US20090183239A1 - Embedded management system for a physical device having virtual elements - Google Patents
Embedded management system for a physical device having virtual elements Download PDFInfo
- Publication number
- US20090183239A1 US20090183239A1 US12/358,605 US35860509A US2009183239A1 US 20090183239 A1 US20090183239 A1 US 20090183239A1 US 35860509 A US35860509 A US 35860509A US 2009183239 A1 US2009183239 A1 US 2009183239A1
- Authority
- US
- United States
- Prior art keywords
- user
- access
- collection
- management information
- virtual element
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Abandoned
Links
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0893—Assignment of logical groups to network elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/08—Configuration management of networks or network elements
- H04L41/0895—Configuration of virtualised networks or elements, e.g. virtualised network function or OpenFlow elements
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/102—Entity profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L67/00—Network arrangements or protocols for supporting network services or applications
- H04L67/2866—Architectures; Arrangements
- H04L67/30—Profiles
- H04L67/306—User profiles
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L41/00—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks
- H04L41/40—Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using virtualisation of network functions or resources, e.g. SDN or NFV entities
Definitions
- the illustrative embodiment of the present invention relates generally to a physical device having virtual elements and more particularly to an embedded management system for managing the physical device and the virtual elements within the physical device.
- FIG. 1 shows an example of a traditional configuration for users to manage access to servers and storage via network devices such as a switch in a data center.
- clients 11 A, 11 B and 11 C wish to gain access to services provided by respective groups of resources 14 A, 14 B and 14 C in the data center.
- Each of the groups of resources 14 A, 14 B and 14 C includes servers and storage.
- servers 16 A and storage 18 A are part of group 14 A
- servers 16 B and storage 18 B are part of group 14 B
- servers 16 C and storage 18 C are part of group 14 C.
- a separate network device 12 A, 12 B and 12 C is associated with each group 14 A, 14 B and 14 C and controls the flow of service requests and responses for the associated group.
- Each network device 12 A, 12 B and 12 C is a separate self-contained physical device and facilitates a client's access to the resources in the respective group for a user.
- Each physical device also has an independent network management interface that provides a network management user 10 A, 10 B and 10 C with a system view to manage the device. It should be noted that the term “user” appearing herein is used interchangeably with the term “network management user”.
- This approach requires separate network devices 12 A, 12 B and 12 C for each of the logical groups 14 A, 14 B and 14 C.
- These network devices 12 A, 12 B and 12 C can be quite costly and can present various configuration challenges, especially if they are distinct types of devices.
- Virtualization allows a single physical device to be logically partitioned so as to function as if it were multiple devices. Virtualization allows partitioning of a device's resources but also presents management challenges.
- One such management challenge is to present a management view that is akin to that used for managing an independent physical device. In other words, the challenge is to present to the network management user a management view so that the user experiences each virtual element as if it were a physical device and also present a non-virtualized system view for the administrator/owner of the physical device
- the illustrative embodiment of the present invention provides a management facility that facilitates the presentation of either a virtual element view or system view to a network management user depending upon the user's access rights.
- the user interface presented is modified based on the scope and type of access rights of the network management user.
- the scope and type of access privileges afforded to the user of the virtualized system is defined by a profile object which indicates the scope and type of user access.
- a profile object is associated with the user during log-in.
- Each virtualized element in the physical device is uniquely distinguishable by an identifier.
- the management information associated with a virtual element is indicated by its virtual element identifier.
- An environment object is created for each user at login to store the profile object and the virtual element identifier.
- the virtual element identifier indicates the type and scope of the user access privileges necessary to manage the associated virtual element. Requests by a user to access management information associated with a virtual element are analyzed to determine if the access privileges specified in the user profile enable the user to access the virtual element and if so to perform the type of operation requested.
- a physical device apparatus in a network includes multiple virtual elements configured on the physical device. Each collection of management information is associated with a virtual element. The collection of management information includes an access scope indicating a required user access level needed to access the information.
- the physical device apparatus also includes at least one environment object associated with a user interfaced with the device. The environment object includes a collection of user profile information and the identifier of the virtual element the user is authorized to access.
- the physical device apparatus further includes a management facility that controls the access of a user to a collection of management information associated with one of the virtual elements.
- a method of controlling access to a plurality of virtual elements includes the step of providing a physical device with multiple virtual elements configured thereon. Each collection of management information is associated with a virtual element. The collection of management information includes an access scope indicating a required user access level needed to access the information. The method further includes instantiating an environment object associated with a user interfaced with the device. The environment object includes a collection of user profile information associated with the user and the identifier of the virtual switch for which the user is authorized. The method also requests access for a user to a collection of the management information for a virtual element and determines whether to grant the request based on the user profile information and the collection of management information.
- FIG. 1 depicts an example of a conventional configuration for a data center wherein multiple network devices are employed
- FIG. 2 depicts an example of a configuration for a data center in accordance with the illustrative embodiment of the present invention
- FIG. 3 provides a logical view of the scoping provided in the illustrative embodiment of the present invention
- FIG. 4 illustrates a number of the components, including the management facility and MIBs, found in a physical device used by the illustrative embodiment of the present invention
- FIG. 5 depicts an example of an environment object used in the illustrative embodiment of the present invention
- FIG. 6 is a flow chart illustrating the steps that are performed in the illustrative embodiment of the present invention when a request of the management facility is received;
- FIG. 7 is a flow chart illustrating the steps that are performed to determine what is depicted on a user interface of the management facility.
- FIG. 8 is a flow chart illustrating the steps that are performed to transform content contained in an XML management schema file.
- the illustrative embodiment of present invention provides a management facility for managing a physical device that is partitioned into multiple virtual elements.
- Each virtual element represents a logical partition of the resources of the physical device and, in general, operates as if it were a distinct physical device.
- the management facility provides management of resources on a system-wide basis as well as management on a per virtual element basis. Management information for each virtual element is tagged with an identifier that associates the management information with the virtual element.
- the management facility provides scoping to appropriately limit the scope of management information that may be accessed by a user. Thus, for example, a user that should only have access to management information for a specific virtual element is only permitted access to the management information for the specified virtual element.
- a user that has system-wide privileges is permitted to access all of the management information, including both management information for the virtual elements and management information for the system.
- An interface is presented to the user that is scoped based on access rights and retains the look and feel of conventional interfaces to physical devices.
- the management information is also accessible via SNMP.
- the management information may be described in Management Information Bases (MIBs).
- MIBs Management Information Bases
- the management information is organized into a group of scalar and table objects.
- the MIBs may be created automatically, partially or wholly, from the application data and commands that are stored in a predefined configuration file format (as will be described in more detail below).
- the application data and commands are stored in an XML format that is transformed into MIBs.
- the application data and commands may also be transformed to generate documentation, such as documentation for Command Line Interface (CLI) commands.
- the application data commands may be transformed into a Simple Management Framework (SMF) text file or other proprietary or well-known formats that may be used by management applications.
- SMF Simple Management Framework
- the illustrative embodiment of the present invention employs a number of profiles that define access privileges (i.e. read-only, read-write, no access privileges, or a combination thereof) for users and the scopes to which users are limited (i.e. limits to a particular virtual element or to the entire system).
- Each user has an associated profile stored in an environment object.
- a number of different profiles may be provided by the management facility, and the profiles are dynamic in that they may be modified, added (i.e. new profiles defined), or deleted.
