computers 11 and 12 or specific computers 11 and 12 use a new application, the application can be freely added. And it can respond quickly. Since the system 10 can freely add a permitted application in correspondence with each computer 11, 12, by adding the permitted application while designating the specific computer 11, 12, 11 and 12 can be used only. The device monitoring server 15 determines whether or not a newly permitted application can be used in the client computer 11 and the management computer 12 and also displays the permitted application usage status permitted to use the computers 11 and 12 in a time-series manner. Monitoring is performed endlessly, and usage history data of permitted applications in the computers 11 and 12 is collected in time series (application usage history data collection means).

  An example of the change of the permitted application is as follows. The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects the permitted application setting from the report item on the report display screen (not shown) displayed on the display 25. Next, a check mark is put in the designated area 87 displayed on the permitted application setting screen, and a permitted application to be changed to a non-permitted application is specified. When the administrator clicks a change icon on the screen after putting a check mark in the designated area 87, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the application output from the management computer 12 from use permission to use disapproval.

  In addition, when applying the changed unauthorized application only to the specific computers 11 and 12, the administrator puts a check mark in the designation area 87, designates the authorized application to be changed, and designates the computer name in the computer name input area 84. Enter. After the input, when the administrator clicks the change icon on the screen, the specified application name and computer name are output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the application output from the management computer 12 from use permission to use non-permission, and stores the identification numbers of the computers 11 and 12 to which the non-permission application is applied in the hard disk.

  In this system 10, even if it becomes necessary to prohibit the use of the permitted application in all the computers 11, 12 or the specific computers 11, 12, the permitted application can be freely changed to a non-permitted application. It is possible to easily and quickly respond to an application unusable request. Since the system 10 can freely change the permitted application in correspondence with each of the computers 11 and 12, the system 10 can be used by changing from the permitted application to the non-permitted application while designating the specific computers 11 and 12. The use of the permitted application can be prohibited only in the specific computers 11 and 12. The device monitoring server 15 monitors the access status of the client computer 11 and the management computer 12 to the newly disallowed application in a time series and endlessly, and access history data to the disallowed application in the computers 11 and 12. Are collected in time series (application access history data collection means).

  An example of deletion of permitted applications is as follows. The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects the permitted application setting from the report item on the report display screen (not shown) displayed on the display 25. Next, a check mark is put in the designated area 87 displayed on the permitted application setting screen to identify the permitted application to be deleted. When the administrator clicks the delete icon on the screen after putting a check mark in the designated area 87, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 erases the permitted application name to be deleted from the hard disk and instructs the business management server 16 to uninstall the application. The business management server 16 uninstalls the permitted application to be deleted from the hard disks of the computers 11 and 12 according to the instruction from the device monitoring server 15.

  When deleting a permitted application only from the specific computers 11 and 12, the administrator puts a check mark in the designated area 69 to identify the permitted application to be deleted and input a computer name in the computer name input area 66. . After the input, when the administrator clicks the change icon on the screen, the specified application name and computer name are output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 deletes the permitted application name and the computer name to be deleted from the hard disk and instructs the business management server 16 to uninstall the application on the specified computers 11 and 12. The business management server 16 uninstalls the permitted application to be deleted from the hard disks of the designated computers 11 and 12 in accordance with the instruction from the device monitoring server 15. In this system 10, even if it becomes necessary to delete the permitted application, the application can be freely deleted. Therefore, it is possible to easily and quickly respond to the application deletion request, and to easily organize the permitted applications. Can be done.

  FIG. 13 is a diagram illustrating an example of a setting screen for adding, changing, and deleting a non-permitted application. In this system 10, the device monitoring server 15 can add, change, and delete a disallowed application (disallowed application modifying means). An example of adding a disallowed application is as follows. The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then disallows from a report item on a report display screen (not shown) displayed on the display 25 of the management computer 12. Select application settings. When the non-permitted application setting is selected, a non-permitted application setting screen shown in FIG. 13 is displayed.

  The administrator inputs an application name in the application name input area 88, inputs a computer name in the computer name input area 89, and identifies the computer 11 and 12 to which the application name and the unauthorized application are applied. When the administrator clicks the add icon on the screen after inputting them, the specified unauthorized application name and computer name are output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 stores the unauthorized application name output from the management computer 12 on the hard disk, and stores the identification numbers of the computers 11 and 12 to which the application is applied on the hard disk. The unauthorized application is directly installed on the business management server 16 and stored in the server 16. When the addition of the unauthorized application is completed, the added unusable application name is displayed in the application name display area 90 on the display 25 of the computer 12 as shown in FIG. 13, and the computer name to which the application is applied is displayed. It is displayed in the computer name display area 91.

  An example of the change of the unauthorized application is as follows. The administrator of the system 10 performs an authentication procedure to log in the management computer 12 to the network 18, and then selects an unauthorized application setting from a report item on the report display screen displayed on the display 25. Next, a check mark is put in the designated area 92 displayed on the non-permitted application setting screen, a non-permitted application to be changed is designated, and a non-permitted application to be changed to a permitted application is specified. When the administrator clicks the change icon on the screen after putting a check mark in the designated area 92, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the application output from the computer 12 from use disapproval to use permission.

  In addition, when applying the changed permitted application only to the specific computers 11 and 12, the administrator puts a check mark in the designated area 92 to specify the non-permitted application to be changed, and the computer name is input to the computer name input area 89. Enter. When the administrator clicks the change icon on the screen after inputting them, the specified application name and computer name are output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 changes the application output from the computer 12 from non-use permission to use permission, and stores the identification numbers of the computers 11 and 12 to which the application is applied in the hard disk.

  In this system 10, even if it becomes necessary for all the computers 11, 12 or specific computers 11, 12 to use the unauthorized application, the unauthorized application can be freely changed to the permitted application. It is possible to easily and quickly respond to usage requests. Since the system 10 can freely change the non-permitted application corresponding to each computer 11, 12, it can be used by changing the non-permitted application to the permitted application while designating the specific computer 11, 12. Only the specific computers 11 and 12 can use the permitted application. The device monitoring server 15 determines whether or not the application changed to the use permission can be used in the client computer 11 or the management computer 12, and the application use status changed to the use permission of the computers 11 and 12 is time-series and endless. The usage history data of the permitted applications in the computers 11 and 12 is collected in time series (application usage history data collection means).

  Further, in this system 10, an application that is not scheduled to be used is installed (added) in advance in the business management server 16 for the time being, and the application is changed to a use permission when the use becomes necessary. The application can be used or not used as required. The device monitoring server 15 monitors the access status of the client computer 11 and the management computer 12 to the newly disabled application in a time-series and endless manner, and access history data to the unusable application in the computers 11 and 12. Are collected in time series (application access history data collection means).

