TW201404072A - Remote management method and remote management device thereof - Google Patents

Abstract

A remote management device, coupled through its network interface to a console computer and through its serial interface to a target device such that the terminal computer can control the target device through the remote management device, comprises a first physical layer, a second physical layer, and an application layer. The first physical layer receives a first command from the console computer or sends a second command to the console computer according to a first communication protocol. The second physical layer sends a third command to the target device or receives a fourth command from the target device according to a second communication protocol. The application layer transforms the first command into the third command through the second physical layer, or transforms the fourth command into the second command through the first physical layer. The application layer further parses the fourth command to determine whether the fourth command is a to-be-filtered command. If the fourth command matches with the to-be-filtered command, an enter command from the console computer will be blocked such that the target device does not respond to the to-be-filtered command.

Description

Remote management method and remote management device using the same

The present invention relates to a remote management method and a remote management device using the same; in particular, the present invention relates to a remote management method for a filterable instruction and a remote management device applying the same.

In general, the concept or architecture of a network can be represented by a variety of models as shown in Figure 1, such as an OSI model, a DoD model, or a TCP/IP protocol combination. Taking the DoD model as an example, it is a four-layer architecture, including an "application layer", a "transport layer", a "network layer" and a "link layer". Although the OSI model, the DoD model, or the TCP/IP protocol combination differs in the functions defined for individual classes, the correspondence between them can be seen. For example, the "application layer" of the DoD model corresponds to three layers of the "conference layer", "presentation layer" and "application layer" of the OSI model; the "connection layer" of the DoD model corresponds to the "chain layer" of the OSI model. And the "physical layer". In addition, the "link layer" of the DoD model corresponds to the LLC layer, MAC layer and entity connection of the TCP/IP protocol combination.

The remote management device with the network interface enables a central control computer to manage and control a controlled device via the network, and also enables the controlled device to interact with the central control computer, so that the computer room or the industrial control device The administrator can control the server, network device or industrial control device from a remote location even in remote locations. Unlike personal computers (PCs) or servers (Servers), most network devices or industrial control devices do not have the ability to output images, so that managers in front of the central computer can only use plain text. Interface and serial interface Face interaction with it. Managers must place commands on these devices by entering multiple characters, and then interact with these devices through the reaction (plain text interface) generated by the screen of the central computer.

Since the remote management device allows a central control computer to manage and control a controlled device via the network, the number of users of the controlled device is not limited to one person. In order to prevent the inconvenience of the operation behavior of a certain user from other users, the remote management device has the necessity of dividing the authority for different users and managing or restricting according to the user rights.

An object of the present invention is to provide a remote management method and a remote management device using the same, which has a reflective or transmissive Command Filter function to block the execution of certain instructions, thereby providing rights management. The function.

Another object of the present invention is to provide a remote management method and a remote management device using the same, which can provide an interface conversion service for signal transmission between different devices.

The present invention provides a remote management method for a central control computer, a remote management device, and a controlled device. One end of the remote management device is coupled to a central control computer via a network. The other end of the management device is further coupled to the controlled device, so that the central control computer can control the controlled device via the remote management device, and the method includes at least the following steps:

Setting a to-be-filtered command to the remote management device; inputting one or more characters on the central control computer; converting the one or more characters into one or more network packets by the central control computer The network is transmitted to the remote management device. Which setting The user of the command to be filtered may be different or the same as the user who inputs the characters, and may also be set and input by different central control computers, for example, the setting of the to-be-filtered command by a central control computer. Then one or more characters are entered by another central control computer.

At the remote management device side, the one or more network packets are converted into Readable instructions of the controlled device.

At the controlled device end, a terminal control command is generated according to the readable command of the controlled device end; and the terminal control command is transmitted to the central control computer via the remote management device.

At the remote management device end, the terminal control command is temporarily stored, and after receiving a line feed instruction from the central control computer, determining the one or more characters according to the temporarily stored terminal control command Whether it is the to-be-filtered instruction; if yes, intercepting the line-feeding instruction at the remote management device end, so that the controlled device cannot receive the line-feeding instruction. If the controlled device does not receive the line feed command, it will not react to the to-be-filtered command, so the user who issues the command to be filtered will feel that the command issued is blocked by the remote management device. .

The present invention provides a remote management device, such that a central control computer can interact with a controlled device via the remote management device, and the remote management device includes at least: a first physical layer corresponding to the central control computer And receiving a first instruction from the central control computer according to a first communication protocol, or transmitting a second instruction to the central control computer according to the first communication protocol, and the first communication protocol at least includes an Ethernet protocol a second physical layer corresponding to the controlled device, and transmitting a third command to the controlled device according to a second communication protocol to control the controlled device, or from the controlled device according to the second communication protocol Receiving a fourth instruction; a layer corresponding to the first physical layer and the second physical layer, and the application layer causes the second entity to generate the third instruction according to the first instruction, or corresponding to the fourth instruction The first entity layer generates the second instruction according to a third communication protocol, to control the central control computer to generate a response, wherein the application layer further parses the fourth instruction, and determines whether the fourth instruction is a to-be-filtered instruction. The fourth instruction is a to-be-filtered instruction, and the application layer intercepts one of the triggering instructions issued by the central control computer, so that the controlled device cannot receive the triggering instruction, wherein the first communication protocol includes at least B Too network protocol.

The present invention provides a remote management method and a remote management device using the same. Referring to FIG. 2A, the present invention discloses a remote management device 10 such that a central control computer 50 can manage one or more remote management devices 10 and further control the controlled device 70 via the remote management device 10. . The remote management device 10 of the present invention includes various operation modes, such as a console management mode, a TCP server mode, a TCP client mode, and a real communication mode (Real COM). Port), and in the console management mode, the remote management device 10 of the present invention has a Command Filter function. In addition, the remote management device 10 of the present invention acts as an interface conversion device between the central control computer 50 and the controlled device 70, so that the central control computer 50 can communicate with the controlled devices 70 of different interfaces. For example, the central control computer 50 can communicate with the serial interface of the controlled device 70 indirectly through its network interface.

As shown in FIG. 2A, the remote management device 10 of the present invention has a first end 10A and a second end 10B. The first end 10A and the second end 10B can be located on the same side or on different sides of the housing of the distal management device 10. In terms of function, the first end 10A is a network interface and the second end 10B is a serial interface. The first end 10A can be coupled to a central control computer 50 via a network, and the second end 10B can be coupled to one or more controlled devices 70, so that the central control computer 50 can manage the remote management device 10. And the controlled device 70 is further controlled via the remote management device 10. When coupled to a plurality of controlled devices 70, the remote management device 10 of the present invention enables the central control computer 50 to selectively switch between different controlled devices 70.