- the identity of the virtual element that the user wishes to access is also stored in the environment object.
- FIG. 2 shows an example configuration wherein a physical device 20 is used in the illustrative embodiment of the present invention. It should be noted that the configuration shown in FIG. 2 differs from that shown in FIG. 1 in that the separate network devices 12 A, 12 B and 12 C are replaced with a single physical device 20 in FIG. 2 .
- the single physical device 20 includes virtual elements 22 A, 22 B and 22 C. These virtual elements act as separate virtual devices for directing communications between the clients 11 A, 11 B and 11 C and the respective resource groups 14 A, 14 B and 14 C.
- the network management users 10 A, 10 B and 10 C are presented with a management view that is consistent with the interface presented by the separate physical devices although they are only viewing and managing their respective virtual elements.
- a network management user 10 D with administrator privileges is presented with a view of the entire physical device 20 .
- the virtual elements may take many forms.
- the virtual elements may be virtual switches that are partitions of a physical switch or a server whose resources are partitioned into multiple virtual servers.
- the virtual elements may be virtual routers as opposed to virtual switches.
- the present invention is not limited to virtual elements that are either virtual switches or virtual routers; rather the present invention may be practiced with other varieties of virtual elements that constitute logical partitions of the resources of a physical device.
- FIG. 3 depicts an example of the scoping that may be provided by the illustrative embodiment of the present invention.
- System view 30 encompasses management information 32 A, 34 A and 36 A for each of the virtual elements views 32 , 34 and 36 as well as system management information 38 (i.e. non-virtualized attributes).
- Each virtual element view 32 , 34 and 36 contains management information 32 A, 34 A and 36 A that is particular to a given virtual element 32 , 34 and 36 .
- the management information 32 A, 34 A and 36 A in these virtual element views 32 , 34 and 36 has been tagged with a virtual element identifier 32 B, 34 B and 36 B to designate the information as belonging to the associated virtual element views and may be further embedded as shown in FIG. 3 .
- virtual element view 40 is a subset of virtual element view 32 and contains information for a virtual element that is contained in another virtual element.
- the virtual element view 32 may contain management information that is associated with a specific virtual switch, and the virtual switch may include a virtual router.
- the virtual element view 40 is associated with the virtual router.
- FIG. 4 depicts the management facility 50 used by the illustrative embodiment of the present invention in greater detail.
- a physical device 20 includes a management facility 50 and is able to manage resources on both a per virtual element basis as well as on a system-wide basis. Users may interact with the management facility 50 via user interfaces such as a Command Line Interface (CLI) 54 or a Graphical User Interface (GUI) 56 .
- the management facility 50 also supports programmatic interfaces 58 such as SNMP and XML where requests are received programmatically. Those skilled in the art will recognize that additional types of interfaces may be deployed without departing from the scope of the present invention.
- the management facility 50 When a user seeks to access management information 52 via one of these interfaces 54 , 56 and 58 , the management facility 50 must determine whether the user is permitted the requested access.
- the management facility 50 maintains an environment object 60 (depicted in FIG. 5 ) for each user in the illustrative embodiment.
- the environment object includes a user profile 62 .
- the environment object 60 also includes the identities of the virtual element(s) that the user is authorized to access 64 .
- user profiles identify the type of access that is permitted to the user and the scope of access that is permitted to a user.
- the following table identifies an example of some of the user profiles and associated access rights and scopes that are associated with the user profile.
- SystemOperator Read-only access for all settings for the system, including all virtual elements SystemOperator Read-only access for all settings for the system, including all virtual elements VirtualElementAdmin Read and write access for all settings that affect a specific virtual element VirtualElementOperator Read-only access to all settings that affect a specific virtual element
- user profiles are extensible and modifiable. New user profiles may be created and user profiles may be deleted. In addition, user profiles may be modified as needed. Thus, the user profiles are dynamic.
- the use of the environment object is not necessary to practice the present invention.
- the profile information and identity of the virtual elements that the user seeks to access may be stored separately and in different formats.
- the environment object constitutes only an exemplary implementation.
- FIG. 6 is a flow chart illustrating the steps that are performed when a user submits a management request to the management facility 50 that requires access to management information 52 .
- the user submits the request (Step 70 ).
- the user may submit the request via CLI 54 , via GUI 56 or via programmatic interface 58 .
- the management facility 50 examines the request and determines the virtual element that the user wishes to access and the type of access required for the request (Step 72 ).
- a check is made to determine whether the user is permitted to access the identified virtual element (Step 74 ). If the user is not permitted, then access to the associated management information is denied by refusing to perform the request (Step 76 ).
- Step 78 a check is made whether the user is permitted the type of access that is requested (i.e., read access, write access, etc.) (Step 78 ). If the user is permitted the type of access, then access is granted (Step 80 ) and the request is acted upon within the scope of the virtual element. If, however, the user is not permitted the type of access, the request is denied (Step 76 ).
- the management facility 50 also provides some additional help when the user interface 54 or 56 advertises/indicates actions that are consistent with the scope of the granted user access.
- the management facility 50 only displays options on the UI that are consistent with the type of access and the scope of access for which the user is authorized.
- FIG. 7 is a flow chart illustrating the steps that are performed in customizing the UI to facilitate the display of only authorized options.
- the process begins when the user logs into the UI (step 82 ). This may entail accessing a web browser via a web browser and typing in a user ID and password. A determination is then made of a scope and type of access that is permitted for the user (Step 84 ).
- the user interface is then customized to only display options that are available which are consistent with the scope and type of access that are permitted for the user (Step 86 ).
- the examples contained herein have discussed the use of the management facility in contact with a plurality of virtual elements, it should be understood that the illustrative embodiment of the present invention might also be applied to other forms of virtualization for electronic devices.
- the illustrated embodiment of the present invention may be extended to include any virtual software entity created on a physical device that needs to be contacted through a management system.
- the illustrative embodiment of the present invention provides the capability of taking management data in a specified file format and transforming it to generate MIBS.
- FIG. 8 provides an example of the steps that are performed to transform the management data. Initially, a file is provided that contains management data and commands (Step 100 ). The file is then validated against schema by applying an XML style sheet (Step 102 ). Once the syntax and contents have been validated, the XML document is transformed into one or more MIBs (Step 104 ). A number of conventionally available tools may be employed to perform this transformation. In addition, source code may be generated from the MIB (Step 106 ). The source code is used to fill in data structures for use in a SNMP agent in the management facility 50 .
- the data commands in the file holding the management data may also be transformed to generate an SMF text file (step 108 ).
- the SMF text file created in step 108 then may be passed through a code generator to generate source code in C++ or another language (Step 110 ).
- This source code fills in data structures for use in the management facility 50 . In particular, it fills in values that are used by the CLI, the web interface and the XML interface. This enables the values to be put in a form that can be used by the programmatic and presentation interfaces.
- the management data and commands may also be used to generate documentation for the CLI commands and to generally provide online help (Step 112 ).