  An example of the deletion of the unauthorized application is as follows. The administrator of the system 10 performs an authentication procedure to log in the management computer 12 to the network 18, and then selects an unauthorized application setting from a report item on the report display screen displayed on the display 25. Next, a check mark is put in the designated area 74 displayed on the non-permitted application setting screen to identify a non-permitted application to be deleted. When the administrator clicks the delete icon on the screen after putting a check mark in the designated area 74, the application name specified by the check mark is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 deletes the unauthorized application name to be deleted from the hard disk and instructs the business management server 16 to uninstall the application. The business management server 16 uninstalls the unauthorized application to be deleted from the hard disk in accordance with the instruction from the device monitoring server 15. In this system 10, even if it becomes necessary to delete an unauthorized application, the application can be freely deleted. Therefore, it is possible to easily and quickly respond to a request for deleting an unauthorized application. Can be easily organized.

  FIG. 14 is a diagram illustrating an example of the application installation status (application installation history), and FIG. 15 is a diagram illustrating the contents of the installed application. In FIGS. 14 and 15, the display of specific names, numerical values, and the like of each item is omitted. The device monitoring server 15 monitors the installation of applications from the business management server 16 to the client computer 11 and the management computer 12 in a time series and in an endless manner. When the application is installed on the computers 11 and 12 from the business management server 16, the device monitoring server 15 collects the installation data in time series and stores the collected installation data on the hard disk (of the permitted operation data storage means). Installation data collection means). When the business management server 16 installs an application in the computers 11 and 12 in response to a request from the computers 11 and 12, the business management server 16 inquires the device monitoring server 15 about whether or not the application can be installed. When the application concerning the inquiry is installable (permitted application), the device monitoring server 15 outputs installation permission to the business management server 16. Upon receiving installation permission from the device monitoring server 15, the business management server 16 downloads an application to the computers 11 and 12 and outputs installation data to the device monitoring server 15. The device monitoring server 15 stores the installation data output from the business management server 16 on the hard disk.

  If the application relating to the inquiry cannot be installed, the device monitoring server 15 outputs an installation non-permission to the business management server 16 (non-permitted operation prohibiting means). When the business management server 16 receives the installation non-permission from the device monitoring server 15, the business management server 16 displays the installation impossible on the displays 19, 24 and 25 of the computers 11 and 12. When there is a request for output of installation data from the management computer 12, the device monitoring server 15 displays the installation data stored in the hard disk on the display 25 of the management computer 12, and the printer connected to the management computer 12. (Installation data output means). The device monitoring server 15 can output the installation data by dividing it into a predetermined period such as daily, weekly, or monthly.

  The management computer 12 can request the device monitoring server 15 to output the contents of the application installed on the computers 11 and 12. When there is an output request for the contents of the installed application, the device monitoring server 15 displays the contents of the application on the display 25 of the management computer 12 and outputs the contents of the application from a printer connected to the computer 12. (Installed application content output means). The contents of the application are an outline of applications such as document creation software, spreadsheet software, translation software, database construction software, communication software, security software, etc., and are input to the server 16 at the same time when the application is installed in the business management server And stored in the hard disk of the business management server 16.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects installation data from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. And specify the period. When installation data is selected and a period is designated, the application installation status in the designated period is displayed on the display 25 as shown in FIG. In FIG. 14, as installation data, the computer name (computer name on which the application is installed) is displayed in the computer name display area 93, the date (installation date) is displayed in the date display area 94, and the application name (installed application name) is displayed in the application name display area 95. ) Is displayed. When the application name is highlighted on the screen of FIG. 14 and the contents display is clicked, the contents of the application are displayed in the application contents display area 96 together with the computer name and application name, as shown in FIG.

  In this system 10, since the administrator can grasp the installation status of applications in the computers 11 and 12 via the device monitoring server 15, it is possible to regulate unnecessary application installation actions by users of the network 18. In addition, the administrator of the system 10 can use the various types of installation data to grasp in detail the installation status of the permitted application in the computers 11 and 12, and reliably install the application for each computer 11 and 12. Can be monitored. Even if the contents of the applications installed in the computers 11 and 12 are unknown, the system 10 allows the administrator to know the contents of the applications by outputting the contents of the applications. It is possible to reliably determine whether installation is necessary.

  FIG. 16 is a diagram illustrating an example of an application uninstall status (application uninstall history), and FIG. 17 is a diagram illustrating the contents of the uninstalled application. In FIGS. 16 and 17, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the uninstallation of applications from the client computer 11 and the management computer 12 in a time series and in an endless manner. When the usable application is uninstalled from the computers 11 and 12 via the business management server 16, the device monitoring server 15 collects the uninstall data in time series and stores the collected uninstall data in the hard disk ( Uninstallation data collection means of the permitted operation data storage means). When the business management server 16 uninstalls an application from the computers 11 and 12 in response to a request from the computers 11 and 12, the business management server 16 inquires of the device monitoring server 15 whether the application can be uninstalled. When the application concerning the inquiry can be uninstalled, the device monitoring server 15 outputs an uninstall permission to the business management server 16. Upon receiving the uninstall permission from the device monitoring server 15, the business management server 16 uninstalls the application from the computers 11 and 12 and outputs the uninstall data to the device monitoring server 15. The device monitoring server 15 stores the uninstall data output from the business management server 16 on the hard disk.

  If the application relating to the inquiry cannot be uninstalled, the device monitoring server 15 outputs an unpermitted uninstall to the business management server 16 (unpermitted operation prohibiting means). When the business management server 16 receives the uninstallation disapproval from the device monitoring server 15, the business management server 16 displays that the uninstallation is impossible on the displays 19, 24, and 25 of the computers 11 and 12. When there is a request for outputting uninstall data from the management computer 12, the device monitoring server 15 displays the uninstall data stored in the hard disk on the display 25 of the computer 12, and the uninstall data is sent from a printer connected to the computer 12. Output (uninstall data output means). The device monitoring server 15 can output the uninstallation data divided into predetermined periods such as daily, weekly, and monthly.