The controlled device 70 is coupled to the second end 10B of the remote management device 10 of the present invention via its serial interface. Serial interface refers to the interface of DB9 connector, DB25 connector or other compatible connector as the physical connection medium, and the communication protocol is adopted by RS-232, RS-422 or RS-485 standards. Therefore, in general, the central control computer 50 can only interact with the controlled device 70 through a textual interface. The controlled device 70 can be a server, a modem, a hub, a router, a printer, a bar code reader, or a power management device. . In addition, RS-232, RS-422 or RS-485 can also be called EIA-232, EIA-422 or EIA-485.

The central control computer 50 has a screen 51 and a keyboard 52, or other Input/output device. The central control computer 50 further runs a remote login program, such as Telnet or SSH, so that the remote management device 10 can regard the central control computer 50 as a terminal. The remote login program can be provided by the manufacturer of the remote management device 10 for use with the remote management device 10; or by other vendors than the manufacturer of the remote management device 10.

Still referring to FIG. 2A, in appearance, the first end 10A of the remote management device 10 of the present invention has at least one network port for connecting to a local area network or an internet. The second end 10B of the remote management device 10 of the present invention has one or more device ports for coupling one or more controlled devices 70. There is a cable 20 between each device connection port and each controlled device 70. The first end of the cable 20 has an RJ-45 connector, a DB9 connector or a DB25 connector, and the cable The second end of the wire 20 can also have an RJ-45 connector, a DB9 connector or a DB25 connector. In other words, both ends of the cable may be RJ-45 connectors; or both ends of the cable may be DB9 connectors; or the first end of the cable is an RJ-45 connector The second end is a DB9 connector, and those skilled in the art can push a variety of different combinations thereof. This cable can be, for example, SA0141, SA0142, SA0143 or SA0144 provided by Taiwan Acer Automation Technology Co., Ltd. The first end of the cable 20 is used to connect the device connection port of the remote management device 10; the second end of the cable 20 is used to connect the serial interface of the controlled device 70.

Please refer to the second B diagram. For the sake of explanation, this figure only shows one charged. The device 70, but in practice, the number of controlled devices 70 to which the remote management device 10 of the present invention can be connected is not limited to one. The remote management device 10 of the present invention includes at least a first physical layer (Physical Layer) 100, a second physical layer 200, and an application layer (Application Layer) 300. The first physical layer 100 corresponds to the central control computer 50, and receives a first instruction 410 from the central control computer 50 via the network according to a first communication protocol, or via the network according to the first communication protocol. A second command 420 is transmitted to the central control computer 50. In general, the items specified by the physical layer have the material properties of the cable, the signal transmission power, how the logic zero and the logic are defined, the number of pins of the connector, the function of each pin, and the code on the transmission line. / decoding and other matters.

In addition, the first instruction 410 is converted by one or more characters input by the user of the central control computer 50 by tapping the button of the keyboard 52; or, the first instruction 410 is The input/output device of the central control computer 50 is selected from one of the options of the preset menu; or any other suitable manner. The operating system of the central control computer 50 coordinates the aforementioned remote login program and the network card of the central control computer 50 to convert the one or more characters or the options of the preset menu into the first instruction 410. On the other hand, after receiving the second command 420 according to the first communication protocol, the network card of the central control computer 50 will generate an appropriate response via the operating system and the remote login program control screen 51. For example, after one of the central control computer 50 taps the d key, the i key, and the r key on the keyboard 52, the screen 51 displays the three words dir sequentially after the command prompt (Prompt). yuan. The core of this first instruction 410 is a company The string is based on the code consisting of the American Standard Code for Information Interchange (ASCII; American Standard Code for Information Interchange).

The ASCII code can be roughly divided into three parts. The first part consists of 32 from 00H to 1FH. It is generally used for communication or control. Some characters can be displayed on the screen, and some can not be displayed on the screen, but can see the effect (such as line break characters, homing Character). The second part is 96 from 20H to 7FH. These 96 characters are used to represent Arabic numerals, English letters, upper and lower lines, brackets and other symbols, which can be displayed on the screen. The third part consists of 80 characters from 80H to 0FFH. It is generally called "extended character". These 128 extended characters are developed by IBM and are not standard ASCII codes. These characters are used to represent lines, phonetic symbols, and other European non-English language letters.

On the other hand, when a user wants to actually operate the controlled device 70 via the remote login program in front of the central control computer 50, if the user wants to input a dir command to view the directory of the controlled device 70, it must be sequentially Tap the d key, i key, and r key on the keyboard 52 to enter the three characters dir at the command prompt. At the same time, after receiving the three characters, the controlled device 70 correspondingly controls the central control computer 50 by the remote login program, so that the screen 51 of the central control computer 50 can display the three characters of dir. . The user of the central control computer 50 can interact with the controlled device 70. However, after the three characters of dir are input, the user still has to input a trigger command, such as a line command (Enter Command). Otherwise, in addition to issuing the terminal control command, the screen 51 displays the words dir after the command prompt. Outside the yuan, this controlled device 70 itself will not Other reactions continue to occur, i.e., the user is still unable to see the directory of the controlled device 70 on the screen 51. Therefore, the line feed instruction is actually a trigger instruction that can trigger the controlled device 70 to execute a complete instruction composed of a plurality of characters. The ASCII code (hexadecimal) corresponding to this line feed instruction is 0AH, 0DH or 0AH plus 0DH. In general, 0AH stands for Line Feed (LF); 0DH stands for the cursor to the far left (Carriage Return; CR).

In addition, the second physical layer 200 corresponds to the controlled device 70, and transmits a third command 430 to the controlled device 70 according to a second communication protocol, or from the controlled device 70 according to the second communication protocol. A fourth instruction 440 is received. The second communication protocol may be the same or different from the first communication protocol. The fourth instruction 440 corresponds to the second instruction 420, and the third instruction 430 corresponds to the first instruction 410. That is, the application layer 300 corresponds to the first physical layer 100 and the second physical layer 200 for performing instruction conversion between the first physical layer 100 and the second physical layer 200. .