Abstract
A single management facility in a virtualized system that facilitates the presentation of either a virtual element view or system view to a network management user depending upon the user's access rights is disclosed. The user interface presented to the user is modified based on the scope and type of access rights. The scope and type of access privileges afforded to the user of the virtualized system is found in a profile object that indicates the scope and type of user access established during the user login. The profile object is stored in an environment object that is created for each user at login. Each virtualized element in the system includes management information that is associated with the virtual element via a virtual identifier. The management information indicates the level of the user access privileges necessary to view the associated virtual element. Requests by a user to access management information associated with a virtual element are analyzed to determine if the access privileges specified in the user profile enable the user to access the virtual element and if so to perform the type of operation requested.
Description
- The illustrative embodiment of the present invention relates generally to a physical device having virtual elements and more particularly to an embedded management system for managing the physical device and the virtual elements within the physical device.
-
FIG. 1 shows an example of a traditional configuration for users to manage access to servers and storage via network devices such as a switch in a data center. In this example,clients resources resources servers 16A andstorage 18A are part ofgroup 14A,servers 16B andstorage 18B are part ofgroup 14B, andservers 16C andstorage 18C are part ofgroup 14C. Aseparate network device group network device network management user - This approach requires
separate network devices logical groups network devices - One possible solution to this problem is virtualization. Virtualization allows a single physical device to be logically partitioned so as to function as if it were multiple devices. Virtualization allows partitioning of a device's resources but also presents management challenges. One such management challenge is to present a management view that is akin to that used for managing an independent physical device. In other words, the challenge is to present to the network management user a management view so that the user experiences each virtual element as if it were a physical device and also present a non-virtualized system view for the administrator/owner of the physical device
- The illustrative embodiment of the present invention provides a management facility that facilitates the presentation of either a virtual element view or system view to a network management user depending upon the user's access rights. The user interface presented is modified based on the scope and type of access rights of the network management user. The scope and type of access privileges afforded to the user of the virtualized system is defined by a profile object which indicates the scope and type of user access. A profile object is associated with the user during log-in. Each virtualized element in the physical device is uniquely distinguishable by an identifier. The management information associated with a virtual element is indicated by its virtual element identifier. An environment object is created for each user at login to store the profile object and the virtual element identifier. The virtual element identifier indicates the type and scope of the user access privileges necessary to manage the associated virtual element. Requests by a user to access management information associated with a virtual element are analyzed to determine if the access privileges specified in the user profile enable the user to access the virtual element and if so to perform the type of operation requested.
- In one embodiment, a physical device apparatus in a network includes multiple virtual elements configured on the physical device. Each collection of management information is associated with a virtual element. The collection of management information includes an access scope indicating a required user access level needed to access the information. The physical device apparatus also includes at least one environment object associated with a user interfaced with the device. The environment object includes a collection of user profile information and the identifier of the virtual element the user is authorized to access. The physical device apparatus further includes a management facility that controls the access of a user to a collection of management information associated with one of the virtual elements.
- In another embodiment in a network, a method of controlling access to a plurality of virtual elements includes the step of providing a physical device with multiple virtual elements configured thereon. Each collection of management information is associated with a virtual element. The collection of management information includes an access scope indicating a required user access level needed to access the information. The method further includes instantiating an environment object associated with a user interfaced with the device. The environment object includes a collection of user profile information associated with the user and the identifier of the virtual switch for which the user is authorized. The method also requests access for a user to a collection of the management information for a virtual element and determines whether to grant the request based on the user profile information and the collection of management information.
-
FIG. 1 (Prior art) depicts an example of a conventional configuration for a data center wherein multiple network devices are employed; -
FIG. 2 depicts an example of a configuration for a data center in accordance with the illustrative embodiment of the present invention; -
FIG. 3 provides a logical view of the scoping provided in the illustrative embodiment of the present invention; -
FIG. 4 illustrates a number of the components, including the management facility and MIBs, found in a physical device used by the illustrative embodiment of the present invention; -
FIG. 5 depicts an example of an environment object used in the illustrative embodiment of the present invention; -
FIG. 6 is a flow chart illustrating the steps that are performed in the illustrative embodiment of the present invention when a request of the management facility is received; -
FIG. 7 is a flow chart illustrating the steps that are performed to determine what is depicted on a user interface of the management facility; and -
FIG. 8 is a flow chart illustrating the steps that are performed to transform content contained in an XML management schema file. - The illustrative embodiment of present invention provides a management facility for managing a physical device that is partitioned into multiple virtual elements. Each virtual element represents a logical partition of the resources of the physical device and, in general, operates as if it were a distinct physical device. The management facility provides management of resources on a system-wide basis as well as management on a per virtual element basis. Management information for each virtual element is tagged with an identifier that associates the management information with the virtual element. The management facility provides scoping to appropriately limit the scope of management information that may be accessed by a user. Thus, for example, a user that should only have access to management information for a specific virtual element is only permitted access to the management information for the specified virtual element. In contrast, a user that has system-wide privileges is permitted to access all of the management information, including both management information for the virtual elements and management information for the system. An interface is presented to the user that is scoped based on access rights and retains the look and feel of conventional interfaces to physical devices.
- In the illustrative embodiment, the management information is also accessible via SNMP. Thus, the management information may be described in Management Information Bases (MIBs). The management information is organized into a group of scalar and table objects. The MIBs may be created automatically, partially or wholly, from the application data and commands that are stored in a predefined configuration file format (as will be described in more detail below). In one embodiment, the application data and commands are stored in an XML format that is transformed into MIBs. The application data and commands may also be transformed to generate documentation, such as documentation for Command Line Interface (CLI) commands. Still further, the application data commands may be transformed into a Simple Management Framework (SMF) text file or other proprietary or well-known formats that may be used by management applications.
- The illustrative embodiment of the present invention employs a number of profiles that define access privileges (i.e. read-only, read-write, no access privileges, or a combination thereof) for users and the scopes to which users are limited (i.e. limits to a particular virtual element or to the entire system). Each user has an associated profile stored in an environment object. A number of different profiles may be provided by the management facility, and the profiles are dynamic in that they may be modified, added (i.e. new profiles defined), or deleted. The identity of the virtual element that the user wishes to access is also stored in the environment object.
-
FIG. 2 shows an example configuration wherein aphysical device 20 is used in the illustrative embodiment of the present invention. It should be noted that the configuration shown inFIG. 2 differs from that shown inFIG. 1 in that theseparate network devices physical device 20 inFIG. 2 . The singlephysical device 20 includesvirtual elements clients respective resource groups network management users network management user 10D with administrator privileges is presented with a view of the entirephysical device 20. - It should be appreciated that the virtual elements may take many forms. For example the virtual elements may be virtual switches that are partitions of a physical switch or a server whose resources are partitioned into multiple virtual servers. In addition, the virtual elements may be virtual routers as opposed to virtual switches. Those skilled in the art will appreciate that the present invention is not limited to virtual elements that are either virtual switches or virtual routers; rather the present invention may be practiced with other varieties of virtual elements that constitute logical partitions of the resources of a physical device.
