WO2010059438A2 - Unified storage for configuring muliple networking technologies - Google Patents

Unified storage for configuring muliple networking technologies Download PDF

Info

Publication number
WO2010059438A2
WO2010059438A2 PCT/US2009/063623 US2009063623W WO2010059438A2 WO 2010059438 A2 WO2010059438 A2 WO 2010059438A2 US 2009063623 W US2009063623 W US 2009063623W WO 2010059438 A2 WO2010059438 A2 WO 2010059438A2
Authority
WO
WIPO (PCT)
Prior art keywords
network connection
network
settings
computer
media
Prior art date
Application number
PCT/US2009/063623
Other languages
French (fr)
Other versions
WO2010059438A3 (en
Inventor
Deon C. Brewis
Taroon Mandhana
Pehkeong Teh
Original Assignee
Microsoft Corporation
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corporation filed Critical Microsoft Corporation
Priority to CN200980147048.2A priority Critical patent/CN102224708B/en
Priority to EP09828006A priority patent/EP2351293A2/en
Publication of WO2010059438A2 publication Critical patent/WO2010059438A2/en
Publication of WO2010059438A3 publication Critical patent/WO2010059438A3/en

Links

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/01Protocols
    • H04L67/12Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
    • H04L67/125Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/14Session management
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network arrangements or protocols for supporting network services or applications
    • H04L67/2866Architectures; Arrangements
    • H04L67/30Profiles
    • H04L67/303Terminal profiles

Definitions

  • a computing device includes a piece of hardware, such as a host interface card or host adapter bus (NIC/HBA), which serves as an interface between the remainder of computing device and the physical network medium. Additional software, such as device drivers, may be installed to enable the computing device's operating system to communicate with the NIC/HBA.
  • NIC/HBA host interface card or host adapter bus
  • Additional software such as device drivers, may be installed to enable the computing device's operating system to communicate with the NIC/HBA.
  • many computing devices also may connect to one or more networks via virtual media types.
  • a corporate employee with public Internet access may connect to a corporate virtual private network (VPN) by creating a secure shell (SSH) tunnel through the Internet.
  • SSH secure shell
  • Supporting a virtual media type typically does not require special hardware, as communications over the virtual network (e.g., a VPN) typically are transmitted via an existing physical network (e.g., are carried in the payload of the packets over the Internet).
  • a system administrator needs to launch multiple software programs (also known as media managers) to configure settings for different media types (either physical or virtual). For example, as shown in FIG. 1, a system administrator may need to launch a Wi-Fi configuration interface 102 through Wi- Fi manager 106 to configure Wi-Fi settings for connecting to network 122, to launch a separate Ethernet configuration interface 104 through Ethernet manager
  • Wi-Fi manager 106 may store some configuration information in a database 112 accessible to Wi-Fi driver 110, and other configuration information may be passed to Wi-Fi driver 110 directly, which may store that configuration information in hardware registers in Wi-Fi card 118.
  • Ethernet manager 108 may store some configuration information in a file 114 at a designated location accessible to Ethernet driver 116, while other configuration information may be passed to Ethernet driver 116 directly and stored in hardware registers in Ethernet card 120.
  • a unified configuration interface is provided that enables an administrator to configure multiple aspects of network connectivity.
  • the unified configuration interface may be used to configure two or more different media types.
  • conventional systems may have multiple media managers that may handle and store configuration information differently and in several places, making it difficult and time consuming to restore settings on a computing device for the media managers in case of failures or to replicate settings from one computing device to another.
  • a single configuration file comprising settings for multiple media types may be generated based on preferences entered by a system administrator, or a single configuration file may be created by exporting, from a particular computing device, current settings for multiple media types.
  • Applicants have further recognized that conventional media managers are configured with dedicated interfaces, making it difficult to specify policies that involve multiple media types.
  • global configuration policies or other configuration settings that span multiple media types may be created.