Please refer to FIG. 2B and FIG. 3A simultaneously. The application layer 300 causes the first instruction 410 to be converted into the third instruction 430; or the fourth instruction 440 is converted into the second instruction 420. In more detail, the application layer 300 may cause the second entity 200 to generate the third instruction 430 according to the first instruction 410, or corresponding to the fourth instruction 440 to further enable the first physical layer 100 according to the first instruction 410. The third communication protocol generates the second instruction 420, and then sends the second instruction 420 to the central control computer 50 according to the first communication protocol to control the screen 52 of the central control computer 50 or control other parts to generate a response. For example, make the screen 51 The characters previously input by the keyboard 52 are shown. For the application layer 300, the first instruction 410 has the same meaning as the third instruction 430, except that the first instruction 410 and the third instruction 430 are received or transmitted by different physical layers. In other words, the first instruction 410 and the third instruction 430 are represented by different electrical characteristics; or are carried by different transmission media. Similarly, the fourth instruction 440 has the same meaning as the second instruction 420 for the application layer 300.

In a preferred embodiment, the remote management device 10 is coupled to at least two controlled devices 70. For example, if the remote management device 10 is coupled to two controlled devices 70, such as a first controlled device and a second controlled device, the central control computer 50 transmits the first command 410 to the remote management device. At 10 o'clock, in the embodiment, the first instruction 410 further includes a destination number, so that the application layer 300 can route the third instruction 430 to the first controlled device or the second controlled device according to the destination number. In other words, the central control computer 50 can switch and control a plurality of controlled devices 70 via the remote management device 10. The purpose of the object number is also such that the application layer 300 can identify the application selected by the user of the central control computer 50 when the first instruction 410 is issued.

In a preferred embodiment, the first communication protocol may be an Ethernet protocol or any other suitable local area network protocol, and the second communication protocol may be RS-232, RS-422 or Protocols such as RS-485. The third communication protocol can be a TCP/IP protocol suite (Protocol Suite). In this way, even if the distance between the central control computer 50 and the controlled device 70 is much larger than The range of protocols such as RS-232/RS-422/RS-485 can be transmitted; even if the central control computer 50 does not have the serial interface of the controlled device 70; even if the controlled device 70 does not have a network interface, the central control computer 50 can still communicate with the controlled device 70 via the remote management device 10 of the present invention to achieve the aforementioned remote management purposes.

Still referring to the second B diagram, the application layer 300 and the first physical layer 100 further have a link layer 110, a network layer 120, and a transport layer 130. Similarly, the central control computer 50 also has a corresponding physical layer, a link layer, a network layer, a transport layer, and an application layer (none of which are shown). The transport layer 130 of the remote management device 10 is between the application layer 300 and the network layer 120, that is, the transport layer 130 is the lower layer of the application layer 300, and the transport layer 130 is the upper layer of the network layer 120. . The transport layer 130 communicates with the transport layer of the central control computer 50 according to a standard TCP (Transmission Control Protocol) protocol or a UDP (User Datagram Protocol) protocol. Generally speaking, the physical layer and the link layer of the central control computer 50 are implemented by the network card; the network layer, the transport layer and the application layer of the central control computer 50 are implemented by the operating system and the application program.

According to the TCP/IP protocol suite (Protocol Suite), if the TCP protocol is performed, the transport layer of the transport layer and the receiver end of the logical end is logically exchanged by TCP "Segment" for the TCP protocol. Related communication, but in fact, the two transport layers must still pass through their respective network layer, link layer and physical layer to truly exchange TCP data segments. Further, if far When the end management device 10 is the transmitting end and the central control computer 50 is the receiving end, the network layer 120 of the remote management device 10 repackages the TCP data segment sent from the transport layer 130 into an IP packet, and then sends it. Give the lower layer of the link layer 110. The link layer 110 repackages the IP packet into a "frame" and sends it to the transmission medium by the first entity layer 100 in a bit string. The receiving end side will disassemble the data frame, the packet and the data segment layer by layer. Finally, the transmitting layer of the receiving end can receive the TCP data segment sent by the transmitting layer of the transmitting end. That is to say, each layer will use the data from the upper layer as Payload and package it into another data. Similarly, logically, the network layer of the transmitting end and the network layer of the receiving end perform IP protocol related communication by IP packet exchange; the link layer of the transmitting end and the receiving end are linked. The layer communicates with the link layer protocol through the exchange of the "frame". The aforementioned OSI model refers to the above-mentioned "Segment", IP packet (Packet), and "Frame" as "Protocol Data Unit".

In general, a TCP data segment includes a Source Port, a Destination Port, a Sequence Number, an Acknowledge Number, a Header Length, and a Reserved (Reserved). ), Special Purposes (Flags), Window Size, Checksum, Urgent Pointer, Options and Padding, and Data.

For the sake of explanation, the part other than the Data field can be regarded as a TCP table. Header (TCP Header), when the central control computer 50 is the transmitting end and the remote management device 10 is the receiving end, the transport layer 130 of the remote management device 10 can be based on the destination port number field in the TCP header. The data (Data) in the TCP segment is taken out and sent to an application of the application layer 300. On the other hand, when the remote management device 10 is the transmitting end and the central control computer 50 is the receiving end, the transport layer 130 of the remote management device 10 cuts and encapsulates the data transmitted by the application layer 300 to form the above-mentioned field. TCP data segment (Segment). In order to provide a reliable service (Reliable Service), the transport layer 130 adds the sequence number of the sent data segments one by one, so that the receiving end can correctly re-send the data segments received successively. Synthesize the original data. In addition, the transport layer 130 also corrects transmission errors such as repeated transmission and loss of data segments through Flow Control. The so-called flow control means that TCP can adjust the data transmission speed as needed, mainly relying on the flow control. Adjust the size of the sliding window.

In a preferred embodiment of the present invention, the remote management device 10 has forty-eight device ports, and the interface of each device is an RJ-45 female connector, so the remote management device 10 of the present invention has the most Forty-eight controlled devices 70 can be connected. In order to realize the function of selecting between a plurality of applications and switching between a plurality of different controlled devices 70, that is, the user of the central control computer 50 can select between a plurality of different controlled devices 70, When the transport layer 130 of the remote management device 10 receives the TCP data segment from the central control computer 50, or sends the TCP data segment to the central control computer 50, the application layer 300 must be added. The identification tag, such as the destination/source number, allows the application layer 300 to arrange the appropriate path or appropriate application for the TCP data segment based on these destination/source numbers. The default values for the destination/source 各个 number of each application are shown in the table below.