-
FIG. 3 depicts an example of the scoping that may be provided by the illustrative embodiment of the present invention.System view 30 encompassesmanagement information virtual element view management information virtual element management information virtual element identifier FIG. 3 . For example,virtual element view 40 is a subset ofvirtual element view 32 and contains information for a virtual element that is contained in another virtual element. For instance, thevirtual element view 32 may contain management information that is associated with a specific virtual switch, and the virtual switch may include a virtual router. Thevirtual element view 40 is associated with the virtual router. -
FIG. 4 depicts themanagement facility 50 used by the illustrative embodiment of the present invention in greater detail. Aphysical device 20 includes amanagement facility 50 and is able to manage resources on both a per virtual element basis as well as on a system-wide basis. Users may interact with themanagement facility 50 via user interfaces such as a Command Line Interface (CLI) 54 or a Graphical User Interface (GUI) 56. Themanagement facility 50 also supportsprogrammatic interfaces 58 such as SNMP and XML where requests are received programmatically. Those skilled in the art will recognize that additional types of interfaces may be deployed without departing from the scope of the present invention. - When a user seeks to access
management information 52 via one of theseinterfaces management facility 50 must determine whether the user is permitted the requested access. Themanagement facility 50 maintains an environment object 60 (depicted inFIG. 5 ) for each user in the illustrative embodiment. The environment object includes auser profile 62. Theenvironment object 60 also includes the identities of the virtual element(s) that the user is authorized to access 64. - As was mentioned above, user profiles identify the type of access that is permitted to the user and the scope of access that is permitted to a user. The following table identifies an example of some of the user profiles and associated access rights and scopes that are associated with the user profile.
-
User Profile Privileges SystemAdmin Read and write access for all settings for the system, including all virtual elements SystemOperator Read-only access for all settings for the system, including all virtual elements VirtualElementAdmin Read and write access for all settings that affect a specific virtual element VirtualElementOperator Read-only access to all settings that affect a specific virtual element - It should be appreciated that the user profiles are extensible and modifiable. New user profiles may be created and user profiles may be deleted. In addition, user profiles may be modified as needed. Thus, the user profiles are dynamic.
- Those skilled in the art will appreciate that the use of the environment object is not necessary to practice the present invention. In alternative implementations, the profile information and identity of the virtual elements that the user seeks to access may be stored separately and in different formats. The environment object constitutes only an exemplary implementation.
-
FIG. 6 is a flow chart illustrating the steps that are performed when a user submits a management request to themanagement facility 50 that requires access tomanagement information 52. Initially, the user submits the request (Step 70). The user may submit the request viaCLI 54, viaGUI 56 or viaprogrammatic interface 58. Themanagement facility 50 examines the request and determines the virtual element that the user wishes to access and the type of access required for the request (Step 72). A check is made to determine whether the user is permitted to access the identified virtual element (Step 74). If the user is not permitted, then access to the associated management information is denied by refusing to perform the request (Step 76). If the user is permitted to access the identified virtual element, a check is made whether the user is permitted the type of access that is requested (i.e., read access, write access, etc.) (Step 78). If the user is permitted the type of access, then access is granted (Step 80) and the request is acted upon within the scope of the virtual element. If, however, the user is not permitted the type of access, the request is denied (Step 76). - The
management facility 50 also provides some additional help when theuser interface management facility 50 only displays options on the UI that are consistent with the type of access and the scope of access for which the user is authorized.FIG. 7 is a flow chart illustrating the steps that are performed in customizing the UI to facilitate the display of only authorized options. The process begins when the user logs into the UI (step 82). This may entail accessing a web browser via a web browser and typing in a user ID and password. A determination is then made of a scope and type of access that is permitted for the user (Step 84). The user interface is then customized to only display options that are available which are consistent with the scope and type of access that are permitted for the user (Step 86). - Although the examples contained herein have discussed the use of the management facility in contact with a plurality of virtual elements, it should be understood that the illustrative embodiment of the present invention might also be applied to other forms of virtualization for electronic devices. The illustrated embodiment of the present invention may be extended to include any virtual software entity created on a physical device that needs to be contacted through a management system.
- The illustrative embodiment of the present invention provides the capability of taking management data in a specified file format and transforming it to generate MIBS.
FIG. 8 provides an example of the steps that are performed to transform the management data. Initially, a file is provided that contains management data and commands (Step 100). The file is then validated against schema by applying an XML style sheet (Step 102). Once the syntax and contents have been validated, the XML document is transformed into one or more MIBs (Step 104). A number of conventionally available tools may be employed to perform this transformation. In addition, source code may be generated from the MIB (Step 106). The source code is used to fill in data structures for use in a SNMP agent in themanagement facility 50. - The data commands in the file holding the management data may also be transformed to generate an SMF text file (step 108). The SMF text file created in
step 108 then may be passed through a code generator to generate source code in C++ or another language (Step 110). This source code fills in data structures for use in themanagement facility 50. In particular, it fills in values that are used by the CLI, the web interface and the XML interface. This enables the values to be put in a form that can be used by the programmatic and presentation interfaces. - The management data and commands may also be used to generate documentation for the CLI commands and to generally provide online help (Step 112).
- Since certain changes may be made without departing from the scope of the present invention, it is intended that all matter contained in the above description or shown in the accompanying drawings be interpreted as illustrative and not in a literal sense. Practitioners of the art will realize that the system configurations depicted and described herein are examples of multiple possible system configurations that fall within the scope of the current invention. Likewise, the sequences of steps discussed herein are examples and not the exclusive sequence of steps possible within the scope of the present invention.
Claims (22)
1-37. (canceled)
38. A physical device apparatus in a network, comprising:
a plurality of virtual elements configured on said physical device, each said virtual element associated with a collection of management information for said virtual element, said collection of management information including an access scope indicating a required user access level needed to access said information, wherein said collection of management information is associated with a virtual element identifier;
at least one environment object associated with a user interfaced with said device, said environment object including a collection of user profile information; and
a management facility, said management facility controlling the access of a user to a collection of management information associated with at least one of said virtual elements.
39. The apparatus of claim 38 wherein said management facility provides one of a system view and virtual element view to a user based on said user profile, said system view including a view of a plurality of said virtual elements.
40. The apparatus of claim 38 , comprising further:
a user interface, said user interface modified based on the scope and type of access privileges accorded to said user.
41. The apparatus of claim 38 wherein access to said management information is seeped based upon the access privileges accorded a user.
42. The apparatus of claim 38 wherein said collection of user profile information defines the type of access privileges of said user.
43. The apparatus of claim 38 wherein said collection of user profile information defines the scope of access privileges of said user.
44. The apparatus of claim 43 wherein said scope of access privileges of the user is set to one of a specified virtual element, a subset of virtual elements and unlimited access to management information for all of said virtual elements on said physical device.
45. The apparatus of claim 1 further comprising:
a schema for management data and commands stored in an XML (Extensible Markup Language) file.
46. The apparatus of claim 10 wherein data in said XML file is used to create one of a MIB (Management Information Base) file and a SMF (Simple Management Framework) file.
47. In a network, a method of controlling access to a plurality of virtual elements, said method comprising:
providing a physical device with a plurality of virtual elements configured thereon, each said virtual element associated with a collection of management information for said virtual element, said collection of management information including an access scope indicating a required user access level needed to access said information, wherein said collection of management information is associated with a virtual element identifier;
instantiating an environment object associated with a user interfaced with said device, said environment object including a collection of user profile information associated with said user;
requesting access for a user to a collection of said management information for a virtual element; and
determining whether to grant said request based on said user profile, information and said collection of management information.
48. The method of claim 47 wherein said request is contained in a CLI (Command Line Interface)-generated request, web-based request and programmatically generated request.
49. The method of claim 47 , further comprising:
providing a management facility facilitating one a of a system view and virtual element view to said user based on said user profile information with said user, said system view including a view of a plurality of said virtual elements.