  • a network and connection provisioning framework for configuring and provisioning various aspects of network connectivity.
  • Individual media managers may implement a standardized application programming interface (API) so that they may interoperate with the network and connection provisioning framework.
  • API application programming interface
  • the standardized API may be used to ensure that configuration information is handled and stored in a standardized manner by different media managers. This facilitates the process of developing and adding new media managers, rather than having unique and proprietary interfaces for each media manager.
  • FIG. 1 illustrates a computer system comprising two media managers and a conventional system for configuring those media managers via separate configuration interfaces;
  • FIG. 2 illustrates a network and connection provisioning framework for configuring and provisioning multiple types of network connectivity in accordance with some embodiments of the invention
  • FIG. 3 illustrates a network and connection provisioning framework of the type shown in Fig. 2, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment;
  • FIG. 4 illustrates a network and connection provisioning framework adapted to receive configuration information exported from media managers and/or device drivers in accordance with some embodiments of the invention;
  • FIG. 5 illustrates a network and connection provisioning framework of the type shown in Fig. 4, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment
  • FIG. 6 illustrates a process of importing to a client computer a configuration file created by a network and connection provisioning framework in accordance with some embodiment of the invention
  • FIG. 7 illustrates a network and connection provisioning framework comprising a provisioning component for provisioning on a client computer configuration settings for multiple types of network connectivity via a single configuration file in accordance with some embodiments of the invention
  • FIG. 8 illustrates a network and connection provisioning framework of the type shown in Fig. 7, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment
  • FIG. 9 illustrates an exemplary configuration interface for configuring and provisioning various aspects of network connectivity in accordance with some embodiments of the invention.
  • FIG. 10 illustrates an exemplary interface for exporting, from a computing device, existing configuration settings in accordance with some embodiments of the invention
  • FIG. 11 illustrates an exemplary interface for importing configuration settings from a configuration file in accordance with some embodiments of the invention
  • FIG. 12 illustrates an example of a standardized hierarchical structure for storing configuration information in accordance with some embodiments of the invention.
  • FIG. 13 is a schematic illustration of an exemplary computer, on which aspects of the invention may be implemented.
  • a unified configuration interface that enables an administrator to configure multiple aspects of network connectivity.
  • the unified configuration interface may be used to configure two or more different media types, providing a number of advantages as discussed below.
  • a single configuration file comprising settings for multiple media types may be generated based on preferences entered by a system administrator, or by exporting, from a particular computing device, current settings for multiple media types.
  • Applicants have further recognized that conventional media managers do not necessarily communicate with each other, making it difficult to specify policies that involve multiple media types.
  • global configuration policies and/or other configuration settings that span multiple media types may be created, which provides a number of advantages as discussed below.
  • a network and connection provisioning framework for configuring and provisioning various aspects of network connectivity, and that implements standardized application programming interface (API) for media managers to employ to enable them to interoperate with the network and connection provisioning framework.
  • API application programming interface
  • Providing a standardized API ensures that configuration information is handled and stored in a standardized manner by different media managers.
  • a network and connection provisioning framework 204 is provided that presents to a system administrator a single network and connection configuration interface 202 for configuring multiple aspects of network connectivity. These aspects may include multiple networks, multiple media types, multiple connections to a same network using a same media type or different media types, etc. Any combination of desired aspects of network connectivity (e.g., any number of networks, media types, and/or connections) may be configured via interface 202, as the invention is not limited in this respect. Examples of networks include enterprise networks (e.g., corporate, government, and university networks), public networks (e.g., WiFi hotspots at airports and public library networks), and personal home networks. Examples of media types include Wi-Fi, Ethernet, VPN, etc.
  • the network and connection provisioning framework 204 may process the information collected via the configuration interface 202, and may generate a configuration file 206 as a result of the processing.
  • the types of information collected, the form of the configuration file, and the nature and extent of the processing of the collected information to create the configuration file are not limitations of the invention, and may vary depending on a number of factors, such as the specific aspects of network connectivity being configured, the types of configuration settings that relate thereto, etc.