  The management computer 12 can request the device monitoring server 15 to output the contents of the application uninstalled from the computers 11 and 12. When there is a request for outputting the contents of the uninstalled application, the device monitoring server 15 displays the contents of the application on the display 25 of the management computer 12 and outputs the contents of the application from a printer connected to the computer 12. (Uninstall application contents output means) The content of the uninstalled application is the same as that of the installed application, and is stored in the hard disk of the business management server 16.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects uninstall data from a report item (not shown) displayed on the display 25 of the computer 12. Specify the period. When uninstall data is selected and a period is specified, an application uninstall status in the specified period is displayed on the display 25 as shown in FIG. In FIG. 16, as the uninstall data, the computer name (computer name from which the application has been uninstalled) is displayed in the computer name display area 97, the date (uninstallation date) is displayed in the date display area 98, and the application name (uninstalled) is displayed in the application name display area 99. The name of the installed application) is displayed. When the application name 97 is highlighted on the screen of FIG. 16 and the contents display is clicked, the contents of the application are displayed in the application contents display area 100 together with the computer name and application name as shown in FIG.

  In this system 10, since the administrator can grasp the uninstallation status of the application in the computers 11 and 12 via the device monitoring server 15, it is possible to regulate unauthorized uninstallation of the application by the user of the network 18. . In addition, the administrator of the system 10 can use the various types of uninstall data to grasp in detail the uninstall status of the permitted applications in the computers 11 and 12, and uninstall the applications for each of the computers 11 and 12. Actions can be reliably monitored. Even if the contents of applications uninstalled from the computers 11 and 12 are unknown, the system 10 allows the administrator to know the contents of the applications by outputting the contents of the applications. Therefore, it is possible to reliably determine whether or not uninstallation is necessary.

  18 and 19 are diagrams showing examples of print history data, and show weekly print histories of the computers 11 and 12. 18 and 19, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the print status of the client computer 11 and the management computer 12 logged into the network 18 in time series and endlessly. When the computers 11 and 12 print data, the device monitoring server 15 collects the print history data in time series, and stores the collected print history data in the hard disk (print history data in the permitted operation data storage means). Collection means). When the computers 11 and 12 print data using a printer connected thereto, the print history data is output from the computers 11 and 12 to the device monitoring server 15. The device monitoring server 15 stores the print history data output from the computers 11 and 12 in the hard disk. When there is a print history data output request from the management computer 12, the device monitoring server 15 displays the print history data stored in the hard disk on the display 25 of the computer 12, and print history data from a printer connected to the computer 12. Output (print history data output means). The device monitoring server 15 can output the print history data by dividing it into a predetermined period such as daily, weekly or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects print history data from a report item (not shown) displayed on the display 25 of the computer 12. Specify the period. When print history data is selected and a period is designated, the print history for the designated period is displayed on the display 25 as shown in FIG. In FIG. 18, as the print history data, the period is displayed in the period display area 101, the computer name is displayed in the computer name display area 102, the MAC address is displayed in the MAC address display area 103, and the work group / domain display area 104 is displayed. , The work group / domain, the user name in the user name display area 105 (the user name of the computers 11 and 12 that performed printing), the total number of printed pages in the print total page count display area 106, and the number of prints in the print count display area 107. It is displayed.

  When the computer name displayed in the computer display area 102 is selected on the screen of FIG. 18, the details of the print history of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. FIG. 19 shows the details of the print history data as the month / day in the month / day display area 108, the computer name in the computer name display area 109, the work group / domain in the work group / domain display area 110, and the IP in the IP address display area 111. The MAC address is displayed in the address / MAC address display area 112. Further, the user name is displayed in the user name display area 113, the print date is displayed in the print date display area 114, the document name is displayed in the document name display area 115, the number of print pages is displayed in the print page number display area 116, and the printer name is displayed in the printer name display area 117. Has been. The administrator can output the print history of FIGS. 18 and 19 from the printer.

  In this system 10, since the device monitoring server 15 collects print history data in the computers 11 and 12 in time series, the administrator of the system 10 grasps the printing status in the computers 11 and 12 via the device monitoring server 15. It is possible to monitor the printing action in the computers 11 and 12 and to regulate the unlimited printing action by the user of the network 18. Further, by using the details of the print history, the administrator of the system 10 can grasp the print status of the computers 11 and 12 in detail, and the prints in the computers 11 and 12 can be reliably monitored.

  20 and 21 are diagrams showing an example of file access data (file access history), and show weekly file access of the computers 11 and 12. In FIGS. 20 and 21, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the file access status of the client computer 11 and the management computer 12 logged into the network 18 in time series and endlessly. When the computers 11 and 12 access a predetermined file, the device monitoring server 15 collects the file access data in time series and stores the collected file access data on the hard disk (the file in the permitted operation data storage means). Access data collection means). When the computers 11 and 12 access a file stored in the memory, the file access data is output from the computers 11 and 12 to the device monitoring server 15. The device monitoring server 15 stores the file access data output from the computers 11 and 12 on the hard disk. When there is a request for outputting file access data from the management computer 12, the device monitoring server 15 displays the file access data stored in the hard disk on the display 25 of the computer 12, and the file access data is sent from a printer connected to the computer 12. Output (file access data output means). The device monitoring server 15 can output the file access data by dividing it into a predetermined period such as daily, weekly, monthly or the like.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, the file access data is obtained from the report item on the report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When file access data is selected and a period is designated, the file access status in the designated period is displayed on the display 25 as shown in FIG. In FIG. 20, as the file access data, the computer name (the name of the computer that accessed) is displayed in the computer name display area 119 and the MAC address and work group / domain display are displayed in the MAC address display area 120 for the period specified in the period display area 118. The work group / domain is displayed in area 121, the user name (user name of the computer 11, 12 that made access) is displayed in user name display area 122, and the access count is displayed in access count display area 123.

  When the computer name displayed in the computer name display area 119 is selected on the screen of FIG. 20, the details of the file access status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. FIG. 21 shows the details of the file access data as the date in the month / day display area 124, the computer name in the computer name display area 125, the workgroup / domain in the workgroup / domain display area 126, and the IP in the IP address display area 127. The MAC address is displayed in the address / MAC address display area 128. Furthermore, the user name is displayed in the user name display area 129, the access date and time display area 130 is accessed and the operation content is displayed in the operation content display area 131 (copy, cut, write, delete, holder creation, name change, etc.), and the file name display area. The file name is displayed in 132, and the file name before change is displayed in the file name display area 133 before change. The administrator can output the file access status shown in FIGS. 20 and 21 from the printer.

  In this system 10, since the device monitoring server 15 collects file access data in the computers 11 and 12 in time series, the administrator of the system 10 grasps the file access status of the computers 11 and 12 via the device monitoring server 15. It is possible to monitor the usage status of files in the computers 11 and 12 and to restrict the unlimited use of files by users of the network 18. Further, by using the details of the file access status by the administrator of the system 10, the file access status of the computers 11 and 12 can be grasped in detail, and the file access in the computers 11 and 12 is reliably monitored. Can do.