50. The method of claim 47 wherein said collection of user profile information defines the type of access privileges of said user.
51. The method of claim 47 wherein said collection of user profile information defines the scope of access privileges of said user.
52. The method of claim 51 wherein the scope of access privileges of the user is set to one of a specified virtual element, a subset of virtual elements and unlimited access to configuration data of any virtual element configured on said physical device.
53. The method of claim 47 , further comprising:
allowing a user to access said collection of management information associated with a virtual element based on a response to the request.
54. The method of claim 47 , further comprising:
denying a user access to said collection of management information associated with a virtual element based on a response to the request.
55. The method of claim 47 , further comprising:
tagging each collection of management information with a virtual element identifier to associate each collection of management information with a particular virtual element.
55. The method of claim 47 , further comprising:
providing a user interface, said user interface modified based on the scope and type of access privileges accorded said user.
56. In a network including a physical device holding a medium, said medium holding executable stops for a method of controlling access to a plurality of virtual elements, said method comprising:
providing a physical device with a plurality of virtual elements configured thereon, each said virtual element associated with a collection of management information for said virtual element, said collection of management information including an access scope indicating a required user access level needed to access said information, wherein said collection of management information is associated with a virtual element identifier;
instantiating an environment object associated with a user interfaced with said device, said environment object including a collection of user profile information associated with said user;
requesting access for a user to a collection of said management information for a virtual element; and
determining whether to grant said request based on said user profile information and said collection of management information.
57. The medium of claim 25 wherein said request is contained in a CLI (Command Line Interface)-generated request, web-based request and programmatically generated request.
Priority Applications (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US12/358,605 US20090183239A1 (en) | 2004-04-30 | 2009-01-23 | Embedded management system for a physical device having virtual elements |
Applications Claiming Priority (2)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
US10/835,917 US7546631B1 (en) | 2004-04-30 | 2004-04-30 | Embedded management system for a physical device having virtual elements |
US12/358,605 US20090183239A1 (en) | 2004-04-30 | 2009-01-23 | Embedded management system for a physical device having virtual elements |
Related Parent Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/835,917 Continuation US7546631B1 (en) | 2004-04-30 | 2004-04-30 | Embedded management system for a physical device having virtual elements |
Publications (1)
Publication Number | Publication Date |
---|---|
US20090183239A1 true US20090183239A1 (en) | 2009-07-16 |
Family
ID=40688831
Family Applications (2)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/835,917 Active 2025-12-01 US7546631B1 (en) | 2004-04-30 | 2004-04-30 | Embedded management system for a physical device having virtual elements |
US12/358,605 Abandoned US20090183239A1 (en) | 2004-04-30 | 2009-01-23 | Embedded management system for a physical device having virtual elements |
Family Applications Before (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
US10/835,917 Active 2025-12-01 US7546631B1 (en) | 2004-04-30 | 2004-04-30 | Embedded management system for a physical device having virtual elements |
Country Status (1)
Country | Link |
---|---|
US (2) | US7546631B1 (en) |
Cited By (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012154604A2 (en) * | 2011-05-06 | 2012-11-15 | Big Switch Networks, Inc. | Systems and methods for managing virtual switches |
US20140006617A1 (en) * | 2012-06-29 | 2014-01-02 | VCE Company LLC | Personas in application lifecycle management |
Families Citing this family (4)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
FR2948247B1 (en) * | 2009-07-16 | 2011-12-09 | Univ Paris Curie | METHOD AND SYSTEM FOR HIGH PERFORMANCE AND AUTOMATED MANAGEMENT OF VIRTUAL NETWORKS. |
FR2948248B1 (en) | 2009-07-16 | 2011-08-19 | Univ Paris Curie | METHOD AND SYSTEM FOR STOLEN DEPLOYMENT AND ON REQUEST AT LEAST ONE VIRTUAL NETWORK. |
US8938808B1 (en) * | 2010-03-01 | 2015-01-20 | Symantec Corporation | Systems and methods for using virtualization to implement information rights management |
US9178886B2 (en) * | 2012-08-29 | 2015-11-03 | Red Hat Israel, Ltd. | Flattening permission trees in a virtualization environment |
Citations (66)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US5935209A (en) * | 1996-09-09 | 1999-08-10 | Next Level Communications | System and method for managing fiber-to-the-curb network elements |
US5974502A (en) * | 1995-10-27 | 1999-10-26 | Lsi Logic Corporation | Apparatus and method for analyzing and modifying data transfer reguests in a raid system |
US6052724A (en) * | 1997-09-02 | 2000-04-18 | Novell Inc | Method and system for managing a directory service |
US6175866B1 (en) * | 1997-11-24 | 2001-01-16 | International Business Machines Corporation | Method and system for generating unsupported network monitoring objects |
US6176883B1 (en) * | 1997-11-24 | 2001-01-23 | International Business Machines Corporation | System and method for generating unsupported network information indicators |
US20010042118A1 (en) * | 1996-02-13 | 2001-11-15 | Shigeru Miyake | Network managing method, medium and system |
US20020156987A1 (en) * | 2001-02-13 | 2002-10-24 | Confluence Neworks, Inc. | Storage virtualization and storage management to provide higher level storage services |
US20030004925A1 (en) * | 1997-03-25 | 2003-01-02 | Terry Knoblock | Method, system and program product that utilize a hierarchical conceptual framework to model an environment containing a collection of items |
US20030028624A1 (en) * | 2001-07-06 | 2003-02-06 | Taqi Hasan | Network management system |
US20030033387A1 (en) * | 2001-07-27 | 2003-02-13 | Adams Mark A. | Powertag: manufacturing and support system method and apparatus for multi-computer solutions |
US6529985B1 (en) * | 2000-02-04 | 2003-03-04 | Ensim Corporation | Selective interception of system calls |
US20030051021A1 (en) * | 2001-09-05 | 2003-03-13 | Hirschfeld Robert A. | Virtualized logical server cloud |
US20030065676A1 (en) * | 2001-09-05 | 2003-04-03 | Microsoft Corporation | Methods and system of managing concurrent access to multiple resources |
US6560613B1 (en) * | 2000-02-08 | 2003-05-06 | Ensim Corporation | Disambiguating file descriptors |
US20030098353A1 (en) * | 1999-06-07 | 2003-05-29 | Metrologic Instruments, Inc. | Planar laser illumination and imaging (PLIIM) engine |
US20030149848A1 (en) * | 2001-09-07 | 2003-08-07 | Rahim Ibrahim | Wire-speed data transfer in a storage virtualization controller |