  • configuration file 206 may comprise settings for any number of specific networks (e.g., networks 1 through M) and media types (e.g., media types 1 through N).
  • configuration interface 202 may also allow users to specify global policies and/or other settings relating to multiple aspects of network connectivity.
  • global policies and/or other settings may also be stored in the same configuration file 206 as the other configuration information.
  • the aspect of the invention that relates to allowing the configuration of global policies is not limited in this respect, and can be implemented using one or more separated configuration files for global policies.
  • Global policies and/or other settings may relate to any combination of the configurable aspects of network connectivity, as the invention is not limited in this respect.
  • a user may specify via configuration interface 202 preferences of media types when attempting to connect to a particular network, (e.g., when multiple media types are available), particular settings for a first media type that may be enforced only when a second media type is in active use, etc.
  • FIG. 2 employs a number of different inventive features, e.g., those relating to (1) providing a common interface for configuring multiple aspects of network connectivity; (2) providing a single configuration file for storing configuration information pertaining to multiple aspects of network connectivity, and (3) enabling the establishment of global policies that span multiple aspects of network connectivity.
  • Each of these features is advantageous for one or more reasons discussed herein. However, these features are not limited to being employed together, as other embodiments contemplate each of these features being used separately or in any combination.
  • Configuration file 206 may comprise other types of information and may be structured in any suitable way. An exemplary structure is illustrated in FIG. 9 and will be discussed in greater detail below.
  • network and connection provisioning framework 304 comprises a management component 308 and is configured to receive a plurality of plug-in modules, e.g., plug-in 1 through plug-in N (310-312).
  • the plug-in modules may be developed by the same software developer(s) as the management component 308, or by different software developers.
  • the management component 308 may provide functionality that crosses all aspects of network connectivity (e.g., all networks, media types, and/or connections), and each plug-in may implement functionality directed to a particular aspect of network connectivity.
  • a plug-in module may be loaded for each media type available on a computing device.
  • plug-in 310 may be associated with
  • plug-in 312 may be associated with Bluetooth.
  • the use of plug-ins allows an underlying framework to extend easily. For instance, whenever a new media type becomes available, a new plug-in may be loaded into network and connection provisioning framework 304 to handle the collection and processing of configuration information specifically pertaining to the new media type. No additional changes need to be made to framework 304.
  • a system administrator may launch the same configuration interface 302.
  • configuration interface 302 may comprise new interface elements implemented by the new plug-in, these new interface elements may be organized and presented in a way that is already familiar to the system administrator, so that minimal learning effort is required to configure the new media type.
  • the use of plug-ins may shield the management component 308 of the network and connection provisioning framework from the implementation details of each media type.
  • each plug-in may implement its own interface elements to be presented through the configuration interface 302.
  • the configuration interface 302 may simply be a shell hosting various interfaces implemented by the plug-ins, and the software for presenting the configuration interface 302 need not deal with the peculiarities associated with different media types.
  • the management component 308 need not "understand" what information is relevant and what options to present to the system administrator in configuring an Ethernet connection. All of that information will be supplied by a plug-in module associated with Ethernet, e.g., plug-in 310 in FIG. 3.
  • the plug-ins and management component can be adapted to share the processing of information in any suitable manner.
  • plug-ins may perform initial processing of the information collected through the configuration interface 302.
  • management component 308 need not have complete knowledge of how information should be handled and stored for every media type.
  • the management component may simply "package" processed information received from the plug-ins into a single configuration file.
  • the management component 308 may perform some further processing, e.g., extracting and regrouping information provided by the plug-ins, or some other processing.
  • the network and connection provisioning framework 204 may also collect existing configuration settings that are already provisioned on a computing device. This is referred to as "exporting" existing settings.
  • the network and connection provisioning framework may interface with multiple media managers to retrieve configuration settings, including different types of media managers that handle and store information differently.