  22 and 23 are diagrams showing an example of external use data (external use history), and show weekly external use of the computers 11 and 12. In FIGS. 22 and 23, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the use of the client computer 11 or the management computer 12 other than the network 18 in time series and endlessly. When the computers 11 and 12 are used in an external environment other than the network 18, the device monitoring server 15 collects the external use data in time series and stores the collected external use data in the hard disk (permitted operation data storage means) Of external use data collection means). When there is a request for output of external use data from the management computer 12, the device monitoring server 15 displays the external use data stored in the hard disk on the display 25 of the computer 12 and displays the external use data from a printer connected to the computer 12. Output (external use data output means). The device monitoring server 15 can output the external usage data by dividing it into a predetermined period such as daily, weekly, or monthly.

  The computers 11 and 12 output an identification number (computer name, IP address, MAC address, etc.) identifying them to the device monitoring server 15 at regular time intervals (3-minute intervals, 5-minute intervals, etc.). The device monitoring server 15 determines that the computers 11 and 12 have left the network 18 when the identification numbers output from the computers 11 and 12 at regular intervals are interrupted even once, and from the computers 11 and 12 for a certain period of time. When the identification number is output again at intervals, it is determined that the computers 11 and 12 are connected to the network 18 again, and it is determined that the computers 11 and 12 are used in the external environment. When the device monitoring server 15 determines that the computers 11 and 12 are used in the external environment, the computer 11 and 12 use the identification numbers (computer names, IP addresses, MAC addresses, etc.) of the computers 11 and 12 and the usage history data in the external environment. 11 and 12, and the read identification number and external use history data are stored in the hard disk.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing the authentication procedure, the external use data is obtained from the report item on the report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When the external use data is selected and the period is designated, the external use data in the designated period is displayed on the display 25 as shown in FIG. In FIG. 22, as the external use data, the computer name (externally used computer name) is displayed in the computer name display area 135, the MAC address is displayed in the MAC address display area 136, and the work group / domain is displayed as the period display area 134. An area 137 displays a work group / domain, a user name display area 138 displays a user name (user name of the computer 11 or 12 used externally), and an external use count display area 139 displays the external use count.

  When the computer name displayed in the computer name display area 135 is selected on the screen of FIG. 22, the details of the external usage status of the selected computers 11 and 12 are displayed on the display 23 as shown in FIG. In FIG. 23, as the details of the external use data, the date is displayed in the month / day display area 140, the computer name is displayed in the computer name display area 141, the work group / domain is displayed in the work group / domain display area 142, and the IP address is displayed in the IP address display area 143. The MAC address is displayed in the address / MAC address display area 144. Furthermore, the external use start time display area 145 has an external use start time, the external use end time display area 146 has an external use end time, the user name display area 147 has a user name, the application use start time display area 148 has an application use start time, Application use end time display area 149 is the application use end time, application operation time display area 150 is the application operation time, application name display area 151 is the application name (the application name used for external use), and operation window name display area An operation window name (an operation window name of an application used for external use) is displayed at 152. The administrator can output the external use data shown in FIGS. 22 and 23 from the printer.

  In this system 10, the device monitoring server 15 collects the usage status of the external computers 11, 12 and the administrator can grasp the usage status of the external computers 11, 12. , 12 can be specified, and unauthorized actions such as unauthorized removal of important data and confidential data by the user of the network 18, alteration of the data, destruction of the data, and the like can be regulated. Further, the administrator of the system 10 can grasp the external usage status of the computers 11 and 12 in detail by using the details of the external usage status, and reliably monitor the external usage of the computers 11 and 12. Can do. This system 10 allows the administrator to accurately grasp the distribution route of various data, the outflow route of various data, and the inflow route of various data using the external use data, so that illegal actions by users of the network 18 can be prevented. Since it can be regulated, a secure network 18 can be reliably constructed.

  24 and 25 are diagrams showing an example of the usage data outside the specified time (usage history after the specified time), and show the usage outside the specified time for the week of the computers 11 and 12. In FIGS. 24 and 25, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the use of the client computer 11 and the management computer 12 outside the specified time in a time-series and endless manner. When the computers 11 and 12 are used outside the specified time, the device monitoring server 15 collects the use data outside the specified time in a time series, and stores the collected use data outside the specified time on the hard disk (permitted operation data storage). External usage data collection means). The device monitoring server 15 outputs the specified time (usable time) of the computers 11 and 12 from the business management server 16. The device monitoring server 15 determines whether the use of the computers 11 and 12 is within the specified time or outside the specified time by using the timer function. Is stored on the hard disk. The usage status of the computers 11 and 12 within the specified time is monitored by the device monitoring server 15. When the management computer 12 requests the management computer 12 to output the specified overtime data, the device monitoring server 15 displays the specified overtime data stored in the hard disk on the display 25 of the computer 12, and the specified overtime data is stored in the computer 12. Is output from the printer connected to the (outside specified use data output means). The device monitoring server 15 can output the specified overtime use data by dividing it into a predetermined period such as a day unit, a week unit, or a month unit.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, the administrator uses the report item on the report display screen (not shown) displayed on the display 25 of the computer 12 for overtime use. Select the data and specify the period. When the use data outside the specified time is selected and the period is specified, the use situation outside the specified time in the specified period is displayed on the display 25 as shown in FIG. In FIG. 24, as the use data outside the specified time, the computer name is displayed in the computer name display area 154, the MAC address is displayed in the MAC address display area 155, and the work group / domain display area 156 is displayed in the work group / domain display period 153. In the domain / user name display area 157, the user name and the number of times outside the designated time display area 158 are displayed.

  When the computer name displayed in the computer name display area 154 is selected on the screen of FIG. 24, the details of the overtime use data of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. FIG. 25 shows the details of the usage situation outside the designated time, in the month and day display area 159, the computer name (computer name used outside the designated time) in the computer name display area 160, and the work group / domain display area 161. The work group / domain is displayed, the IP address display area 162 is displayed with the IP address, and the MAC address display area 163 is displayed with the MAC address. Further, the user name display area 164 is a user name (user names of the computers 11 and 12 used outside the specified time), the overtime use start time display area 165 is an overtime use start time, and the overtime use end time display area 166 is used. In the operation time display area 167, the operation time (overtime use time), in the application name display area 168, the application name (application name used during overtime use), and in the operation window name display area 169 The name of the operation window (the name of the operation window of the application that was used during overtime use) is displayed. The administrator can output the overtime use data shown in FIGS. 24 and 25 from the printer.