US6618736B1 (en) * | 2001-03-09 | 2003-09-09 | Ensim Corporation | Template-based creation and archival of file systems |
US20030177135A1 (en) * | 2000-10-13 | 2003-09-18 | Axon Information Technology Pty Ltd. | Multi-user database for computer-based information |
US20030204597A1 (en) * | 2002-04-26 | 2003-10-30 | Hitachi, Inc. | Storage system having virtualized resource |
US20030233510A1 (en) * | 2002-06-18 | 2003-12-18 | Veritas Software Corporation | Storage resource integration layer interfaces |
US20030233494A1 (en) * | 2002-05-06 | 2003-12-18 | Sukha Ghosh | Application program interface-access to hardware services for storage management applications |
US20030236945A1 (en) * | 2000-04-18 | 2003-12-25 | Storeage Networking Technologies, | Storage virtualization in a storage area network |
US20040010666A1 (en) * | 2002-07-11 | 2004-01-15 | Veritas Software Corporation | Storage services and systems |
US6681232B1 (en) * | 2000-06-07 | 2004-01-20 | Yipes Enterprise Services, Inc. | Operations and provisioning systems for service level management in an extended-area data communications network |
US6687747B1 (en) * | 1999-10-28 | 2004-02-03 | Utstarcom, Inc. | System and network interoperations using a MIB-based object-oriented signaling protocol |
US20040025719A1 (en) * | 2000-06-07 | 2004-02-12 | Pietikaeinen Reijo | Method for profiling a paper web |
US6697845B1 (en) * | 2000-05-25 | 2004-02-24 | Alcatel | Network node management system and method using proxy by extensible agents |
US20040039745A1 (en) * | 2002-08-23 | 2004-02-26 | Evans Stephen C. | Apparatus and method for associating classes |
US6711607B1 (en) * | 2000-02-04 | 2004-03-23 | Ensim Corporation | Dynamic scheduling of task streams in a multiple-resource system to ensure task stream quality of service |
US20040078293A1 (en) * | 2000-12-21 | 2004-04-22 | Vaughn Iverson | Digital content distribution |
US6732211B1 (en) * | 2000-09-18 | 2004-05-04 | Ensim Corporation | Intercepting I/O multiplexing operations involving cross-domain file descriptor sets |
US6754716B1 (en) * | 2000-02-11 | 2004-06-22 | Ensim Corporation | Restricting communication between network devices on a common network |
US20040122922A1 (en) * | 2002-12-19 | 2004-06-24 | International Business Machines Corporation | Method of automatically generating an SNMP management information base from extension-enabled management agents |
US20040205143A1 (en) * | 2003-02-07 | 2004-10-14 | Tetsuya Uemura | Network storage virtualization method and system |
US20040225719A1 (en) * | 2003-05-07 | 2004-11-11 | International Business Machines Corporation | Distributed file serving architecture system with metadata storage virtualization and data access at the data server connection speed |
US6877044B2 (en) * | 2000-02-10 | 2005-04-05 | Vicom Systems, Inc. | Distributed storage management platform architecture |
US20050108707A1 (en) * | 2003-11-14 | 2005-05-19 | Taylor Thomas M. | Systems and methods for creating and managing a virtual retail store on end-user client computers within a network |
US20050108709A1 (en) * | 2003-10-28 | 2005-05-19 | Sciandra John R. | Method and apparatus for accessing and managing virtual machines |
US20050120160A1 (en) * | 2003-08-20 | 2005-06-02 | Jerry Plouffe | System and method for managing virtual servers |
US6907421B1 (en) * | 2000-05-16 | 2005-06-14 | Ensim Corporation | Regulating file access rates according to file type |
US6909691B1 (en) * | 2000-08-07 | 2005-06-21 | Ensim Corporation | Fairly partitioning resources while limiting the maximum fair share |
US6948003B1 (en) * | 2000-03-15 | 2005-09-20 | Ensim Corporation | Enabling a service provider to provide intranet services |
US6948044B1 (en) * | 2002-07-30 | 2005-09-20 | Cisco Systems, Inc. | Methods and apparatus for storage virtualization |
US20050210098A1 (en) * | 2004-03-16 | 2005-09-22 | Fujitsu Limited | Storage management system and method |
US6954924B2 (en) * | 2001-09-20 | 2005-10-11 | International Business Machines Corporation | System and method for employing externalized, dynamically configurable, cacheable trigger points |
US20050229152A1 (en) * | 2004-04-08 | 2005-10-13 | Brian Connell | Integrated modeling environment |
US20050267986A1 (en) * | 2004-05-11 | 2005-12-01 | Hitachi, Ltd. | Virtualization switch and storage system |
US6976258B1 (en) * | 1999-11-30 | 2005-12-13 | Ensim Corporation | Providing quality of service guarantees to virtual hosts |
US20050276092A1 (en) * | 2004-06-14 | 2005-12-15 | Hansen Peter A | Virtual mass storage device for server management information |
US6985937B1 (en) * | 2000-05-11 | 2006-01-10 | Ensim Corporation | Dynamically modifying the resources of a virtual server |
US7020734B2 (en) * | 2002-12-09 | 2006-03-28 | Hitachi, Ltd. | Connecting device of storage device and computer system including the same connecting device |
US7028158B1 (en) * | 2001-11-02 | 2006-04-11 | Beatty And Company Computing, Inc. | Storage virtualization engine |
US7051167B2 (en) * | 2001-07-13 | 2006-05-23 | Hitachi, Ltd. | Security for logical unit in storage subsystem |
US20060155398A1 (en) * | 1991-12-23 | 2006-07-13 | Steven Hoffberg | Adaptive pattern recognition based control system and method |
US7080229B2 (en) * | 2002-10-28 | 2006-07-18 | Network Appliance Inc. | Method and system for strategy driven provisioning of storage in a storage area network |
US7099947B1 (en) * | 2001-06-08 | 2006-08-29 | Cisco Technology, Inc. | Method and apparatus providing controlled access of requests from virtual private network devices to managed information objects using simple network management protocol |
US7127558B2 (en) * | 2003-09-02 | 2006-10-24 | Hitachi, Ltd. | Virtualization controller, access path control method and computer system |
US7133988B2 (en) * | 2004-02-25 | 2006-11-07 | Hitachi, Ltd. | Method and apparatus for managing direct I/O to storage systems in virtualization |
US7143024B1 (en) * | 2000-07-07 | 2006-11-28 | Ensim Corporation | Associating identifiers with virtual processes |
US7194538B1 (en) * | 2002-06-04 | 2007-03-20 | Veritas Operating Corporation | Storage area network (SAN) management system for discovering SAN components using a SAN management server |
US7219354B1 (en) * | 2000-12-22 | 2007-05-15 | Ensim Corporation | Virtualizing super-user privileges for multiple virtual processes |
US20070112574A1 (en) * | 2003-08-05 | 2007-05-17 | Greene William S | System and method for use of mobile policy agents and local services, within a geographically distributed service grid, to provide greater security via local intelligence and life-cycle management for RFlD tagged items |
US20070174583A1 (en) * | 2002-03-07 | 2007-07-26 | Fujitsu Limited | Conversion management device and conversion management method for a storage virtualization system |
US20080034334A1 (en) * | 2004-02-17 | 2008-02-07 | Oussama Laouamri | Integrated Circuit Chip with Communication Means Enabling Remote Control of Testing Means of Ip Cores of the Integrated Circuit |
US7343404B1 (en) * | 1999-12-21 | 2008-03-11 | Cisco Technology, Inc. | Efficient representation of system network management object identifiers |
US7620630B2 (en) * | 2003-11-12 | 2009-11-17 | Oliver Lloyd Pty Ltd | Directory system |
-