Taking the Telnet server program as an example, 50XX indicates that the data is destined for the Telnet server program in the application layer 300; 5001 indicates that the data is remotely converted by the second entity layer 200 according to the second communication protocol. The first device port of the management device 10 is a destination; 5048 indicates that the data is connected to the forty-eight device device of the remote management device 10 after being converted by the second entity layer 200 according to the second communication protocol. Ground. It is worth noting that the above port number can be changed according to the needs of the user. The functions of each of the above applications will be detailed later.

The network layer 120 of the remote management device 10 is based on the standard IP protocol (Internet Protocol; Internet Protocol), ARP protocol (Address Resolution Protocol; Address Resolution Protocol, ICMP Protocol (Internet Control Message Protocol) or OSPF (Open Shortest Path First Protocol) and the network layer of the central computer 50 Communicate. As mentioned above, logically, the network layer of the transmitting end and the network layer of the receiving end perform IP protocol related communication by using IP packet exchange.

On the other hand, the network layer 120 is interposed between the transport layer 130 and the link layer 110. As the receiving end, the network layer 120 is mainly used to process the data segment provided by the lower layer link layer 110; or as the data transfer end, the data segment to be transmitted downward by the upper layer transport layer 130 ( Segment) is repackaged into a Datagram. For example, when the remote management device 10 is acting as a transmitting end, the network layer 120 will transmit the data segment (Segment) transmitted by the upper layer transport layer 130 according to the IP address of the destination (for example, the central control computer 50). Further encapsulated into a datagram. Moreover, when the remote management device 10 is used as the transmitting end, the network layer 120 cuts the data extracted from the data segment according to the Maximum Transmission Unit (MTU) of the lower layer (link layer). Form multiple datagrams (Datagrams).

In addition, the datagram transmitted by the network layer 120 to the link layer 110 includes, in addition to the data field, a version, an Internet Header Length (IHL), a service type (Type of Service), Total Length, Identification, Flag Cutting, Fragment Offset, Time to Live, Agreement Multiple fields such as Protocol Number, Header Checksum, Source Address, Destination Address, and Options and Padding. The aforementioned data segment corresponds to the data field.

In a preferred embodiment, the application layer 300, the transport layer 130, and the network layer 120 are logical units such as a central processing unit or a controller of the remote management device 10, and software or firmware thereon (Firmware). ) Commonly implemented, such as operating systems or related applications. However, other equivalent embodiments can be readily conceived by those of ordinary skill in the art.

The link layer 110 is interposed between the network layer 120 and the first physical layer 100. The link layer 110 of the present invention can be subdivided into a MAC (Media Access Control) sublayer and an LLC (Logical Link Control) sublayer, as described in terms of a TCP/IP protocol combination model.

When the remote management device 10 is used as the transmitting end, the link layer 110 is used to further repackage the datagram transmitted by the network layer 120 according to the MAC address of the receiving end (for example, the central control computer 50). Frame. When the remote management device 10 is acting as the receiving end, the link layer 110 analyzes certain fields of the data frame transmitted by the first physical layer 100 to confirm the MAC address of the remote management device 10 and the data frame. Whether the MAC address of the destination matches. If the MAC addresses match, the link layer 110 will further depend on the data frame. The Type field of the agreement takes out the data (Data) in the data frame and uploads it to the network layer 120. If the MAC addresses do not match, the link layer 110 will discard the data frame. In addition, the link layer 110 also checks the length and CRC value in the data frame. If the length of the data frame is less than 64 bytes or the length of the data frame is greater than 1518 bytes, the link layer 110 discards the data frame (no longer processing). If it is known through the judgment of the CRC value that the data frame has been damaged, the link layer 110 will also discard the data frame (no longer processed). In a preferred embodiment, the link layer 110 and the first physical layer 100 are primarily implemented by a network controller of the remote management device 10.

Still referring to FIG. 2B, the application layer 300 of the present invention further includes a Telnet server program (Telnet Server) 310, an SSH server program (SSH Server) 320, a terminal program analysis program (Terminal Analyzer) 330, and a TCP routing program. Applications such as (TCP Router) 340, UDP Router (350 Router) 350, Modbus Gateway Program (Modbus Gateway) 360, and other applications 370 are described below.

The Telnet server program 310 is used to provide a Telnet connection service to the central control computer 50. The SSH server program 320 is used to provide an SSH connection service to the central control computer 50, and SSH is an abbreviation of Secure Shell protocol. In a preferred embodiment, the destination port number used by the Telnet server program 310 is 50XX; the destination port number used by the SSH server program 310 is 51XX. The Telnet server program 310 or the SSH server program 320 is transparent. The Inter-Process Communication (IPC) method communicates with the terminal command analysis program 330.

The terminal command analysis program 330 is used to analyze the commands sent from the central control computer 50. Via its analysis, if the destination of this command is the remote control device 10 itself, the remote control device 10 will react to it. In more detail, the administrator of the central control computer 50 can perform configuration on the remote control device 10, for example, changing the network IP address of the remote control device 10, and changing one of the remote control devices 10. The RS-232 rate of a device is connected to the device, and the application corresponding to a device connection is changed. If the destination of the instruction is a controlled device 70, the terminal command analysis program 330 of the remote control device 10 will pass the command to the second entity layer 200, and then the second entity layer 200 according to the second communication protocol. Forwarding to the device port corresponding to the controlled device 70, the controlled device 70 can react to the command issued by the central control computer 50.

The TCP routing program 340 or the UDP routing program 350 arranges the subsequent path of the data segment transmitted by the transport layer 130 in the aforementioned TCP Mode mode or UDP mode. In the present invention, because the controlled device 70 coupled to the remote management device 10 may be plural, the TCP routing program 340 or the UDP routing program 350 of the application layer 300 is required to be based on the destination port number. The data segment from the transport layer 130 is routed to the appropriate controlled device 70. For example, when the destination number is marked as 5301, the data from the data segment of the transport layer 130 is sent to the TCP path. Transferred by the program 340 or the UDP routing program 350 to the second physical layer 200 corresponding to the first device connection, and then the second physical layer 200 converts the data of the data segment into an appropriate signal according to the second communication protocol. It is then transmitted to the controlled device 70. For example, when the destination number is marked as 5302, the data from the data segment of the transport layer 130 is forwarded to the second physical layer 200 corresponding to the second device interface, and the rest can be deduced by analogy.

In this application, the controlled device 70 may be a printer coupled to the remote management device 10 in a serial interface. Therefore, the application layer 300 does not parse the data (Payload) of the data segment transmitted from the transport layer 130. The application layer 300 is only numbered according to the purpose of the header by the TCP routing program 340 or the UDP routing program 350. (Destination Port Number) The data segment is routed to the controlled device 70 corresponding to a certain device connection specified by the central control computer 50. In this way, the central control computer 50 can select to print on a plurality of different remote controlled devices 70 by the remote management device 10 of the present invention. In addition, the controlled device 70 can also be a Barcode Reader or an Automatic Teller Machine (ATM).

The other application 370 can further include a web server (Web Server), a real communication port (Real Com Port) program, and a virtual modem (Virtual Modem) program. The web server program (Web Server) enables the web browser on the central control computer 50 to consider that the remote management device 10 is a web server, and the central control computer 50 is based on the HTTP or HTTPS protocol. When communicating with the application layer 300 of the remote management device 10, for example, when the central control computer 50 is configured to face the remote management device 10 by a web browser, the web server program is used. To handle and respond to the needs of this web browser.

In addition, the real communication program and the driver of the central control computer 50 cooperate with each other, so that the user of the central control computer 50 feels that it is directly connected with the central computer 50 entity connection when operating the controlled device 70. Equipment is general. The virtual data program causes the controlled device 70 to treat the remote management device 10 as a modem and communicate with it via a standard modem communication, such as an AT Command Set. When the virtual data machine program is used, the remote management device 10 converts the data of the data from the controlled device 70 into a network packet for transmission to the central control computer 50 via the network.

Please refer to FIG. 2B and FIG. 3A simultaneously. In order to implement a command filtering function on the remote management device 10, the application layer 300 of the present invention will temporarily suspend the fourth instruction 440 after receiving the fourth command 440. And so as to further determine whether the fourth instruction 440 is a to-be-filtered instruction. If the central control computer 50 issues an enter command 450 (Enter Command) 450, the remote management device 10 is triggered to determine, and if the fourth command 440 is determined to be a pending filter command, the application layer 300 The line feed instruction 450 is intercepted, so that the controlled device 70 cannot receive the line feed instruction 450, so that the controlled device 70 does not The first instruction 410 that has been received previously produces a final response. In a preferred embodiment, the to-be-filtered instructions may include Reboot, Shutdown, or Reset, which are standard instructions under the Linux operating system. However, the to-be-filtered instruction may also be a non-standard instruction other than the Linux operating system, such as an instruction that is not defined by the Linux operating system. Further, the controlled device 70 may be a router. It is assumed that it can change its network IP address via the Setnet command. The administrator of the remote management device 10 can add the Setnet command to the filter to be filtered. Among the commands, the general user with lower privilege can no longer issue Setnet commands to this router. The present invention further provides a user interface for a user with authority to change or set more commands to be filtered.

It should be noted that, taking the Reboot command as an example, in one embodiment of the present invention, although the controlled device 70 can still receive the characters Reboot, the subsequent line feed command 450 will be The remote management device 10 of the invention intercepts, so the controlled device 70 does not actually receive the line feed command 450, so the controlled device 70 will eventually not react to the complete command of rebooting. That is, the controlled device 70 does not restart.

Alternatively, the application layer 300 of the present invention may temporarily store the first instruction 410 after receiving the first instruction 410, so as to further determine whether the first instruction 410 matches a to-be-filtered instruction, if the first instruction 410 If the filtering command is matched, the application layer 300 intercepts one of the trigger commands issued by the central control computer 50, for example, an enter command 450, so that the controlled device 70 cannot be connected. The line feed instruction 450 is received such that the controlled device 70 itself does not ultimately react to the first command 410 that has been received before. Alternatively, in another preferred implementation, the remote management device 10 may temporarily block the first instruction 410. If the first instruction 410 is determined to be an instruction to be filtered, it will be intercepted to enable the control. The device 70 is unable to receive the first command 410. If it is determined that the first instruction 410 is not an instruction to be filtered, it will be released.

Referring to FIG. 3B, the present invention further discloses a remote management method, which includes at least the following steps. First, step 510 is performed. Step 510 includes setting a to-be-filtered instruction to the remote management device 10, the to-be-filtered instruction being composed of a plurality of characters. In this embodiment, the plurality of characters constituting the instruction to be filtered are a series of codes composed of an American Standard Code for Information Interchange (ASCII; American Standard Code for Information Interchange). In a preferred embodiment, the command to be filtered includes at least "Disable Echo", which causes the screen to not display the characters of the keyboard input). However, in other different embodiments, the to-be-filtered instructions may further include Reboot, Reset, or Shutdown. The invention further provides a user interface for the user to change or set more commands to be filtered. Specifically, the user who uses the remote management device 10 of the present invention can be classified into a manager having administrative authority or a general user having only normal authority. In a preferred embodiment, the administrator having the management authority can log in to the user interface (for example, a web page) provided by the remote management device 10 via the central control computer 50, and can change or set more filters to be filtered. instruction. In this embodiment, the user interface can be represented by a text screen and/or a graphical user interface (GUI). Presented.

520 and step 530 are performed on the central control computer 50 side. Wherein step 520 includes inputting one or more characters. The user of the step 520 may be a general user with only normal rights. Therefore, the central control computer of step 520 may be different or the same as the central control computer of step 510. In this embodiment, the meaning represented by the one or more characters is a series of American Standard Code for Information Interchange, and is input to the central control computer 50 by the keyboard 52 of the central control computer 50. However, in other different embodiments, the one or more characters may also be input to the central control computer 50 by other means, such as a touchpad having a handwriting function.

Step 530 includes converting the one or more characters into one or more network packets (or "protocol data units" by the central control computer 50, and transmitting them to the remote management device 10 via the network, that is, A first instruction 410 is sent from the central control computer 50 to the remote management device 10. In more detail, the central control computer 50 communicates with the first physical layer 100 of the remote management device 10 according to a first communication protocol by the network card, so that the central control computer 50 can make the one or more through the network. The network packets are transmitted to the remote management device 10. In a preferred embodiment, the first communication protocol may be an Ethernet protocol or any other suitable local area network protocol, and other regional network protocols include Token Ring and FDDI (Fiber Distributed Data Interface).

The process by which the central control computer 50 converts one or more characters into one or more network packets may use a TCP/IP protocol combination. According to the concept of the network model layering mentioned above, the outermost layer of the network packet is a data frame conforming to the Ethernet protocol. The inside of this frame also contains the data elements generated by the network layer of the central control computer 50 ( ) Data element The inside of the system further contains the data segment generated by the transport layer of the central control computer 50 ( ).

Next, step 540 is performed at the end of the remote management device 10. The remote management device 10 functionally includes the application layer 300, the first physical layer 100, the link layer 110, the network layer 120, and the transport layer 130 of the foregoing second B diagram. Step 540 includes converting the one or more network packets into readable instructions of the controlled device 70 and transmitting to the controlled device 70. That is, a third command 430 is issued by the remote management device 10 to the controlled device 70. In the remote management device 10, the application layer 300 of the second B-map disassembles the one or more networks layer by layer through the first physical layer 100, the link layer 110, the network layer 120, and the transport layer 130. The road packet is then passed to the second physical layer 200 to generate the readable command, and the readable command is transmitted to the controlled device 70 in accordance with the aforementioned second communication protocol (eg, a serial communication protocol). As described above, the transport layer 130 can also determine the application or the corresponding device connection to be delivered by the transmitting end by using the destination number contained in the network packets.

Still referring to FIG. 3B, steps 550 and 560 are performed at the end of the controlled device 70. Step 550 includes generating a terminal control command according to the readable command of the controlled device 70 to control the central computer 50 to generate an echo (Echo), for example, input by the keyboard before being displayed on the screen. The character allows the user to know exactly if they entered the character correctly. Step 560 includes transmitting the terminal control command to the remote control device 70 via the remote management device 70. Central computer 50. In this embodiment, the terminal control command is transmitted to the remote management device 10 by using a second communication protocol (for example, the foregoing serial communication protocol), and is transmitted to the central control computer via the remote management device 10 in the first communication protocol. 50. That is, the controlled device 70 sends a fourth instruction 440 to the remote management device 10, which will convert the second command 420 to the aforementioned second command 420. At the end of the remote management device 10, step 570 includes temporarily storing the terminal control command. Preferably, the terminal control command is temporarily stored in a storage device in the housing of the remote management device 10. The storage device may be a storage component such as a non-volatile memory, a flash memory or a hard disk. However, in other different embodiments, the storage device may also be an external storage device.

Thereafter, step 571 is performed at the end of the central control computer 50. Step 571 includes: responding to the terminal control command. Specifically, after the remote management device 10 is converted into the second command 420, the terminal control command is transmitted to the central control computer 50 according to the first communication protocol via the first physical layer 100. The response generated by the central control computer 50 for the second command 420 (corresponding to the terminal control command) displays one or more characters contained in the first command 410 on the screen 51. In a preferred embodiment, the terminal machine control command of the controlled device 70 contains the same content as the first command 410 sent by the central control computer 50. For example, when the character entered by the user in the central control computer 50 (for example, the aforementioned dir is taken as an example) is transmitted to the remote management device 10 by the first instruction 410, and converted to the third by the remote management device 10. When the command 430 is transmitted to the controlled device 70 in the second communication protocol, the content of the terminal control command generated by the controlled device 70 is also the same as the content of the first command 410. Therefore, the reaction generated by the central computer 50 The content of the terminal control command (i.e., d-i-r) is displayed on the screen 51. However, under the controlled device 70 of different systems, the response of the controlled device 70 to the terminal control command obtained by the same first command 410 may be different, that is, the central control computer 50 is displayed on the screen 51. The characters may not be the same as the characters entered by the user. For example, if the keyboard keys input by the user are sequentially "Rebooo", backspace, and "t" characters, when the system of the controlled device 70 is Linux, the controlled device 70 The resulting terminal control command causes screen 51 to display "Reboot". However, when the system of the controlled device 70 is Sun Microsystems, the controlled device 70 reacts to the terminal control command to cause the screen 51 to display "Rebooo^Ht".

Next, step 572 is performed in the central control computer 50. Step 572 includes entering the line feed instruction 450. In this embodiment, the line feed instruction 450 may be other trigger commands in addition to "Enter". The central control computer 50 then transmits the line feed command 450 to the remote management device 10 via the network in a first communication protocol.

Step 580 is performed at the end of the remote management device 10. Step 580 includes, after receiving the line feed instruction 450 from the central control computer 50, determining whether the combination of the one or more characters matches the to-be-filtered instruction based on the temporarily stored terminal control command. Specifically, after receiving the line feed instruction 450 of the central control computer 50, the remote management device 10 is triggered to perform an action of comparing the temporarily stored terminal control command with the to-be-filtered command. In more detail, the temporary terminal control command corresponds to the latest command prompt (Prompt) and line feed indication displayed on the screen. The combination of characters between the commands, which will be compared to the to-be-filtered instruction. If the remote management device 10 determines that the one or more character units constituting the terminal control command do not match the to-be-filtered command, the remote management device 10 transmits the line feed command 450 to the second communication protocol. The device 70 is controlled so that the controlled device 70 can perform the action to be performed by the first command 410. At the same time, the remote management device 10 can also store the terminal control command as an "executed command", the purpose of which will be described later.

If it is determined in the above step 580 that the one or more characters of the terminal control command match the to-be-filtered instruction, step 590 is performed. Step 590 includes intercepting the line feed instruction 450 at the remote management device 10, such that the controlled device 70 cannot receive the line feed command 450. In detail, in the embodiment, when the remote management device 10 determines that the character combination in the temporarily stored terminal control command matches the to-be-filtered command, the remote management device 10 intercepts the newline command 450. Indirectly, the controlled device 70 does not execute the instruction that it has previously received (i.e., the third instruction 430). In the example of the above-mentioned combination of "Rebooo", backspace and "t", when the controlled device 70 is a Linux system, the terminal control command temporarily stored by the remote management device 10 will be Will be "Reboot". When the user inputs the line feed instruction 450, because the "Reboot" series is one of the instructions to be filtered, the remote management device 10 determines that the character combination of the temporary terminal control instruction is the same as the to-be-filtered instruction, and The line feed instruction 450 sent by the central control computer 50 is intercepted without continuing to convert the line feed instruction 450 into the third instruction 430. In this way, the controlled device 70 does not receive the line feed command 450, and of course does not execute the word in the terminal control command. The instruction corresponding to the meta.

However, even when the system of the controlled device 70 is Sun Microsystems, the temporary terminal control command is "Rebooo^Ht", and the remote management device 10 can still judge that the terminal control command matches the to-be-filtered command, and The line feed command is converted into the third command 430 and transmitted to the controlled device 70 in the second communication protocol, so that the controlled device 70 receives the line feed command 450 and executes the third command 430. In other words, the remote management device 10 can determine whether the line feed instruction 450 needs to be intercepted for the terminal control command generated by the controlled device 70 of the different system, so as to prevent the controlled device 70 from executing the instruction substantially the same as the to-be-filtered instruction. By means of the reflective command filtering function, since the remote management device 10 analyzes the terminal control command issued by the controlled device 70 (fourth command 440) instead of the first command 410 issued by the central control computer 50, the user It is difficult to avoid the command filtering function of the remote management device 10, and reduce the probability that the executed instruction (to be filtered) is executed on the controlled device 70.

In addition, even if the user of the central control computer 50 intends to use the above-mentioned input characters to issue an instruction to evade the use restriction, for example, the user does not sequentially press the keyboard to input Reboot, Reset or Shutdown. The instruction formed by the character, and the above-mentioned arrow keys (Up Arrow Key), down arrow key (Down Arrow Key) or other keys on the keyboard are used to select the above-mentioned ones that have been executed on the controlled device 70. The invention can still be blocked by the instructions. For example, in step 540, if the remote management device 10 determines that the first command 410 received from the central control computer 50 is an arrow key on the keyboard 51 (Up) Arrow Key), the remote management device 10 still converts it into a readable command (third instruction) of the controlled device 70, so the controlled device 70 still receives the readable command corresponding to the up arrow key, so The control device 70 will still be temporarily stored and judged by the remote management device 10 in response to the readable command generating a terminal control command (fourth command). Therefore, the remote management device 10 of the present invention can still determine whether the instruction selected by the up arrow key is the instruction to be filtered and then block when the instruction filtering function is implemented in a reflective manner.

The third C diagram schematically illustrates the hardware architecture of the remote management device 10 of the present invention. The remote management device 10 of the present invention includes an application execution unit 600, a network interface controller (NIC) 610, and one or more universal non-synchronous transceivers (described in terms of a hardware). UART) 620, one or more RS-232/422/485 transceivers (Transceiver) 630, and a storage device 650. In a preferred embodiment, the application execution unit 600 is a central processing unit, and the application layer 300, the transport layer 130, and the network layer 120 of the second B diagram are managed by the central processing unit 600 and the remote end. The operating system of device 10 is implemented. The first physical layer 100 or the network interface of the foregoing second B is implemented by the network interface controller 610, and the network interface controller 610 is connected to the network through the first end 10A. The second physical layer 200 of the second B diagram is implemented by the one or more universal non-synchronous transceivers 620 and the RS-232/422/485 transceiver 630, and the one or more transceivers 630 are transmitted through the first The two ends 10B are coupled to one or more controlled devices 70. The storage device 650 is configured to store the to-be-filtered instruction of the third B-picture, and temporarily store the terminal control instruction of the third B-picture (that is, the fourth instruction of the third A picture) 440). The operating system of the remote management device 10 can be Linux or any other suitable operating system.

The one or more universal asynchronous transceivers (UARTs) 620 mainly convert the data from the central processing unit 600 into a serial transmission mode and then send the data to the transceiver 630; or the data from the transceiver 630. The serial transmission mode is converted to the parallel transmission mode and sent to the central processing unit 600. In a preferred embodiment, the one or more universal non-synchronous transceivers (UARTs) 620 are implemented by the PI7C9X7958 provided by Pericom Corporation. The transceiver 630 can further include an RS-232 transceiver and an RS-422/RS-485 transceiver, and the RS-232 transceiver and the RS-422/RS-485 transceiver are in different or identical integrated circuit packages. among. In addition, when the RS-232 transceiver and the RS-422/RS-485 transceiver are located in different integrated circuit packages, between each of the universal asynchronous transceivers (UART) 620 and each transceiver 630 There is a multiplexer (not shown) to select between different serial communication modes, such as RS-232 serial communication or RS-422/RS-485 serial communication. The universal non-synchronous transceiver (UART) 620 and transceiver 630 described above can be considered as part of the aforementioned second physical layer 200.

The present invention has been described by the above-described related embodiments, but the above embodiments are only intended to implement the scope of the present invention. It must be noted that the disclosed embodiments do not limit the scope of the invention. On the contrary, modifications and equivalents of the spirit and scope of the invention are included in the scope of the invention.

10‧‧‧ Remote management device

10A‧‧‧ first end

10B‧‧‧ second end

20‧‧‧ cable

50‧‧‧Central computer

51‧‧‧ screen

52‧‧‧ keyboard

70‧‧‧Controlled computer

100‧‧‧ first physical layer

110‧‧‧Link layer

120‧‧‧Network layer

130‧‧‧Transport layer

200‧‧‧Second physical layer

300‧‧‧Application layer

310‧‧‧Telnet server

320‧‧‧SSH server

330‧‧‧Terminal Instruction Analysis Program

340‧‧‧TCP routing program

350‧‧‧UDP routing program

360‧‧‧Modbus gateway program

370‧‧‧Other applications

410‧‧‧First Directive

420‧‧‧ second instruction

430‧‧‧ Third Order

440‧‧‧Fourth Instruction

450‧‧ ‧ new line instruction

600‧‧‧Application Execution Unit

610‧‧‧Network Controller

620‧‧‧Universal asynchronous transceiver

630‧‧‧ transceiver

650‧‧‧ storage device

1 is a schematic diagram of a conventional network mode; FIG. 2A is a schematic diagram of a remote management apparatus of the present invention; FIG. 2B is a schematic diagram of another preferred embodiment of FIG. 2A; A schematic diagram of another preferred embodiment of the device; FIG. 3B is a schematic diagram of a remote management process of the remote management device of the present invention; and FIG. 3C is a schematic diagram of another preferred embodiment of the remote management device.