  In this system 10, the device monitoring server 15 collects the usage status of the computers 11 and 12 outside the specified time, and the administrator can grasp the usage status of the computers 11 and 12 outside the specified time. The computers 11 and 12 that have been used can be identified, and unauthorized actions such as unauthorized removal of important data and confidential data by the user of the network 18, falsification of the data, and destruction of the data can be regulated. . In addition, the administrator of the system 10 can use the details of the usage situation outside the designated hours to grasp the usage situation outside the designated hours of the computers 11 and 12 in detail. Can be reliably monitored. This system 10 allows the administrator to accurately grasp the distribution route of various data, the outflow route of various data, and the inflow route of various data using the overtime data specified by the administrator. Since actions can be regulated, a secure network 18 can be reliably constructed.

  26 and 27 are diagrams showing an example of take-out action data (take-out action history), and show the take-out action status of the computers 11 and 12 for each day. In FIGS. 26 and 27, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the taking-out action from the client computer 11 and the management computer 12 of data prohibited from being taken out in time series and endlessly. The device monitoring server 15 prohibits the taking-out of data prohibited from being taken out (non-permitted operation prohibiting means), and when taking out the data prohibited from being taken out from the computers 11 and 12, the take-out action data is time-series. The collected action data is stored in the hard disk (the action data collection means of the unauthorized operation data storage means). The method of prohibiting data export includes a method of specifying the computers 11 and 12 and prohibiting data export from the computers 11 and 12, and prohibiting copying of data stored in a drive mounted on the computers 11 and 12. There are a method (prohibition of copying to the drive), a method of prohibiting writing to the drive mounted on the computers 11 and 12, and a method of specifying specific data and prohibiting copying of the data.

  The device monitoring server 15 performs a copy operation on a copy-prohibited drive when a data storage operation (data access or data copy in the computers 11 and 12) is performed on the computers 11 and 12 where data export is prohibited. If a write action is performed on the write-protected drive, or if a copy action is performed on the copy-prohibited data, it is determined that the data is taken out and the take-out action data is stored in the hard disk. A copy prohibition message is displayed on the displays 19, 24 and 25 of the computers 11 and 12. When there is a request for outputting take-out action data from the management computer 12, the device monitoring server 15 displays the take-out action data stored in the hard disk on the display 25 of the computer 12, and takes out the take-out action data from a printer connected to the computer 12. Output (take-out action data output means). The device monitoring server 15 can output the take-out action data by dividing it into a predetermined period such as daily, weekly or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing the authentication procedure, and then takes out the action data from the report item on the report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When the take-out action data is selected and the period is designated, as shown in FIG. 26, the take-out action status in the designated period is displayed on the display 25. In FIG. 26, as take-out action data, the computer name (the name of the computer where the take-out action was performed) is displayed in the computer name display area 171 and the work group / domain display area 172 is displayed in the work group / domain for the period specified in the period display area 170. In the user name display area 173, the user name (the user name of the computer 11 or 12 where the take-out action was performed) is displayed.

  When the computer name displayed in the computer name display area 171 is selected on the screen of FIG. 26, the details of the carry-out action status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 27, the details of the take-out action data include the date in the month / day display area 175, the computer name in the computer name display area 176, the work group / domain in the work group / domain display area 177, and the IP in the IP address display area 178. The MAC address is displayed in the address / MAC address display area 179. Further, the user name is displayed in the user name display area 180, the date and time of the take-out action display area 181, the date and time of the take-out action content, the content of the take-out operation display area 182 (copy, cut, file search, etc.), and the file name in the file name display area 183. The file name before change (data name to be taken out) is displayed in the file name display area 184 before change. The administrator can output the take-out action data shown in FIGS. 26 and 27 from the printer.

  In this system 10, the device monitoring server 15 collects the status of taking out the computers 11 and 12, and the administrator can grasp the computers 11 and 12 where the data is taken out. It is possible to regulate unauthorized actions such as unauthorized removal of important data and confidential data, falsification of such data, and destruction of such data. In addition, the administrator of the system 10 can use the details of the state of taking out the data to grasp in detail the state of taking out the data in the computers 11 and 12 and reliably monitor the action of taking out prohibited data. be able to. In this system 10, the administrator can accurately grasp the illegal take-out of various data using the take-out action data, and can suppress the cheating by the user of the network 18. It can be built reliably.

  28 and 29 are diagrams illustrating an example of print action data (print action history), and show the weekly print action status of the computers 11 and 12. In FIGS. 28 and 29, the display of specific names, numerical values and the like of each item is omitted. The device monitoring server 15 monitors the printing action in the client computer 11 and the management computer 12 of data for which printing is prohibited in a time-series and endless manner. The device monitoring server 15 prohibits printing of data prohibited from printing (non-permitted operation prohibiting means), and when printing data prohibited from printing from the computers 11 and 12, the printing action data is sometimes obtained. The collected print action data is stored in the hard disk, and the collected print action data is stored in the hard disk (print action data collecting means in the non-permitted operation data storage means). The method of prohibiting data printing is to specify the computers 11 and 12 and prohibit printing of data in the computers 11 and 12, and to specify the drive mounted on the computers 11 and 12 and store the data in the drive. There are a method of prohibiting data printing and a method of specifying specific data and prohibiting printing of the data.

  The device monitoring server 15 performs data printing when a printing action is performed on the computers 11 and 12 that are prohibited from printing, when a printing action is performed on a print-prohibited drive, when a printing action is performed on print-prohibited data. The print action is determined and the print action data is stored in the hard disk. A print prohibition message is displayed on the displays 19, 24, and 25 of the computers 11 and 12. When there is a print action data output request from the management computer 12, the device monitoring server 15 displays the print action data stored in the hard disk on the display 25 of the computer 12, and the print action data is sent from a printer connected to the computer 12. Output (print action data output means). The device monitoring server 15 can output the print action data in a predetermined period such as daily, weekly, or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then prints print action data from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. Select and specify the period. When the print action data is selected and the period is specified, the print action status in the specified period is displayed on the display 25 as shown in FIG. In FIG. 28, as print action data, the computer name (the name of the computer on which the print action was performed) is displayed in the computer name display area 186 and the work group / domain display area 187 is the work group / domain for the period specified in the period display area 185 The user name display area 188 displays the user name (the name of the computer 11 or 12 that performed the printing action), and the printing action count display area 189 displays the printing action count.