2004
- 2004-04-30 US US10/835,917 patent/US7546631B1/en active Active
-
2009
- 2009-01-23 US US12/358,605 patent/US20090183239A1/en not_active Abandoned
Patent Citations (76)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US20060155398A1 (en) * | 1991-12-23 | 2006-07-13 | Steven Hoffberg | Adaptive pattern recognition based control system and method |
US5974502A (en) * | 1995-10-27 | 1999-10-26 | Lsi Logic Corporation | Apparatus and method for analyzing and modifying data transfer reguests in a raid system |
US20010042118A1 (en) * | 1996-02-13 | 2001-11-15 | Shigeru Miyake | Network managing method, medium and system |
US6732170B2 (en) * | 1996-02-13 | 2004-05-04 | Hitachi, Ltd. | Network managing method, medium and system |
US5935209A (en) * | 1996-09-09 | 1999-08-10 | Next Level Communications | System and method for managing fiber-to-the-curb network elements |
US20030004925A1 (en) * | 1997-03-25 | 2003-01-02 | Terry Knoblock | Method, system and program product that utilize a hierarchical conceptual framework to model an environment containing a collection of items |
US6052724A (en) * | 1997-09-02 | 2000-04-18 | Novell Inc | Method and system for managing a directory service |
US6176883B1 (en) * | 1997-11-24 | 2001-01-23 | International Business Machines Corporation | System and method for generating unsupported network information indicators |
US6175866B1 (en) * | 1997-11-24 | 2001-01-16 | International Business Machines Corporation | Method and system for generating unsupported network monitoring objects |
US20030102379A1 (en) * | 1999-06-07 | 2003-06-05 | Metrologic Instruments Inc. | LED-based planar light illumination and imaging (PLIIM) engine |
US20030218070A1 (en) * | 1999-06-07 | 2003-11-27 | Metrologic Instruments, Inc. | Hand-supportable planar laser illumination and imaging (PLIIM) based camera system capable of producing digital linear images of a object, containing pixels having a substantially uniform aspectratio independent of the measured relative velocity of said object while manually moving said PLIIM based camera system past said object during illumination and imaging operations |
US20030098353A1 (en) * | 1999-06-07 | 2003-05-29 | Metrologic Instruments, Inc. | Planar laser illumination and imaging (PLIIM) engine |
US6687747B1 (en) * | 1999-10-28 | 2004-02-03 | Utstarcom, Inc. | System and network interoperations using a MIB-based object-oriented signaling protocol |
US6976258B1 (en) * | 1999-11-30 | 2005-12-13 | Ensim Corporation | Providing quality of service guarantees to virtual hosts |
US7343404B1 (en) * | 1999-12-21 | 2008-03-11 | Cisco Technology, Inc. | Efficient representation of system network management object identifiers |
US6529985B1 (en) * | 2000-02-04 | 2003-03-04 | Ensim Corporation | Selective interception of system calls |
US6711607B1 (en) * | 2000-02-04 | 2004-03-23 | Ensim Corporation | Dynamic scheduling of task streams in a multiple-resource system to ensure task stream quality of service |
US6560613B1 (en) * | 2000-02-08 | 2003-05-06 | Ensim Corporation | Disambiguating file descriptors |
US6877044B2 (en) * | 2000-02-10 | 2005-04-05 | Vicom Systems, Inc. | Distributed storage management platform architecture |
US6754716B1 (en) * | 2000-02-11 | 2004-06-22 | Ensim Corporation | Restricting communication between network devices on a common network |
US6948003B1 (en) * | 2000-03-15 | 2005-09-20 | Ensim Corporation | Enabling a service provider to provide intranet services |
US6898670B2 (en) * | 2000-04-18 | 2005-05-24 | Storeage Networking Technologies | Storage virtualization in a storage area network |
US20030236945A1 (en) * | 2000-04-18 | 2003-12-25 | Storeage Networking Technologies, | Storage virtualization in a storage area network |
US6985937B1 (en) * | 2000-05-11 | 2006-01-10 | Ensim Corporation | Dynamically modifying the resources of a virtual server |
US6907421B1 (en) * | 2000-05-16 | 2005-06-14 | Ensim Corporation | Regulating file access rates according to file type |
US6697845B1 (en) * | 2000-05-25 | 2004-02-24 | Alcatel | Network node management system and method using proxy by extensible agents |
US20040025719A1 (en) * | 2000-06-07 | 2004-02-12 | Pietikaeinen Reijo | Method for profiling a paper web |
US6681232B1 (en) * | 2000-06-07 | 2004-01-20 | Yipes Enterprise Services, Inc. | Operations and provisioning systems for service level management in an extended-area data communications network |
US7143024B1 (en) * | 2000-07-07 | 2006-11-28 | Ensim Corporation | Associating identifiers with virtual processes |
US6909691B1 (en) * | 2000-08-07 | 2005-06-21 | Ensim Corporation | Fairly partitioning resources while limiting the maximum fair share |
US6732211B1 (en) * | 2000-09-18 | 2004-05-04 | Ensim Corporation | Intercepting I/O multiplexing operations involving cross-domain file descriptor sets |
US20030177135A1 (en) * | 2000-10-13 | 2003-09-18 | Axon Information Technology Pty Ltd. | Multi-user database for computer-based information |
US20040078293A1 (en) * | 2000-12-21 | 2004-04-22 | Vaughn Iverson | Digital content distribution |
US7219354B1 (en) * | 2000-12-22 | 2007-05-15 | Ensim Corporation | Virtualizing super-user privileges for multiple virtual processes |
US20020156987A1 (en) * | 2001-02-13 | 2002-10-24 | Confluence Neworks, Inc. | Storage virtualization and storage management to provide higher level storage services |
US6618736B1 (en) * | 2001-03-09 | 2003-09-09 | Ensim Corporation | Template-based creation and archival of file systems |
US7099947B1 (en) * | 2001-06-08 | 2006-08-29 | Cisco Technology, Inc. | Method and apparatus providing controlled access of requests from virtual private network devices to managed information objects using simple network management protocol |
US20030028624A1 (en) * | 2001-07-06 | 2003-02-06 | Taqi Hasan | Network management system |
US7082464B2 (en) * | 2001-07-06 | 2006-07-25 | Juniper Networks, Inc. | Network management system |
US7051167B2 (en) * | 2001-07-13 | 2006-05-23 | Hitachi, Ltd. | Security for logical unit in storage subsystem |
US20030033387A1 (en) * | 2001-07-27 | 2003-02-13 | Adams Mark A. | Powertag: manufacturing and support system method and apparatus for multi-computer solutions |
US6880002B2 (en) * | 2001-09-05 | 2005-04-12 | Surgient, Inc. | Virtualized logical server cloud providing non-deterministic allocation of logical attributes of logical servers to physical resources |
US20030051021A1 (en) * | 2001-09-05 | 2003-03-13 | Hirschfeld Robert A. | Virtualized logical server cloud |
US20030065676A1 (en) * | 2001-09-05 | 2003-04-03 | Microsoft Corporation | Methods and system of managing concurrent access to multiple resources |
US20030149848A1 (en) * | 2001-09-07 | 2003-08-07 | Rahim Ibrahim | Wire-speed data transfer in a storage virtualization controller |
US6954924B2 (en) * | 2001-09-20 | 2005-10-11 | International Business Machines Corporation | System and method for employing externalized, dynamically configurable, cacheable trigger points |
US7028158B1 (en) * | 2001-11-02 | 2006-04-11 | Beatty And Company Computing, Inc. | Storage virtualization engine |
US20070174583A1 (en) * | 2002-03-07 | 2007-07-26 | Fujitsu Limited | Conversion management device and conversion management method for a storage virtualization system |