50‧‧‧Central computer

51‧‧‧ screen

52‧‧‧ keyboard

70‧‧‧Controlled computer

100‧‧‧ first physical layer

110‧‧‧Link layer

120‧‧‧Network layer

130‧‧‧Transport layer

200‧‧‧Second physical layer

300‧‧‧Application layer

310‧‧‧Telnet server

320‧‧‧SSH server

330‧‧‧Terminal Instruction Analysis Program

340‧‧‧TCP routing program

350‧‧‧UDP routing program

360‧‧‧Modbus gateway program

370‧‧‧Other applications

410‧‧‧First Directive

420‧‧‧ second instruction

430‧‧‧ Third Order

440‧‧‧Fourth Instruction

Claims (20)

A remote management method is used for a central control computer, a remote management device and a controlled device, and one end of the remote management device is coupled to the central control computer via a network, and the remote management device The other end is further coupled to the controlled device, so that the central control computer can control the controlled device via the remote management device, and the method includes at least the following steps: setting a to-be-filtered command to the remote management device; The central control computer inputs one or more characters; on the central control computer, the one or more characters are converted into one or more network packets and transmitted to the remote management device via the network; The remote management device end converts the one or more network packets into readable instructions of the controlled device end; at the controlled device end, generates a terminal device according to the readable instructions of the controlled device terminal Controlling instructions; transmitting, by the remote management device, the terminal control command to the central control computer, so that the central control computer generates a response; and at the remote management device end, the terminal control command is temporarily stored and Received one of the computers from the central control After the command is issued, determining whether the one or more characters match the to-be-filtered instruction according to the temporarily stored terminal control instruction; if yes, intercepting the trigger instruction at the remote management device, so that the controlled The device does not execute the instruction corresponding to the one or more characters. The method of claim 1, wherein if the one or more characters are determined to not match the to-be-filtered instruction, the triggering instruction is transmitted to the controlled device, so that the controlled device can be executed. The instruction corresponding to the one or more characters. The method of claim 1, wherein the to-be-filtered command is selected from the group consisting of Reboot, Reset, and Shutdown. The method of claim 1, wherein the readable command of the controlled device is represented by an ASCII code (American Standard Code for Information Interchange). The method of claim 1, wherein the controlled device has an RS-232/422/485 interface. The method of claim 1, wherein the central control computer further executes a terminal emulation program, and the terminal emulation program enables the central control computer to react to the terminal control command. A remote management device, the remote management device is coupled to a central control computer via a network, and the other end of the remote management device is further coupled to a controlled device, so that the central control computer can be remotely The remote management device controls the controlled device, and the remote management device includes: a first physical layer corresponding to the central control computer, and receiving a first from the central control computer according to a first communication protocol Commanding, or transmitting a second instruction to the central control computer according to the first communication protocol, and the first communication protocol at least includes an Ethernet protocol; a second physical layer corresponding to the controlled device, And transmitting a third instruction to the controlled device according to a second communication protocol to control the controlled device, or receiving a fourth instruction from the controlled device according to the second communication protocol, and the second communication protocol at least includes a serial communication protocol; an application layer for executing one or more applications, the application layer corresponding to the first physical layer and the second physical layer, and the application layer is adapted to the first Instruction Having the second entity generate the third instruction, or in response to the fourth instruction, causing the first entity layer to generate the second instruction according to a third communication protocol, to control the central control computer to generate the second instruction Responding; wherein the application layer further parses the fourth instruction to determine whether the fourth instruction matches a to-be-filtered instruction, and if the fourth instruction matches the to-be-filtered instruction, the application layer intercepts the issued by the central control computer One triggers the command so that the controlled device does not execute the third command. The device of claim 7, wherein the second communication protocol is selected from the group consisting of RS-232, RS-422, and RS-485. The device of claim 7, wherein the application layer further comprises a Telnet server program, an SSH server program or a terminal server program. The device of claim 7, wherein the first physical layer and the application layer further comprise a link layer, a network layer and a transport layer. ). The device of claim 7, wherein the third communication protocol comprises at least a TCP/IP protocol suite. The device of claim 7, wherein the to-be-filtered command is selected from the group consisting of Reboot, Reset, and Shutdown. A remote management device, such that a central control computer can interact with one or more controlled devices via the remote management device, where the remote management device includes at least: a network interface coupled to the network via the network Controlling the computer, and receiving a first instruction from the central control computer according to a regional network protocol, or transmitting a second instruction to the central control computer according to the regional network protocol; a serial interface coupled to the controlled And transmitting, by the serial communication protocol, a third instruction to the controlled device, or receiving a fourth instruction from the controlled device according to the serial communication protocol; and a central processing unit for executing one or more An application, the central processing unit corresponds to the network interface and the serial interface, and the central processor can change the configuration of the remote management device according to the first instruction, or according to the first instruction And causing the serial interface to generate the third instruction to control the controlled device, or generating the second instruction according to a TCP/IP protocol suite according to the fourth instruction, to control the central control Computer production Response; wherein the central processor is further such that the first instruction or the fourth instruction is determined Whether it matches with a to-be-filtered instruction, if the first instruction or the fourth instruction matches the to-be-filtered instruction, the triggering instruction sent by the central control computer is intercepted, so that the controlled device does not Will react to the first instruction or the third instruction. The remote management device of claim 13, wherein the first instruction is generated by the central control computer according to a plurality of characters (characters) or a menu option input by an input device. The remote management device of claim 14, wherein the central control computer further displays the plurality of characters on a screen according to the second instruction. The remote management device of claim 13, wherein the serial interface comprises at least one parallel/serial converter and a serial transceiver. The remote management device of claim 13, wherein the to-be-filtered command is selected from the group consisting of Reboot, Reset, and Shutdown. A remote management device, the remote management device is coupled to a central control computer via a network, and the other end of the remote management device is further coupled to a first controlled device and a second controlled device. The remote control device can switch and control the controlled devices through the remote management device. The remote management device includes at least: a network interface corresponding to the central control computer, and is connected to the network according to a first communication protocol. Receiving a first instruction from the central control computer, or transmitting a second instruction to the central control computer via the network according to the first communication protocol, and the first communication protocol at least includes an Ethernet protocol; a serial interface corresponding to the controlled device, and transmitting a third command to the first controlled device or the second controlled device according to a second communication protocol to control the controlled devices, or according to the first The second communication protocol receives a fourth command from the first controlled device or the second controlled device; an application execution unit is configured to execute one or more applications, The application execution unit corresponds to the network interface and the serial interface, and the application execution unit causes the serial interface to generate the third instruction according to the first instruction, or corresponding to the fourth instruction The network interface generates the second instruction according to a third communication protocol to control the central control computer to generate a response; wherein the application execution unit further parses the fourth instruction to determine whether the fourth instruction matches a to-be-filtered instruction. If the fourth instruction matches the to-be-filtered instruction, the application execution unit intercepts one of the trigger commands issued by the central control computer, so that the first controlled device or the second controlled device does not execute the first The third instruction further includes a destination number to enable the application execution unit to route the third instruction to the first controlled device or the second controlled device according to the destination number. The remote management device of claim 18, wherein the to-be-filtered command is selected from the group consisting of Reboot, Reset, and Shutdown. The remote management device of claim 18, wherein the triggering instruction comprises at least a line feed instruction (Enter Command).