  When the computer name displayed in the computer name display area 186 is selected on the screen of FIG. 28, the details of the printing action status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 29, as details of the print action data, the period is displayed in the period display area 190, the computer name is displayed in the computer name display area 191, the work group / domain is displayed in the work group / domain display area 192, the IP address is displayed in the IP address display area 193, The MAC address is displayed in the MAC address display area 194. Further, the user name is displayed in the user name display area 195, the print action date and time display area 196 is printed and the document name is displayed in the document name display area 197, and the printer name is displayed in the printer name display area 198. Is displayed). The administrator can output the print action data shown in FIGS. 28 and 29 from the printer.

  In this system 10, the device monitoring server 15 collects the print action status of the computers 11 and 12, and the administrator can grasp the computers 11 and 12 on which the print action for the print prohibition data has been performed. Unauthorized actions such as unauthorized removal of important data and confidential data by the user, falsification of the data, and destruction of the data can be regulated. In addition, the administrator of the system 10 can use the details of the print action status to grasp the details of the data print action status in the computers 11 and 12, and reliably monitor the print action of the print prohibition data. be able to. In this system 10, the administrator can accurately grasp unauthorized printing of various data using the printing action data, and can suppress unauthorized actions by users of the network 18. It can be built reliably.

  30 and 31 are diagrams showing an example of e-mail transmission data (e-mail transmission history), and show the weekly e-mail transmission status of the computer. In FIGS. 30 and 31, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors e-mail transmissions in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 send e-mails to the other computers 11 and 12 of the network 18 and send e-mails to the outside of the network 18 using the Internet 23, the e-mail transmission signal is sent to the computers 11 and 12. 12 to the device monitoring server 15. The device monitoring server 15 detects e-mail transmission in the computers 11 and 12 based on e-mail transmission signals output from the computers 11 and 12. When the device monitoring server 15 detects the mail transmission, the device monitoring server 15 collects the email transmission data in time series and stores the collected email transmission data in the hard disk (the email transmission data collection means of the permitted operation data storage means). ). When there is an output request for email transmission data from the management computer 12, the device monitoring server 15 displays the email transmission data stored in the hard disk on the display 25 of the computer 12, and the email transmission data is connected to the computer 12. Output from the printer (e-mail transmission data output means). The device monitoring server 15 can output the e-mail transmission data in a predetermined period such as daily, weekly, or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then sends e-mail transmission data from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. And select a period. When the e-mail transmission data is selected and the period is specified, the e-mail transmission status in the specified period is displayed on the display 25 as shown in FIG. In FIG. 30, as e-mail transmission data, the computer name is displayed in the computer name display area 200, the MAC address is displayed in the MAC address display area 201, and the work group / domain is displayed in the work group / domain display area 202 as the period specified in the period display area 199. The number of email transmissions is displayed in the email transmission number display area 203.

  When the computer name displayed in the computer name display area 200 is selected on the screen of FIG. 30, the details of the e-mail transmission status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. FIG. 31 shows the details of the e-mail transmission data, such as the date (e-mail transmission date and time) in the month / day display area 204, the computer name (computer name that sent the e-mail) in the computer name display area 205, and the work group / domain. A work area / domain is displayed in the display area 206, an IP address is displayed in the IP address display area 207, and a MAC address is displayed in the MAC address display area 208. Furthermore, the sender (user name of the computer 11 or 12 that sent the email) is displayed in the sender display area 209, the email transmission date / time is displayed in the email transmission date / time display area 210, the destination (email transmission destination address) is displayed in the destination display area 211, A subject (subject e-mail subject) is displayed in the subject display area 212. The administrator can output the e-mail transmission status of FIGS. 30 and 31 from the printer.

  In this system 10, the device monitoring server 15 collects the e-mail transmission data of the computers 11 and 12, and the administrator can grasp the e-mail transmission status in the computers 11 and 12. Unauthorized transmission and unauthorized transmission can be regulated. Further, the administrator of the system 10 can use the details of the e-mail transmission status to grasp the e-mail transmission status in the computers 11 and 12 in detail, and can reliably monitor the e-mail transmission. . In this system 10, the administrator can accurately grasp the unauthorized transmission of various data using the email transmission data, and can suppress unauthorized acts by users of the network 18. Can be built reliably.

  32 and 33 are diagrams showing an example of website access data (website access history), and show the website access status of the computers 11 and 12 for a week. In FIGS. 32 and 33, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the access to the Web site in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 access the website using the Internet 23, a website access signal is output from the computers 11 and 12 to the device monitoring server 15. The device monitoring server 15 detects an access to the website in the computers 11 and 12 based on the website access signal output from the computers 11 and 12. When the device monitoring server 15 detects access to the website, the equipment monitoring server 15 collects the website access data in time series, and stores the collected website access data on the hard disk (the website access in the permitted operation data storage means). Data collection means). When there is a request for outputting website access data from the management computer 12, the device monitoring server 15 displays the website access data stored in the hard disk on the display 25 of the computer 12, and the website access data is connected to the computer 12. Output from the printer (Website access data output means). The device monitoring server 15 can output the website access data by dividing it into a predetermined period such as daily, weekly or monthly.

  The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects Web site access data from a report item (not shown) displayed on the display 25 of the computer 12. Specify the period. When the website access data is selected and the period is designated, the website access status in the designated period is displayed on the display 25 as shown in FIG. In FIG. 32, as the website access data, the computer name (computer name that accessed the website) is displayed in the computer name display area 214, the MAC address is displayed in the MAC address display area 215, and the work group / workgroup / period is designated in the period display area 213. The domain display area 216 displays the work group / domain, the Web site access count display area 217 displays the access count, the byte count display area 218 displays the byte count, and the packet count display area 219 displays the packet count.

  When the computer name displayed in the computer name display area 214 is selected on the screen of FIG. 32, details of the website access status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 33, as the details of the website access data, the month and day (Website access date and time) in the month and day display area 220, the computer name in the computer name display area 221 and the workgroup / domain in the workgroup / domain display area 222 are shown. An IP address is displayed in the IP address display area 223, and a MAC address is displayed in the MAC address display area 224. Further, the website address is displayed in the website address display area 225, the protocol is displayed in the protocol display area 226, the number of bytes is displayed in the byte number display area 227, the number of packets is displayed in the packet number display area 228, and the connection time is displayed in the connection time display area 229. Connection time) is displayed. The administrator can output the Web site access data shown in FIGS. 32 and 33 from the printer.

  In this system 10, the device monitoring server 15 collects the website access data of the computers 11 and 12, and the administrator can grasp the access status to the website in the computers 11 and 12. Unauthorized and unauthorized access to illegal websites can be regulated. Further, by using the details of the website access status by the administrator of the system 10, the website access status in the computers 11 and 12 can be grasped in detail, and the website access can be reliably monitored. . This system 10 is safe because its administrator can accurately grasp illegal access to illegal websites using website access data, and can suppress unauthorized actions by users of the network 18. A reliable network 18 can be constructed with certainty.

  FIGS. 34 and 35 are diagrams showing an example of external network access data (external network access history), and show weekly Web site access statuses of the computers 11 and 12. In FIGS. 34 and 35, the display of specific names and numerical values of each item is omitted. The device monitoring server 15 monitors the access to the external network in the client computer 11 and the management computer 12 in time series and endlessly. When the computers 11 and 12 access the external network using the Internet 23, an external network access signal is output from the computers 11 and 12 to the device monitoring server 15. The device monitoring server 15 detects the access to the external network in the computers 11 and 12 based on the external network access signal output from the computers 11 and 12. Upon detecting access to the external network, the device monitoring server 15 collects the external network access data in time series, and stores the collected external network access data on the hard disk (external network access in the permitted operation data storage unit). Data collection means). When there is a request for output of external network access data from the management computer 12, the device monitoring server 15 displays the external network access data stored in the hard disk on the display 25 of the computer 12, and the external network access data is connected to the computer 12. Output from the printer (external network access data output means). The device monitoring server 15 can output the external network access data divided into predetermined periods such as daily, weekly, and monthly.

  After the administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, external network access data can be obtained from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12. And select a period. When the external network access data is selected and the period is designated, the external network access status in the designated period is displayed on the display 25 as shown in FIG. In FIG. 34, as external network access data, the computer name (computer name that accessed the external network) is displayed in the computer name display area 231 for the period specified in the period display area 230, the MAC address is displayed in the MAC address display area 232, and the work group / The domain display area 233 is a work group / domain, the external network access count display area 234 is the external network access count, and, among the traffic from the outside, the byte count display area 235 is the number of bytes and the packet count display area 236 is the number of packets. Among these traffics, the byte number display area 237 displays the byte number and the packet number display area 238 displays the packet number.

  When the computer name displayed in the computer name display area 241 is selected on the screen of FIG. 34, the details of the external network access status of the selected computers 11 and 12 are displayed on the display 25 as shown in FIG. In FIG. 35, as the details of the external network access data, the month / day (external network access date / time) is displayed in the month / day display area 239, the computer name is displayed in the computer name display area 240, the work group / domain is displayed in the work group / domain display area 241, An IP address is displayed in the IP address display area 242, and a MAC address is displayed in the MAC address display area 243. Furthermore, the external IP display area 244 is an external IP (external network address), the protocol type display area 245 is a protocol type, the port display area 246 is a port, the protocol display area 247 is a protocol, and the number of bytes of traffic from the outside is displayed. The number of bytes in 248, the number of packets in the packet number display area 249, the connection time in the connection time display area 250, and the traffic from the inside, the number of bytes in the byte number display area 251 and the number of packets in the packet number display area 252, the connection time The connection time is displayed in the display area 253. The administrator can output the external network access data shown in FIGS. 34 and 35 from the printer.

  In this system 10, the device monitoring server 15 collects external network access data of the computers 11 and 12, and the administrator can grasp the access status of the computers 11 and 12 to the external network. Unauthorized access to illegal external networks and unauthorized access can be regulated. Further, by using the details of the external network access status by the administrator of the system 10, the external network access status in the computers 11 and 12 can be grasped in detail, and the external network access can be reliably monitored. . The system 10 is safe because the administrator can accurately grasp illegal access to an illegal external network by using external network access data, and can suppress illegal acts by users of the network 18. A reliable network 18 can be established.

  FIG. 36 is a diagram illustrating an example of an upgrade setting screen of the device management application (agent application). In this system 10, the upgrade of the device management application by the computers 11 and 12 itself is prohibited, and the upgrade of the device management application installed in each computer 11 and 12 is performed via the device monitoring server 15 (device management application upgrade). means). The administrator of the system 10 logs in the management computer 12 to the network 18 by performing an authentication procedure, and then selects an agent upgrade from a report item on a report display screen (not shown) displayed on the display 25 of the computer 12 To do. When upgrade is selected, an upgrade setting screen is displayed on the display 25 as shown in FIG. On the upgrade setting screen, the latest upgrade version is displayed in the upgrade version display area 254, the computer names of the computers 11 and 12 forming the network 18 are displayed in the computer name display area 255, and the computers 11 and 12 are displayed. The version information of the currently installed device management application is displayed in the version information display area 256.

  The administrator puts a check mark in the designated area 257 and specifies the computers 11 and 12 for upgrading the device management application. When the administrator clicks the upgrade icon on the screen after checking the designated area 257, the specified computer name is output from the management computer 12 to the device monitoring server 15. The device monitoring server 15 upgrades the device management application installed in the computers 11 and 12 output from the management computer 12 to the latest one, and writes the device management application data installed in the computers 11 and 12 into the latest one. Change to store on the hard disk. The upgrade result is displayed in the upgrade result display area 258. In the area 258, OK is displayed when the upgrade is successful, work in progress is displayed during the upgrade, and NG is displayed when the upgrade is unsuccessful. In this system 10, by prohibiting the upgrade of the device management application by the computers 11 and 12 itself, it is possible to prevent the device management application from being freely upgraded in the computers 11 and 12, and the computer 11 and 12 itself can prevent the device management application from being upgraded. Grades can be unified.

  In the system 10, uninstallation of the device management application by the computers 11 and 12 itself is prohibited, and the device management application installed in each computer 11 and 12 is uninstalled via the device monitoring server (device management). Application uninstall means). The system 10 can prevent the device management application from being uninstalled on the computers 11 and 12 by prohibiting the uninstallation of the device management application by the computers 11 and 12 itself. The loss of 15 monitoring functions can be prevented.

  The device monitoring server 15 includes link information, unregistered computer connection information, usage history information, access history information, installation information, uninstallation information, external usage information, overtime use information, take-out action information, print action information, e-mail The transmission information, website access information, and external network access information are encrypted based on a predetermined encryption method (encryption means) and stored in the hard disk. The device monitoring server 15 decrypts the encrypted information when outputting the information to the management computer 12. In this system 10, the device monitoring server 15 encrypts various types of information based on a predetermined encryption method. Therefore, even if the information flows out of the device monitoring server 15, the content of the information is not decrypted. Therefore, it is possible to prevent leakage of the information contents to the outside. In addition, since the information is encrypted, the contents are not falsified, and the correctness and truthfulness of the information contents can be ensured. In this system 10, since link information is encrypted, the link status of each device in the network 18 is not analyzed, and unauthorized entry into the network 18 can be reliably prevented.