US7222172B2 (en) * | 2002-04-26 | 2007-05-22 | Hitachi, Ltd. | Storage system having virtualized resource |
US20030204597A1 (en) * | 2002-04-26 | 2003-10-30 | Hitachi, Inc. | Storage system having virtualized resource |
US7093038B2 (en) * | 2002-05-06 | 2006-08-15 | Ivivity, Inc. | Application program interface-access to hardware services for storage management applications |
US20030233494A1 (en) * | 2002-05-06 | 2003-12-18 | Sukha Ghosh | Application program interface-access to hardware services for storage management applications |
US7194538B1 (en) * | 2002-06-04 | 2007-03-20 | Veritas Operating Corporation | Storage area network (SAN) management system for discovering SAN components using a SAN management server |
US20030233510A1 (en) * | 2002-06-18 | 2003-12-18 | Veritas Software Corporation | Storage resource integration layer interfaces |
US20040010666A1 (en) * | 2002-07-11 | 2004-01-15 | Veritas Software Corporation | Storage services and systems |
US7043614B2 (en) * | 2002-07-11 | 2006-05-09 | Veritas Operating Corporation | Storage services and systems |
US6948044B1 (en) * | 2002-07-30 | 2005-09-20 | Cisco Systems, Inc. | Methods and apparatus for storage virtualization |
US20040039745A1 (en) * | 2002-08-23 | 2004-02-26 | Evans Stephen C. | Apparatus and method for associating classes |
US7080229B2 (en) * | 2002-10-28 | 2006-07-18 | Network Appliance Inc. | Method and system for strategy driven provisioning of storage in a storage area network |
US7020734B2 (en) * | 2002-12-09 | 2006-03-28 | Hitachi, Ltd. | Connecting device of storage device and computer system including the same connecting device |
US20040122922A1 (en) * | 2002-12-19 | 2004-06-24 | International Business Machines Corporation | Method of automatically generating an SNMP management information base from extension-enabled management agents |
US20040205143A1 (en) * | 2003-02-07 | 2004-10-14 | Tetsuya Uemura | Network storage virtualization method and system |
US20040225719A1 (en) * | 2003-05-07 | 2004-11-11 | International Business Machines Corporation | Distributed file serving architecture system with metadata storage virtualization and data access at the data server connection speed |
US20070112574A1 (en) * | 2003-08-05 | 2007-05-17 | Greene William S | System and method for use of mobile policy agents and local services, within a geographically distributed service grid, to provide greater security via local intelligence and life-cycle management for RFlD tagged items |
US20050120160A1 (en) * | 2003-08-20 | 2005-06-02 | Jerry Plouffe | System and method for managing virtual servers |
US7127558B2 (en) * | 2003-09-02 | 2006-10-24 | Hitachi, Ltd. | Virtualization controller, access path control method and computer system |
US7246174B2 (en) * | 2003-10-28 | 2007-07-17 | Nacon Consulting, Llc | Method and system for accessing and managing virtual machines |
US20050108709A1 (en) * | 2003-10-28 | 2005-05-19 | Sciandra John R. | Method and apparatus for accessing and managing virtual machines |
US7620630B2 (en) * | 2003-11-12 | 2009-11-17 | Oliver Lloyd Pty Ltd | Directory system |
US20050108707A1 (en) * | 2003-11-14 | 2005-05-19 | Taylor Thomas M. | Systems and methods for creating and managing a virtual retail store on end-user client computers within a network |
US20080034334A1 (en) * | 2004-02-17 | 2008-02-07 | Oussama Laouamri | Integrated Circuit Chip with Communication Means Enabling Remote Control of Testing Means of Ip Cores of the Integrated Circuit |
US7133988B2 (en) * | 2004-02-25 | 2006-11-07 | Hitachi, Ltd. | Method and apparatus for managing direct I/O to storage systems in virtualization |
US20050210098A1 (en) * | 2004-03-16 | 2005-09-22 | Fujitsu Limited | Storage management system and method |
US20050229152A1 (en) * | 2004-04-08 | 2005-10-13 | Brian Connell | Integrated modeling environment |
US20050267986A1 (en) * | 2004-05-11 | 2005-12-01 | Hitachi, Ltd. | Virtualization switch and storage system |
US20050276092A1 (en) * | 2004-06-14 | 2005-12-15 | Hansen Peter A | Virtual mass storage device for server management information |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012154604A2 (en) * | 2011-05-06 | 2012-11-15 | Big Switch Networks, Inc. | Systems and methods for managing virtual switches |
WO2012154604A3 (en) * | 2011-05-06 | 2013-01-03 | Big Switch Networks, Inc. | Systems and methods for managing virtual switches |
US8416796B2 (en) | 2011-05-06 | 2013-04-09 | Big Switch Networks, Inc. | Systems and methods for managing virtual switches |
US20140006617A1 (en) * | 2012-06-29 | 2014-01-02 | VCE Company LLC | Personas in application lifecycle management |
US9363270B2 (en) * | 2012-06-29 | 2016-06-07 | Vce Company, Llc | Personas in application lifecycle management |
Also Published As
Publication number | Publication date |
---|---|
US7546631B1 (en) | 2009-06-09 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
US10623406B2 (en) | Access authentication for cloud-based shared content | |
US11272030B2 (en) | Dynamic runtime interface for device management | |
US9253192B1 (en) | Pluggable login architecture and dynamic resource recognition | |
US9591038B2 (en) | Feature set differentiation by tenant and user | |
US6775781B1 (en) | Administrative security systems and methods | |
US6044465A (en) | User profile storage on and retrieval from a non-native server domain for use in a client running a native operating system | |
US6092199A (en) | Dynamic creation of a user account in a client following authentication from a non-native server domain | |
US9213513B2 (en) | Maintaining synchronization of virtual machine image differences across server and host computers | |
US8407353B2 (en) | Method and system for sharing different web components between different web sites in a portal framework | |
US20160285852A1 (en) | Remote Network Access Via Virtual Machine | |
US8931110B2 (en) | Security restrictions on binary behaviors | |
US20150186176A1 (en) | Dynamic allocation and assignment of virtual environment | |
US20190190898A1 (en) | Methods and systems for managing internet preferences | |
US7334039B1 (en) | Techniques for generating rules for a dynamic rule-based system that responds to requests for a resource on a network | |
US7596562B2 (en) | System and method for managing access control list of computer systems | |
EP3374857B1 (en) | Dashboard as remote computing services | |
US20090259945A1 (en) | System and method for generating web based multi-tier, wiki-based control panels | |
US20090183239A1 (en) | Embedded management system for a physical device having virtual elements | |
US20050278723A1 (en) | System and method for remote administration from a windows client of computer systems running the Linux operating system | |
US20090254982A1 (en) | Methods, programs and a system of providing remote access | |
US8949930B1 (en) | Template representation of security resources | |
US20100131351A1 (en) | Selecting Between Client-Side and Server-Side Market Detection | |
US20120079393A1 (en) | Adaptable License Platform for Remote Sessions | |
Cisco | Release Notes for Cisco Subscriber Edge Services Manager, Release 3.1(1) | |
US10075448B2 (en) | Password setup management |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
STCB | Information on status: application discontinuation |
Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION |