JP6602712B2 - Failure response support system and failure response support method - Google Patents

Description

  The present invention relates to a failure response support system and a failure response support method, and more specifically, in response to a failure in a data center, the situation monitoring and service recovery operations by a person in charge are smoothly and efficiently performed in a secure environment. Technology related to

  Various analyzes using vast amounts of data and the use of them for business activities are accelerating. Along with this trend, the importance of appropriate failure handling for data centers that securely store such data tends to increase.

  The following are proposed as conventional techniques for managing the data center and the like. That is, a human face image dispatched from outside as a data center contractor and located in front of the server rack door in the floor is photographed and authenticated by a web camera installed on the rack, and is matched with a registered face image and further matched with an ID card. Can be unlocked on-site at the same time, or the same video can be sent in real time to a remote information terminal that can be operated by the person dispatching the person concerned, and the person concerned can directly recognize the person's face on the monitor screen There has been proposed a data center security management system (see Patent Document 1) and the like that can be remotely unlocked when the identity is confirmed, and the confirmation signal and the collation match by the ID card at the site are simultaneously established.

  Also, a use authority management system for managing entry / exit to / from a room for each individual holding an authentication means that implements an individual ID for identifying an individual and the use authority of equipment in the room, wherein at least the individual ID is detected A fixing device fixed for each room including an authentication ID detection unit and an unlocking processing unit, and at least an authentication ID detection unit for detecting the personal ID, a room display detection unit, and an unlocking processing unit in the room A portable device that can be brought in, a room identification display unit that generates a room identification signal unique to each room, and a management in which the authority to use the fixed device and the portable device is registered corresponding to the personal ID and the room identification signal An authentication server including a list is connected via a network, and the fixed device determines the personal ID detected by the authentication ID detection unit based on the management list and grants the use authority. The portable device determines the personal ID detected by the authentication ID detection unit and the room identification signal detected by the room display detection unit based on the management list, and permits usage authority. A system (see Patent Document 2) has also been proposed.

JP 2009-37573 A JP 2008-234615 A

  Even if a failure occurs in the data center, if the incident is assumed in advance, it is possible to respond according to a predetermined manual.

  However, there are many cases where the incident is outside the scope of the assumption. Even if the incident is within the scope of the prior assumption, the output form of the detection message may differ from the manual depending on the specifications of the failure detection system. In that case, the person in charge cannot identify the appropriate countermeasures even if referring to the manual.

  Eventually, the engineer in charge of the failure will go to the data center, understand the situation, and take actual service recovery measures in consultation with the parties concerned.

  However, even if the engineer in charge visits the data center, before proceeding with the actual failure, various procedures such as application for use of the device are required, starting with the procedure for entering the data center. Therefore, there is a current situation in which extra time is spent on a response unrelated to the failure response before entering the actual failure response operation. In addition, although it is a failure response that takes time, the mechanism for accurately recording the response history and utilizing it at a later audit is not sufficient.

  SUMMARY OF THE INVENTION An object of the present invention is to provide a technology that enables smooth and efficient operation in a secure environment for grasping a situation and performing service restoration by a person in charge when dealing with a failure in a data center.

The failure response support system of the present invention that solves the above-described problems is a communication device that communicates with an external device via a network, and an information processing device in a predetermined building when accessed via an external network by a predetermined terminal. Processing that accepts only a predetermined command for the information processing device, and processing that accepts a predetermined command other than the predetermined command for the information processing device when the terminal approaches the building and establishes communication in a building network And the terminal has requested establishment of communication in the building network within a predetermined time period corresponding to a travel time between the building and the building where the terminal has accessed via the external network. The terminal is allowed to establish communication in the building network and the previous time limit If the terminal does not require establishment of communication in the building within the network, characterized in that it comprises a computing unit and a process of disconnecting the communication between the terminal and the information processing apparatus via the external network.

Further, according to the failure handling support method of the present invention, an information processing system including a communication device that communicates with an external device via a network is connected to an information processing device in a predetermined building via an external network by a predetermined terminal. When accessing, a process for accepting only a predetermined command for the information processing apparatus, and a predetermined command other than the predetermined command for the information processing apparatus when the terminal approaches the building and establishes communication in a building network And the terminal establishes communication in the building network within a predetermined time period corresponding to the travel time between the building and the predetermined location where the terminal has accessed via the external network. If requested, allow the terminal to establish communication in the building network, and Wherein if the terminal does not require establishment of communication in the building within the network within, and executes a process to disconnect the communication with the terminal and the information processing apparatus via the external network.

  According to the present invention, when dealing with a failure in a data center, it is possible to smoothly and efficiently perform status grasping and service restoration operations by a person in charge in a secure environment.

It is a network block diagram including the failure support system of this embodiment. It is a figure which shows the structural example of the failure response assistance system of this embodiment. It is a figure which shows the structural example of the tablet terminal in this embodiment. It is a figure which shows the structural example of the failure management table of this embodiment. It is a figure which shows the structural example of the access management table of this embodiment. It is a figure which shows the structural example of the access history table of this embodiment. It is a figure which shows the structural example of the user master table of this embodiment. It is a figure which shows the structural example of the authority master table of this embodiment. It is a figure which shows the structural example of the terminal master table of this embodiment. It is a figure which shows the structural example of the remote permission command table of this embodiment. It is a figure which shows the example of a flow of the failure response assistance method in this embodiment.

--- Network configuration ---

Embodiments of the present invention will be described below in detail with reference to the drawings. FIG. 1 is a network configuration diagram including a failure support system 100 according to this embodiment. A failure response support system 100 shown in FIG. 1 is a computer system that makes it easier and more efficient for a person in charge to grasp a situation and restore a service in a secure environment when dealing with a failure in a data center 1.

  The data center 1 to be managed by the failure support system 100 according to the present embodiment is a building in which a large number of server devices are accommodated in each rack in a building that satisfies appropriate specifications such as earthquake resistance. Further, the above-described server device managed in the data center 1 is set and operated as a business system of a company or the like. Hereinafter, this server device is referred to as a business server 2. Further, regarding each business server 2, a monitoring system based on the existing failure detection system 3 is established, and information on the detection result is notified to a predetermined terminal of the system administrator and the failure response support system 100.

  Therefore, in the data center 1, there is a business system 2 of each company, and in addition to electronic access via the network, strict management is also performed regarding the entrance and exit of personnel. Note that the network equipment and security equipment such as entrance / exit gates and various sensors necessary for the management of access are also provided in the data center 1 that are generally provided in the existing data center. .

  The failure support system 100 includes an authentication processing unit 110, an entrance / exit management unit 111, and a gateway management unit 112 as functions or actual information processing apparatuses.

  Among these, the authentication processing unit 110 executes the above-described authentication processing regarding electronic and personnel based on a set of a genuine ID and password held in advance or registered biometric authentication information.

  In addition, the entrance / exit management unit 111 acquires authentication information regarding the person who wants to enter / exit from an appropriate device such as a card reader or a biometric authentication device at each entrance of the data center 1, and uses this information as the authentication processing unit 110 described above. The result of identity authentication is obtained by sending to the terminal, and the processing of unlocking / locking the gates and doors of each entrance and door, and a series of authentication operations and history of entering / exiting persons are performed based on the contents. .

  Further, the gateway management unit 112 accesses the data center 1 from an external network 10 such as the Internet by the user terminal of the data center 1 and accesses the local network 20 such as a wireless LAN in the data center 1. Access.

  More specifically, when a certain terminal accesses the data center 1 via the external network 10, the gateway management unit 112 receives unique information such as a MAC address, a user ID, and a password from the terminal. Receive. Further, the gateway management unit 112 sends this to the authentication processing unit 110 to acquire the authentication result regarding the terminal, and permits / denies access to the business server 2 of the data center 1 according to the result.

  Further, when the above-mentioned terminal approaches the data center 1 and enters a range where communication with the wireless LAN access point 4 constituting the local network 20 is possible and transmits a request for establishment of wireless LAN communication, the gateway management unit 112 receives the unique information such as the MAC address, the user ID, and the password from the terminal via the access point 4. Further, the gateway management unit 112 sends this to the authentication processing unit 110 to acquire an authentication result regarding the terminal, and permits / denies communication establishment according to the result.

As a result of such access management, the gateway management unit 112 determines whether or not to execute a command by a terminal that is permitted to access depending on the distinction between the external network 10 and the local network 20, the authority depending on the type of terminal user, and the like. Perform management.

On the other hand, each business server 2 of the data center 1 described above is dealt with by a predetermined system engineer (hereinafter referred to as a responsible SE). The responsible SE operates the tablet terminal 200, accesses the business server 2 of the data center 1 via the external network 10 or the local network 20, and performs necessary work for grasping the situation and restoring the service.
--- Hardware configuration ---

  FIG. 2 is a diagram illustrating a hardware configuration example of the failure support system 100 according to the present embodiment. The hardware configuration of the failure support system 100 is as follows.

  In other words, the failure support system 100 according to the present embodiment includes a storage device 101 configured with an appropriate nonvolatile storage element such as an SSD (Solid State Drive) or a hard disk drive, a memory 103 configured with a volatile storage element such as a RAM, An arithmetic device 104 such as a CPU, an external network 10 and a private network 20 that perform various determinations, computations, and control processes while performing overall control of the device itself by reading the program 102 held in the device 101 into the memory 103 and executing it. A communication device 105 connected and responsible for communication processing with other devices.

  The storage device 101 stores at least various tables in addition to the program 102 for implementing functions necessary for the failure support system 100 according to this embodiment. These tables are a failure management table 125, an access management table 126, an access history table 127, a user master table 128, an authority master table 129, a terminal master table 130, and a remote permission command table 131. Details of the data structure of each table will be described later.

  The program 102 includes programs corresponding to the above-described authentication processing unit 110, entrance / exit management unit 111, and gateway management unit 112. As already described, the authentication processing unit 110, the entrance / exit management unit 111, and the gateway management unit 112 exist as server measures each having a corresponding function in addition to a form implemented by such a program, A configuration of cooperating with the failure support system 100 via 20 may be assumed.

FIG. 3 is a diagram illustrating a hardware configuration example of the tablet terminal 200 in the present embodiment. The tablet terminal 200 in the present embodiment is an SSD (Solid State).
Drive), a storage device 201 configured with an appropriate nonvolatile storage element such as a hard disk drive, a memory 203 configured with a volatile storage element such as a RAM, and a program 202 held in the storage device 201 is read into the memory 203. An arithmetic device 204 such as a CPU for performing overall control of the device itself and performing various determinations, computations and control processes, an input / output device 205 such as a touch panel for receiving input from the user and outputting the processing results, and the external network 10 And a communication device 206 connected to the local network 20 and responsible for communication processing with other devices, and a GPS unit 207.

The communication device 206 performs communication establishment processing between the network interface card 2061 for accessing the external network 10 such as the Internet and performing communication, and the access point 4 of the wireless LAN configuring the local network 20 to perform wireless communication. A wireless LAN card 2062 to be performed is included.
--- Data structure example ---

  Next, tables used by the failure support system 100 according to this embodiment will be described. FIG. 4 shows a data configuration example of the failure management table 125 in the present embodiment. The failure management table 125 is a table in which information related to the failure of the business server 2 that has been detected by the failure detection system 3 is accumulated. The failure management table 125 is a table configured by obtaining information from the failure detection system 3 by the system administrator or the failure handling support system 100 described above.

  The data structure is a collection of records composed of data such as the occurrence date and time of the failure and the date and time of solution, with a failure ID that uniquely identifies the failure event as a key. Of these, the value of the occurrence date / time is date / time information notified from the failure detection system 3 regarding the failure. The value of the solution date / time is date / time information when the service recovery in the business server 2 is completed regarding the failure, and is a value input by the responsible SE through the tablet terminal 200. Of course, for unresolved failures, the resolution date / time column is blank or a predetermined value such as NULL is set.

  FIG. 5 shows a data configuration example of the access management table 126 in the present embodiment. The access management table 126 is an access to the business server 2 via the external network 10 (hereinafter referred to as remote connection) performed by the responsible SE with the tablet terminal 200 regarding the failure managed in the failure management table 125 described above. And a table in which various kinds of information relating to events in which the SE in charge enters the data center 1 for recovery work and exits after performing necessary work are stored.

  The data structure is a record consisting of data such as center entry date / time, remote connection date / time, remote permission start date / time, remote permission end date / time, failure ID, and center exit date / time using the user ID uniquely identifying the responsible SE as a key. It is an aggregate.

  Among these, the remote permission start date and time and the remote permission end date and time indicate time limit information according to the travel time between the place where the tablet terminal 200 of the responsible SE starts remote connection and the data center 1.

  That is, when the responsible SE moving from the above-mentioned location toward the data center 1 cannot establish the remote connection by establishing communication with the local network 20 by the remote permission end date and time, the remote connection is forcibly terminated. This control is executed by the gateway management unit 112.

  Of the date and time information in the access management table 126, for the center entry date and time and the center exit date and time, the entrance / exit management unit 111 obtains the detection result of the entry / exit event of the responsible SE by the entrance / exit gate and various sensors. , The value stored in the access management table 126.

  Further, regarding the remote connection date / time, the remote permission start date / time, and the remote permission end date / time, the gateway management unit 112 stores information on the corresponding date / time in the access management table 126 along with the remote connection permission control. .

The remote permission start date / time is the remote connection permission date / time. On the other hand, the remote permission end date / time is the current location information (for example, GPS calculated by the GPS unit 207) obtained by the gateway management unit 112 (or the authentication processing unit 110) from the tablet terminal 200 when the tablet terminal 200 permits remote connection. Based on the coordinate value) and the location information of the data center 1 (preliminarily stored in the storage device 101), the distance between the two points is calculated, and this distance is used mainly for the movement of the area The travel time obtained by dividing by the speed of trains, buses, walking, etc.) is added to the above-mentioned remote permission start date and time.

  The travel time described above may be calculated by inputting the current location information of the tablet terminal 200 and the location information of the data center 1 to the existing route search algorithm as the departure point and the destination.

  FIG. 6 shows a data configuration example of the access history table 127 in the present embodiment. The access history table 127 is a table that accumulates the history of accesses to the business server 2 that is the target of failure handling by the above-mentioned tablet terminal 200 of the responsible SE and commands executed at the time of the access.

  The data structure includes the operation date and time for uniquely identifying the access and the user ID of the responsible SE as a key, the connection source that is the access path to the business server 2 by the tablet terminal 200, and the execution command ID that indicates the executed command. , And a record aggregate composed of data such as a result code indicating the execution result of the command. Each value of the access history table 127 is set by the gateway management unit 112.

  FIG. 7 shows a data configuration example of the user master table 128 in the present embodiment. The user master table 128 is a table in which information related to a responsible SE that performs failure handling is accumulated.

  The data structure is a user ID (which is common to the access management table 126 and the access history table 127 described above) that uniquely identifies the responsible SE, as a key, an authority type ID indicating the authority type, a connection authentication key, an email address, Is a collection of records consisting of such data.

  Among these, the authority type indicated by the authority type ID is an authority that is determined according to the position, skill level, etc. of the responsible SE. The greater the authority, the more sophisticated the command that can be executed by the SE in charge of handling a failure, or the greater the influence on the business server 2. This authority type will be described later in the description of the authority master table 129.

  The connection authentication key is a so-called password that forms authentication information of the responsible SE together with the user ID. Therefore, when the responsible SE makes a remote connection using the tablet terminal 200, the user SE is input together with the user ID. The tablet terminal 200 transmits the set of the user ID and the connection authentication key received here to the failure support system 100 as authentication information.

  FIG. 8 shows a data configuration example of the authority master table 129 in the present embodiment. The authority master table 129 is a table that stores information related to the authority type defined for each responsible SE in the user master table 128 described above.

  The data structure is a collection of records composed of data such as an authority description indicating the contents of the authority with the authority type ID as a key.

  FIG. 9 shows a data configuration example of the terminal master table 130 in the present embodiment. The terminal master table 130 is a table in which information regarding each tablet terminal 200 held by the responsible SE is accumulated.

The data structure is based on a terminal ID that uniquely identifies each tablet terminal 200 as a key.
This is a set of records composed of data such as a terminal unique key such as a MAC address and a user ID indicating a responsible SE as a user of the tablet terminal 200. It is assumed that the tablet terminal 200 managed by the terminal master table 130 is distributed in advance to a responsible SE who has been verified in advance.

  FIG. 10 shows a data configuration example of the remote permission command table 131 in the present embodiment. The remote permission command table 131 is a table that stores information related to various commands for the SE in charge to operate the tablet terminal 200 to grasp the status of the business server 2 as a failure response, or to perform service restoration.

The data structure is a set of records composed of data such as corresponding execution commands, command descriptions, and authority IDs with command IDs that uniquely identify each command as keys. Among these, the authority ID indicates the authority type of the SE in charge who executes the command. That is, the ID is the same as that of the user master table 128 and the authority master table 129 described above.
--- Flow example ---

  Hereinafter, actual procedures of the failure handling support method according to the present embodiment will be described with reference to the drawings. Various operations corresponding to the failure handling support method described below are realized by a program that the failure handling support system 100 reads into a memory or the like and executes. And this program is comprised from the code | cord | chord for performing the various operation | movement demonstrated below.

  FIG. 11 is a diagram illustrating a flow example of the failure handling support method according to the present embodiment. Here, it is assumed that the failure detection system 3 detects the occurrence of a failure for a certain business server 2 and the failure record is registered in the failure management table 125. Further, it is assumed that the information regarding the failure is transmitted from the failure support system 100 to the mail address of a predetermined responsible SE, for example.

  The responsible SE who has recognized the occurrence of the failure thus operates his / her tablet terminal 200 and attempts to connect remotely to the business server 2 of the data center 1. At this point, it is assumed that the responsible SE is located at a location separated from the data center 1 by a predetermined distance or more. Further, the responsible SE is assumed to start moving toward the data center 1 based on the information received at the above-described mail address.

  In this case, the responsible SE inputs his / her user ID and connection authentication key at the input / output device 205 of the tablet terminal 200 in addition to the identification information of the business server 2 in which the failure has occurred.

  The tablet terminal 200 sends a remote connection request including the above-described set of user ID and connection authentication key, its own MAC address (terminal unique key), and the current position information of the own device obtained by the GPS unit 207 to the Internet. Or the like to the failure support system 100 via the external network 10. The communication device 206 used for this transmission is a network interface card 2061.

  On the other hand, the failure support system 100 receives the above-described remote connection request (s100), and collates the MAC address of the tablet terminal 200 included in the remote connection request with the terminal master table 130 (s101).

As a result of the above collation, when the record having the value of the corresponding MAC address in the terminal unique key column cannot be specified (s102: n), the failure support system 100 has not registered the tablet terminal 200 and the data center 1 The connection to is identified as impossible, and the flow ends.

  On the other hand, as a result of the above determination, when the record having the value of the corresponding MAC address can be specified in the terminal unique key field (s102: y), the failure support system 100 includes the user ID and the The set of connection authentication keys is collated with the user master table 128, and user authentication is executed (s103).

  As a result of the above-described user authentication, when a record including a combination of a user ID and a connection authentication key can be specified in the user master table 128, that is, when user authentication related to the responsible SE is successful (s104: y), a failure response The support system 100 establishes a VPN connection using the external network 10 and permits remote connection between the tablet terminal 200 and the business server 2 (s105).

  Subsequently, the failure support system 100 generates a record including the failure ID, remote connection date and time, and remote permission start date and time of the failure for which the failure is to be handled with respect to the responsible SE, in accordance with the above-described step s105, and manages this access management. It is registered in the table 126 (s106). At this time, the failure handling support system 100 calculates a moving distance between the current position and the data center 1 based on the current position information of the tablet terminal 200 included in the remote connection request, and moves the moving distance. Calculate travel time for In this case, the failure response support system 100 calculates the remote connection time limit by adding this travel time to the above-described remote permission start date and time, and sets this as the remote permission end date and time in the record.

  Through the processing so far, the above-mentioned responsible SE can remotely connect the tablet terminal 200 carried by the SE to the business server 2 that should handle the failure while moving toward the data center 1. Therefore, the responsible SE first grasps the situation with respect to the business server 2 in order to start a substantial failure response.

  Therefore, the responsible SE inputs a command for the business server 2 at the input / output device 205 of the tablet terminal 200. Here, the command input by the responsible SE is a predetermined service status confirmation command provided by the business server 2.

  The failure handling support system 100 receives the command input from the tablet terminal 200 described above, and collates it with the remote permission command table 131 together with the authority type ID of the responsible SE (s107). The authority type ID of the responsible SE can be searched and specified in the user master table 128 using the user ID of the tablet terminal 200 being remotely connected as a key.

  As a result of the above-described collation, when it is determined that the command received from the tablet terminal 200 is a command not associated with the authority type ID in the remote permission command table 131 (s108: n), the failure response support system 100 notifies the tablet terminal 200 that the command is not permitted during remote connection (s109), and the process returns to s107. At this time, the failure handling support system 100 generates a record regarding the relevant SE (user ID) and execution command, execution date and time (operation date and time), connection source (in this case, remote connection), and execution result. This is stored in the access history table 127.

  On the other hand, when it is determined that the command received from the tablet terminal 200 is a command associated with the authority type ID in the remote permission command table 131 as a result of the above-described collation (s108: y), the troubleshooting support The system 100 recognizes that the command can be executed, and inputs the command to the business server 2 (s110).

  The result of response from the business server 2 to the command input in this way is returned from the business server 2 to the tablet terminal 200. The responsible SE browses this result with the input / output device 205 of the tablet terminal 200 and grasps the situation regarding the failure that has occurred in the business server 2.

  As described above, in the remote connection environment, it is possible to execute only limited commands that do not affect the target system, such as commands related to reference (reading authority) to the business server 2. Of course, commands (including partial write operations) registered in advance can be executed even in a remote connection environment.

  Therefore, even when the responsible SE is moving toward the data center 1, it is possible to check the contents of various messages related to failures and the status of the business server 2, and to realize an accurate situation grasp and quick service restoration. .

  Thereafter, the failure handling support system 100 refers to the remote permission end date / time in the access management table 126 for the failure of the responsible SE, and determines whether the current date / time has passed the remote permission end date / time (s111). This determination process is repeatedly executed at regular time intervals.

  As a result of the above determination, when it is found that the remote permission end date has passed, that is, the remote connection has expired (s112: n) regarding the response to the failure by the responsible SE, the failure response support system 100 The remote connection from the tablet terminal 200 of the responsible SE is disconnected (s113), and the flow ends.

  On the other hand, as a result of the determination described above, when it is determined that the remote permission end date / time has not passed, that is, within the remote connection time limit regarding the response to the failure by the responsible SE (s112: y), the process is performed in s114. Transition to.

  Here, it is assumed that the above-mentioned responsible SE arrives at the data center 1 within the remote connection time limit, and the entrance authentication process by the entrance / exit management unit 111 of the failure support system 100 is started (s114: y). In this case, the entrance / exit management unit 111 of the failure support system 100 executes a predetermined entrance authentication process for the assigned SE (s115). This room authentication mechanism is an existing one provided in the data center 1.

  If the above-described room authentication process fails (s115: n), the entrance / exit management unit 111 of the failure support system 100 does not unlock the gates and doors of the data center 1 and ends the flow.

  On the other hand, when the above-described room authentication process is successful (s115: y), the entrance / exit management unit 111 of the failure support system 100 executes the unlocking of the gates and doors of the data center 1 (s116). At this time, the failure handling support system 100 stores the current date / time value in the center entry date / time column of the access management table 126 for the assigned SE.

  The responsible SE enters the data center 1 after receiving the above-described unlocking. This situation means that the wireless LAN card 2062 of the tablet terminal 200 of the responsible SE has entered the communication range with the access point 4 of the data center 1. Therefore, the tablet terminal 200 of the responsible SE starts a communication establishment procedure with the access point 4 of the data center 1 using the wireless LAN card 2062. This communication establishment procedure is in accordance with a protocol in a general wireless LAN.

  Also in this communication establishment procedure, the authentication process similar to the above steps s100 to s103 is executed between the failure support system 100 and the tablet terminal 200. The failure support system 100 establishes communication between the tablet terminal 200 and the access point 4 through this authentication, and permits the tablet terminal 200 to access the business server 2 via the local network 20 (s117). That is, when the responsible SE enters the data center 1, the connection between the tablet terminal 200 and the business server 2 is switched from the remote connection via the external network 10 to the connection via the local network 20 in the data center 1. That is, the tablet terminal 200 is positioned similarly to the terminal in the data center 1.

  The above-mentioned responsible SE operates the tablet terminal 200 connected to the local network 20 and executes a predetermined command such as service restart for the business server 2.

  On the other hand, the failure support system 100 receives the command input from the tablet terminal 200 described above, and collates it with the authority type ID of the responsible SE in the remote permission command table 131 (s118).

  As a result of the above collation, when it is determined that the command received from the tablet terminal 200 is a command not associated with the authority type ID in the remote permission command table 131 (s119: n), the failure response support system 100 notifies the tablet terminal 200 that the command is not permitted to the responsible SE (s120), and the process returns to s118. At this time, the failure handling support system 100 generates a record for the responsible SE (user ID) and execution command, execution date and time (operation date and time), connection source (in this case, in the center), and execution result. This is stored in the access history table 127.

  On the other hand, when it is determined that the command received from the tablet terminal 200 is a command associated with the authority type ID in the remote permission command table 131 as a result of the above-described collation (s119: y), troubleshooting support The system 100 recognizes that the command can be executed, and inputs the command to the business server 2 (s121).

  The result of response from the business server 2 to the command input in this way is returned from the business server 2 to the tablet terminal 200. The responsible SE browses this result with the input / output device 205 of the tablet terminal 200, and executes reboot or the like on the business server 2.

  Thereafter, the SE in charge who has finished the predetermined failure will leave the data center 1. The failure response support system 100 that has detected this event by the entry / exit management unit 111 stores the value of the date and time when the exit was detected in the center exit date and time column of the fault record of the relevant SE in the access management table 126. (S122), the flow ends.

  Although the best mode for carrying out the present invention has been specifically described above, the present invention is not limited to this, and various modifications can be made without departing from the scope of the invention.

  According to the present embodiment, when a failure is handled in the data center, it is possible to smoothly and efficiently perform the operation of grasping the situation and restoring the service by the person in charge in a secure environment.

More specifically, while the SE in charge of failure handling is moving to the data center, using a tablet etc. that ensures authenticity, confirming the contents of the detection message output from the failure detection system, It becomes possible to check and grasp the status of the server where the failure occurred. In addition, when the mobile phone arrives at the data center after the movement, it can smoothly access the network in the data center, and more efficiently understand the situation and restore the actual service.

  As a result, the time from failure occurrence to service restoration can be shortened compared to the conventional case, and the service operating rate of the server can be improved. In addition, the contents of failure handling by the responsible SE and the like are accumulated in an appropriate database, and can be utilized as subsequent auditing materials and incident handling know-how.

  At least the following will be clarified by the description of the present specification. That is, in the failure response support system of the present embodiment, the computing device is within a predetermined time limit corresponding to the travel time between the building and the building where the terminal has accessed via the external network, When the terminal requests establishment of communication in the building network, the terminal may further execute processing for permitting establishment of communication in the building network by the terminal.

  According to this, in addition to command control according to the level of security in the network, it is possible to limit the state in which access by the terminal can be accepted indefinitely, and to manage failure handling in a more secure environment Become. As a result, when dealing with faults in the data center, it is possible for the person in charge to grasp the situation and restore the service smoothly and efficiently in a more secure environment.

  In the failure response support system according to the present embodiment, the arithmetic device further executes a process of storing in a storage device a log including at least information on each process and information on the terminal related to each process. It is good also as.

  According to this, it is possible to accurately record the failure handling history by the responsible SE or the like and use it at a later audit. Such recorded information can be useful reference information for troubleshooting in the future data center, and the situation of the person in charge and the operation of service restoration should be made smoother and more efficient in a secure environment. it can.

  In the failure handling support method according to the present embodiment, the information processing system is configured so that the terminal is within a predetermined time limit corresponding to a travel time between the building and the building where the terminal has accessed via the external network. When a terminal requests communication establishment in the indoor network, a process of permitting communication establishment in the indoor network by the terminal may be further executed.

  In the failure handling support method according to the present embodiment, the information processing system further executes a process of storing, in a storage device, a log including at least information on each process and information on the terminal related to each process. It is good also as.

DESCRIPTION OF SYMBOLS 1 Data center 2 Business server 3 Failure detection system 4 Access point 10 External network 20 Local network 100 Failure response support system 101 Storage device 102 Program 103 Memory 104 Arithmetic device 105 Communication device 110 Authentication processing unit 111 Entrance / exit management unit 112 Gateway management unit 125 Failure management table 126 Access management table 127 Access history table 128 User master table 129 Authority master table 130 Terminal master table 131 Remote permission command table 200 Tablet terminal (terminal)
201 Storage Device 202 Program 203 Memory 204 Arithmetic Device 205 Input / Output Device 206 Communication Device 2061 Network Interface Card 2062 Wireless LAN Card 207 GPS Unit

Claims (4)

A communication device for communicating with an external device via a network;
When an information processing device in a predetermined building is accessed via an external network by a predetermined terminal, processing for accepting only a predetermined command for the information processing device and communication in the building network is established when the terminal approaches the building In this case, depending on the process of accepting other predetermined commands other than the predetermined command for the information processing apparatus, and the travel time between the predetermined location where the terminal has accessed via the external network and the building If the terminal requests establishment of communication in the indoor network within a predetermined time limit, the terminal permits communication establishment in the indoor network by the terminal, and the terminal is connected to the building within the predetermined time limit. If communication establishment on the network is not requested, the terminal and the information via the external network An arithmetic unit for executing a process of disconnecting the communication with the processing device,
A failure response support system characterized by including: The arithmetic unit is:
Further executing a process of storing in a storage device a log including at least information on each process and information on the terminal related to each process;
The failure handling support system according to claim 1. An information processing system including a communication device that performs communication with an external device via a network is provided.
A process of accepting only a predetermined command for the information processing apparatus when accessing the information processing apparatus in the predetermined building via an external network by a predetermined terminal;
When the terminal approaches the building and establishes communication in a building network, a process of accepting a predetermined command other than the predetermined command for the information processing device;
When the terminal requests communication establishment in the building network within a predetermined time limit corresponding to the travel time between the building and the building where the terminal has accessed via the external network. And allowing the terminal to establish communication in the indoor network, and the terminal and the information processing apparatus via the external network when the terminal does not request communication establishment in the indoor network within the predetermined time limit. A process of disconnecting communication with
A failure response support method characterized in that The information processing system is
Further executing a process of storing, in a storage device, a log including at least information on each process and information on the terminal related to each process;
The failure handling support method according to claim 3 .

Images