  In addition to the RSA method, any one of the EPOC encryption method, the Rabin encryption method, the Diffie-Hellman key distribution ElGamal encryption method, and the elliptical Diffie-Hellman key distribution elliptical Elmalmal encryption method should be used as the public key encryption method. You can also. As the encryption method, a common key encryption method can be used alone. As the common key encryption method, any one of the DES encryption method, the FEAL encryption method, the IDEA encryption method, the MISTY encryption method, the MULTI authentication method, and the RC2 / 4/5 encryption method can be used. As the encryption method, a MIX encryption method using both a public key encryption method (RSA encryption method) and a common key encryption method (DES encryption method) can also be used.

The block diagram of the local area network shown as an example. The figure which shows an example of the display screen of the authentication procedure displayed on the display of a computer. The figure which shows an example of computer equipment information. The figure which shows an example of an application list. The figure which shows an example of the network connection information of an unregistered computer. The figure which shows an example of the network connection information of an unregistered computer. The figure which shows an example of an unregistered computer exclusion setting screen. The figure which shows an example of the usage history information of an application. The figure which shows an example of the usage history information of an application. The figure which shows an example of access history information. The figure which shows an example of access history information. The figure which shows an example of the setting screen of addition, a change, and deletion of a useable application. The figure which shows an example of the setting screen of addition, a change, and deletion of an unusable application. The figure which shows an example of an application installation condition. The figure which shows the content of the installed application. The figure which shows an example of an application uninstall condition. The figure which shows the content of the uninstalled application. The figure which shows an example of print log information. The figure which shows an example of print log information. The figure which shows an example of file access information. The figure which shows an example of file access information. The figure which shows an example of external use information. The figure which shows an example of external use information. The figure which shows an example of use information outside designated time. The figure which shows an example of use information outside designated time. The figure which shows an example of take-out action information. The figure which shows an example of take-out action information. The figure which shows an example of printing action information. The figure which shows an example of printing action information. The figure which shows an example of electronic mail transmission information. The figure which shows an example of electronic mail transmission information. The figure which shows an example of website access information. The figure which shows an example of website access information. The figure which shows an example of external network access information. The figure which shows an example of external network access information. The figure which shows an example of the upgrade setting screen of a device management application (agent application).

Explanation of symbols

10 Device Management System 11 Client Computer (Network Configuration Device)
12 Management computer (network component equipment)
13 Unregistered computer (unregistered network component)
14 specific component device 15 device monitoring server 16 business management server 18 network 19 display 24 display 25 display

Claims (11)

In a device management system comprising a plurality of network component devices linked to each other, and a device monitoring server connected to a network formed from these network component devices and monitoring the network component devices in time series,
The network component device causes the component device to transmit permitted operation data when the component device performs an operation permitted to the network component device to the device monitoring server, and performs a non-permitted operation other than the permitted operation. A device management application is installed to transmit non-permitted operation data when the device is about to be executed from the component device to the device monitoring server,
The device monitoring server includes: an unregistered configuration device detecting unit that detects an unregistered network configuration device when an unregistered network configuration device not installed with the device management application is connected to the network; and the unregistered network A device management system comprising: unregistered component device connection data output means for outputting component device connection data.   The device monitoring server is a permitted operation data storage unit that stores the permitted operation data transmitted from the network configuration device in time series, and an unauthorized operation prohibition unit that prohibits execution of the unauthorized operation in the network configuration device. 2. A device management system according to claim 1, further comprising non-permitted operation data storage means for storing the non-permitted operation data transmitted from the network constituent devices in time series.   The device monitoring server includes a specific configuration device exclusion unit that excludes a specific configuration device from the unregistered network configuration device among the unregistered network configuration devices, and the unregistered configuration device detection unit includes an unregistered network configuration. The device management system according to claim 1 or 2, wherein when the specific component device excluded from the device is connected to the network, the specific component device is not detected as an unregistered network component device.   The operation permitted to the network component device is an application use that the component device uses a permitted application permitted to be used by the network component device, and the permitted operation data is the use of the permitted application in the network component device. 4. The device management system according to claim 1, wherein the device management system is a history.   The operation permitted to the network component device includes an external use in which the network component device is used in an external environment other than a network formed by the component device, and an overtime use in which the network component device is used outside a specified time. The permitted operation data is an external use history when the network component device is used in the external environment and an overtime use history when the network component device is used outside a specified time. The device management system according to any one of claims 1 to 4.   The operations permitted to the network component device include an e-mail transmission that transmits an e-mail via the network component device, a website access that accesses a website via the network component device, and the network component device. External network access that accesses an external network via the network, and the permission operation data includes an e-mail transmission history when an e-mail is transmitted from the network component device, and a case where the network component device accesses a website 6. The device management system according to claim 1, wherein the device management system includes: an access history of the Web site; and an external network access history when the network component device accesses an external network.   The operations permitted for the network component device are application installation for installing the permitted application in the network component device, and application uninstallation for uninstalling the permitted application from the network component device, and the permitted operation data is the The application installation history when a permitted application is installed in a network component device and the application uninstall history when the permitted application is uninstalled from the network component device. Equipment management system.   Non-permitted operations in the network component device include a data take-out operation for taking out prohibited data from the network component device, a data print operation for printing print prohibited data from the network component device, and a non-permitted application whose use is prohibited. An unauthorized application access operation to be accessed, and the unauthorized operation data is an attempt to print out the carry-out action history when the carry-out prohibition data is to be taken out from the network component device and the print prohibition data from the network component device. The device management according to any one of claims 1 to 7, further comprising: a print action history when the network configuration device accesses a non-permitted application; Stem.   The device management according to claim 8, wherein the device monitoring server includes a permitted application modification unit that adds, changes, and deletes the permitted application, and a prohibited application modification unit that adds, changes, and deletes the unauthorized application. system.   The device management system prohibits uninstallation of the device management application in the network configuration device, and performs uninstallation of the device management application in the network configuration device via the device monitoring server. 9. The device management system according to any one of 9.   11. The device management system according to claim 1, wherein the device management system prohibits upgrade of the device management application in the network configuration device, and upgrades the device management application in the network configuration device via the device monitoring server. The device management system described in Crab.

Images