  • Media managers may reside on a computing device to manage various aspects of network connectivity on the computing device. For example, a media manager may be associated with a media type available on the computing device and may have access to existing configuration settings pertaining to that media type.
  • network and connection provisioning framework 404 may interface with Ethernet manager 410 and
  • Bluetooth manager 412 to retrieve configuration settings for Ethernet and Bluetooth, respectively.
  • the network and connection provisioning framework 404 may also interface directly with device drivers (e.g., if the media managers do not provide an interface through which all desired configuration information can be retrieved). An example of this is shown in FIG. 4, where network and connection provisioning framework 404 interfaces both with Ethernet manager 410 and with Ethernet driver 414). Additionally, or alternatively, network and connection provisioning framework 404 may retrieve configuration information from any other suitable location (e.g., a database or a configuration file at a known location).
  • FIG. 5 shows an embodiment in which the network and connection provisioning framework 504 comprises a management component 508 and a plurality of plug-ins (e.g., 522- 524), where the plug-ins interface with media managers and/or device drivers to collect configuration settings.
  • the use of plug-ins may shield management component 508 from the implementation details of various media types.
  • Ethernet plug-in 522 may collection configuration information directly from Ethernet driver 514 and/or Ethernet manager 510, and process the collected information before it is passed on to management component 508.
  • Bluetooth plug-in 524 may collect configuration information from Bluetooth driver 516 and/or Bluetooth manager 512 and process the collected information before passing it on to management component 508.
  • the aspect of the invention directed to collecting existing configuration settings is not limited by the manner in which plug-ins collect configuration information. They may interface with media managers and/or device drivers, and/or they may obtain configuration information from databases, configuration files or any other suitable sources.
  • the files may be saved on any suitable storage medium.
  • the configuration f ⁇ le(s) 606 created by network and connection provisioning framework 604 may also be transferred to a client device 608 where it is used to provision the client device according to the configuration settings in the file(s). The transfer may take place in any suitable manner, as the invention is not limited in this respect.
  • the configuration f ⁇ le(s) may be copied to the client device via a transportable physical storage medium (e.g., a smart card, a flash drive, etc.).
  • the configuration file may be placed in a store (e.g., a web site) accessible to the client device and be accessed by the client device therefrom.
  • a provisioning component may be installed on client devices to provision the client device according to the configuration settings in the configuration f ⁇ le(s).
  • the provisioning component may be considered as part of the network and connection provisioning framework, but it should be appreciated that the aspects of the invention described herein are not limited in this respect, as the components of the system that present a user interface to create one or more configuration files and the provisioning component on the client devices may be viewed as separate system components.
  • provisioning component 708 may parse the file(s) to extract configuration information.
  • provisioning component 708 may be capable of discerning which pieces of information are relevant for which aspects of network connectivity and may forward to each component on the client device to be configured (e.g., each media manager) only the information relevant for that component. For example, provisioning component 708 may extract all information relating to Bluetooth
  • provisioning component 708 may simply pass along the configuration information, or may process it to be more compatible with the Bluetooth manager 712. The Bluetooth manager 712 may then configure Bluetooth driver 716 and/or Bluetooth card 720 according to the received configuration information.
  • provisioning component 708 may provision the received configuration settings by interfacing with device drivers.
  • provisioning component 708 may extract all configuration information pertaining to Ethernet and forward it directly to Ethernet driver 714, which in turn configures Ethernet card 718 accordingly. Again, depending on the format of the received configuration file and the format in which Ethernet driver 714 expects to receive configuration information, provisioning component 708 may or may not process the extracted configuration information before forwarding.
  • provisioning component of the system may be implemented using a framework and plug-in modules on a client device.
  • provisioning component 808 interacts with plug-in modules that are installed on the client side.
  • provisioning component 808 may extract configuration information pertaining to Ethernet and pass it to Ethernet plug-in 822, which may provide the information to Ethernet driver 814 and may optionally process the configuration information to convert it into a format expected by Ethernet driver 814.
  • Ethernet driver 814 may then configure Ethernet card 818 according to the configuration information received from Ethernet plug-in 822.
  • Ethernet plug-in 822 may optionally store some of the configuration information in a database or a file accessible by Ethernet driver 814.
  • provisioning component 808 may extract configuration information pertaining to Bluetooth and pass it to Bluetooth plug-in 824, which may provide the information to (and optionally convert the configuration information into a format expected by) the Bluetooth manager 812.
  • the Bluetooth manager 812 may then configure Bluetooth driver 816 and/or Bluetooth card 820 according to the received configuration information.
  • the plug-ins serve as an interface (and optionally a translation layer) between provisioning component 808 and the components on the client to be provisioned (e.g., media managers and/or device drivers).
  • policies may be displayed in section 900, near the top of the page.
  • Options such as "Add,” “Edit,” and “Delete” may be displayed next to each policy category to allow a user to add, edit, or delete policies.
  • Global policy may comprise configuration information that is not limited to any particular network or media type. For example, it may comprise a policy specifying that at most one connection is allowed from the client device at any time, a policy specifying that the client device may connect to at most one network at any time (although the number of connections to that network is not limited), etc.
  • Remote identification policy may indicate whether direct access technology is allowed, and if so, an administrator may be prompted to specify a
  • Discovered network policy may specify actions to be taken when a network is discovered, e.g., whether or not to connect automatically without prompting for user confirmation. Other policies may also be included, for example, a policy requiring that all wireless media be disabled when battery is low.
  • policies section 900 may also comprise any suitable policies associated with specific media managers, e.g., the Windows Wi-Fi manager and the Windows Ethernet managers in FIG. 9.
  • "Windows Wi-Fi policy” may comprise policies that apply to all Wi-Fi connections, such as prohibiting ad-hoc Wi-Fi connections or prohibiting Wi-Fi connections to unsecured networks.
  • network and connection profiles may be organized and displayed in section 905. For example, there may be sub-sections, 910, 920, and 930, each of which corresponds to a particular network. While three sub-sections are shown in the example of FIG.
  • Each sub-section may comprise a profile for the corresponding network (e.g. Network X). Various types of information about the network may be stored in this profile, including network name, an icon to be displayed to identify the network, network category (e.g., work, home, etc.), and policies associated with the network (e.g., allow at most one connection to the network at any time, do not allow connection to another network while connected to this network, etc.).
  • Each sub-section may also comprise profiles for available connections.
  • Network X may have profiles for two connections, NetworkX-WiFi2 (912) and NetworkX- WiFi (914), both of which are secured Wi-Fi connections. Any suitable information may be stored in each of these profiles, including encryption type, SSID (Service Set Identifier), etc.
  • Network Y (920) may comprise a profile for a secured VPN connection 922
  • Network Z (930) may comprise a profile for a secured Wi-Fi connection 932.
  • FIG. 9 may also allow a user to add, edit, delete, or re-organize the displayed profiles. For example, these tasks may be performed by clicking on the menu buttons displayed under the section heading "Network and Connection Profiles.” There may also be menu buttons for, respectively, importing and exporting settings. Clicking on either of these buttons may bring up a new page for selecting the profiles to be imported or exported.
  • FIG. 9 may also allow a user to add, edit, delete, or re-organize the displayed profiles. For example, these tasks may be performed by clicking on the menu buttons displayed under the section heading "Network and Connection Profiles.” There may also be menu buttons for, respectively, importing and exporting settings. Clicking on either of these buttons may bring up a new page for selecting the profiles to be imported or exported.
  • FIG. 10 shows an example of a page that may be displayed when a user clicks on the "export" button shown in FIG. 9.
  • Existing policies and profiles may be displayed in two separate sections (e.g., 1000 and 1005). The user may select any number of policies and/or profiles to be exported to the configuration file, and may indicate whether each policy or profile should replace an existing version. [0061] FIG.
  • FIG. 11 shows an example of a page that may be displayed when a user clicks on the "import" button shown in FIG. 9.
  • This page may show the name (1102) of the configuration file being imported (e.g., NetworkX.cab).
  • Policies and profiles stored in the configuration file may be displayed (e.g., in sections 1100 and 1105, respectively), so that the user may select which policies and/or profiles are to be imported to a client device.
  • a standardized format is used for configuration files to configure one or more aspects of network connectivity for one or more client devices.
  • the standardized format may ensure that information is stored in a logical manner, thereby facilitating dissemination of configuration settings to different software and/or hardware components that consume the settings.
  • the standardized format can take any form, as the aspect of the invention that relates to using a standardized format is not limited to any particular format.
  • One exemplary format is shown in FIG. 12 and is described below solely for the purpose of illustration, as other formats can be used.
  • configuration information is organized into a hierarchical tree structure according to a framework referred to herein as the Unified Connection Manager (UCM) framework.
  • UCM Unified Connection Manager
  • Each node in the hierarchical tree structure is a UCM namespace element, which may contain data as well as sub-namespaces.
  • the addressing mechanism for namespace elements is similar to that for files and subdirectories in a conventional hierarchical directory structure.
  • the root node is the YUCM namespace, which comprises three sub- namespaces: YUCMYPolicy, YUCMYNetworks, and ⁇ UCM ⁇ Connections.
  • each of these sub-namespaces may comprise data and/or further sub-namespaces.
  • Namespace element YUCMYPolicy may be used to store configuration information that is not specific to any particular network or media type, such as the global policies discussed in connection with FIG. 9 above. These policies may be stored directly in the namespace element YUCMYPolicy, or they may be arranged logically into further sub-namepaces, such as YUCMYPolicyYGlobalPolicy, YUCMYPolicyYDefaultNetwork, and YUCMYPolicyYDirectAccess, shown in FIG. 12.
  • FIG. 12 also shows a sub-namespace YUCMYNetworksY, which may be used to store configuration information associated with the Network Layer (Layer 3) in the Open Systems Interconnection (OSI) model of networking.
  • the Network Layer is below the Transport Layer (Layer 4) and above the Data Link Layer (Layer 2). It receives hop-to-hop communication services from the Data Link
  • FIG. 12 shows a sub-namespace of YUCMYNetworksY, namely, YUCMYNetworksY Windows .Network.
  • This sub-namespace may be associated with a media manager called Windows .Network.
  • This media manager may be a stand-alone software program or a plug-in to the network and connection provisioning framework, and it may be supplied by the provider of an operating system of a client device to be configured, or by any third-party software vendor.
  • this media manager may implement one or more UCM-related application programming interface (API) functions.
  • the API functions may be used to ensure that the media manager is compatible with the network and connection provisioning framework, e.g., that the media manager "understands" how information is stored in UCM namespaces and is capable of providing information in accordance with the UCM convention.
  • Some exemplary API functions will be further discussed below merely as examples, as other and/or different API functions are also possible.
  • ⁇ UCM ⁇ Networks ⁇ Windows .Network may comprise two sub-namespaces: ⁇ UCM ⁇ Networks ⁇ Windows.Network ⁇ Policy and ⁇ UCM ⁇ Networks ⁇ Windows.Network ⁇ Persisted*.
  • the former sub-namespace may be used to store policies that apply to all networks. For example, it may comprise a policy specifying that Ethernet is preferred over Wi-Fi regardless of the network to which the computing device wishes to connect.
  • the latter sub-namespace may be used to store profiles for individual networks. As shown in FIG. 12, there may be a profile for each of Network X, Homenetwork, Network Y, and Network Z. These profiles may contain any suitable information, including the illustrative information discussed in connection with FIG. 9 above.
  • FIG. 12 also shows a sub-namespace ⁇ UCM ⁇ Connections ⁇ , which may be used to stored configuration information associated with the Data Link Layer (Layer 2 in the OSI model). It may further comprise at least two sub-namespaces corresponding, respectly, to two media managers: Windows. WW AN and Windows. WL AN, where WWAN refers to Wireless Wide Area Network and
  • WLAN refers to Wireless Local Area Network.
  • sub-namespaces e.g., YPolicy and YPersisted*
  • ⁇ UCM ⁇ Connections ⁇ Windows.WLAN ⁇ Policy may be used to stored policies that apply to all WLAN connections.
  • the sub-namespace ⁇ UCM ⁇ Connections ⁇ Windows.WLAN ⁇ Persisted* may be used to store profiles for individual connections.
  • there may be two profiles stored in this sub-namespace One may be associated with WLAN connections to Network X, while the other may be associated with WLAN connections to Homenetwork. Examples of information stored in each of these profiles can be found in the above discussion in connection with FIG. 9.
  • the UCM framework may be used to organize information logically to facilitate efficient access of information.
  • the aspect of the invention that relates to employing a standard format is not limited to the use of the UCM framework or even to using a hierarchical structure for storing configuration information in a configuration file, nor is it limited to the use of the OSI networking model or the types of configuration information mentioned in connection with the above-described embodiment. Any suitable standardized format can be employed.
  • a standardized format for a configuration file may be used with any of the other aspects of the invention described herein, none of those other aspects are limited to employing a configuration file organized according to a standardized format.
  • a media manager or a plug -in module may implement a set of API functions to interoperate with the network and connection configuration framework. Having a unified set of API functions facilitates the creation of the framework and the media managers (and/or plug-ins), as the interface therebetween is standardized.
  • some of the following API functions may be implemented by a plug-in module.
  • the aspect of the present invention that relates to establishing a unified set of API functions is not limited to the particular API functions employed below.
  • the interfaces INamespaceHelper, IProf ⁇ leManagement, IUCMProf ⁇ leReport, and IUCMProf ⁇ leReportAsXML may be implemented by media managers or plug-ins on the server side (e.g., those that populate profiles with configuration settings and create a configuration file comprising various profiles).
  • the interfaces IProf ⁇ lelmport, IProfileExport, IProfileContext, and IProvisioningService may be implemented by media managers or plug-ins on the client side (e.g., those that provision on a client computer configuration profiles received via a configuration file).
  • the aspect of the invention that relates to a unified set of API functions is not limited to such a distinction between server-side and client-side functionalities.
  • the SetElement function takes as a parameter a namespace element, and sets that element as the namespace element to be operated on.
  • the input element may be a namespace in which profiles are created and/or removed (e.g., ⁇ UCM ⁇ Connections ⁇ Windows. WLANYP ersisted*, as shown in FIG. 12).
  • the CreateNewProfile function may create a new namespace element, which may be a profile that is either empty or populated with default settings. Alternatively, the function may bring up a page via which a user may enter settings to be stored in the new profile.
  • the function may take four input parameters: parent element, parent window handle, profile type, and child element.
  • the parent element may be a parent of the profile being created. For example, if a profile is being created for a connection, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be
  • the parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device.
  • the child element may be the new namespace element in which the new profile is stored.
  • the EditProfil ⁇ function may be called to edit an existing profile, and may bring up a page with various editing options. Before returning, this function may persist the edited profile back into the namespace.
  • the EditProfil ⁇ function may take four input parameters: parent element, parent window handle, profile type, and profile.
  • the parent element may be a parent of the profile being edited. For example, if a profile for a connection is being edited, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be NULL.
  • the parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device.
  • the child element may be a namespace element corresponding to the profile being edited.
  • the Del ⁇ teProfil ⁇ function may be called before a profile is removed, and it may take four input parameters: parent element, parent window handle, profile type, and profile.
  • the parent element may be a parent of the profile being deleted. For example, if a profile for a connection is being deleted, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be NULL.
  • the parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device.
  • the child element may be a namespace element corresponding to the profile being deleted.
  • the Del ⁇ teProfil ⁇ function may prompt a user for confirmation before removing the profile and may notify the parent element that a child is being removed. It may also support bulk remove, e.g., when a network element is being removed, all connection elements associated with that network may also be removed.
  • the Compare function may take as input two profiles and return a value indicating whether the input profiles are identical, and, if they are not, indicate some information about how they compare. For example, if the two input profiles are identical then 0 is returned. If the two profiles are not identical, then, if the first input profile contains all of the information contained in the second input profile, then a positive integer (e.g., 1) is returned, otherwise, a negative integer (e.g., -1) is returned. These values are merely examples, as the aspect of the invention relating to comparing profiles is not limited in this respect.
  • the get_HeadingFormat function may take any or no inputs and may return a format string indicating the format of a heading printed for the particular namespace element. The format string may be loaded from a resource file.
  • the get_HeadingValu ⁇ S function may take no inputs and return an array of insertion values that can be inserted into a get_Head ing Format insertion string.
  • the get_PropertyCount function may take any or no inputs and return a value indicating the number of customer reporting properties for the profile.
  • the GetPropertyDisplayName function may receive an index of a property (e.g., a number between 0 and the value of get_PropertyCount minus 1) and return a string indicating a display name of the property. The name may be loaded from a resource file.
  • the GetPropertyValueFormat function may receive an index of a property (e.g., a number between 0 and the value of get_PropertyCount minus 1) and return a string indicating a format of the value of the property. The format string may be loaded from a resource file.
  • the GetPropertyValues function may receive an index of a property (e.g., a number between 0 and the value of g ⁇ t_Prop ⁇ rtyC ⁇ unt minus 1) and return an array of insertion values that can be inserted into a GetPropertyValueFormat insertion string.
  • an index of a property e.g., a number between 0 and the value of g ⁇ t_Prop ⁇ rtyC ⁇ unt minus 1
  • the get_XMLEIementString function may take no inputs and return a string containing the XML content for the particular namespace element.
  • the S ⁇ tProfil ⁇ function may receive as input a namespace element corresponding to an input profile and may add the input profile to the client computer on which the S ⁇ tProfil ⁇ function is called.
  • the S ⁇ tProfil ⁇ function may further receive a Boolean value indicating whether the input profile is an update of a previously provisioned profile. If yes, the existing profile may be modified according to the input profile. Additionally, the S ⁇ tProfil ⁇ function may receive a context of the input profile, comprising further information such as user token, validation phase, and/or profile source.
  • the RemoveProfil ⁇ function may receive a namespace element corresponding to an input profile and may remove the input profile from the client computer on which the RemoveProfile function is called.
  • the RemoveProfile function may also receive a context of the input profile.
  • the Prepare and Complete functions may be called to indicate, respectively, a beginning and an end of a profile operation. Each of these functions may receive as input a context in which the profile operation is performed.
  • the GetProfile function may receive a namespace element corresponding to an existing profile on the client computer on which the SetProfile function is called, and may export the existing profile to an output stream. Additionally, the
  • SetProfile function may receive a context of the profile to be exported.
  • the Phase function may be called with no inputs and may return a phase of a profile operation. For example, there may be three different phases: validate, transacted, and apply. An output of the Phase function may indicated which of these three phases is being performed.
  • the UserToken function may be called with no inputs and may return a token for a user or computer associated with a current context.
  • the GetProfileType function may receive as input a namespace element corresponding to a profile and may return a profile type for that profile.
  • the profile type may indicate if the profile is a per-user profile or a machine-wide profile.
  • the ProfileSource function may be called with no inputs and may return an indication of a source of a profile in a current context.
  • the source may be a file, or a server side component of a network and connection provisioning framework.
  • the Root function may be called with no inputs and may return a namespace element corresponding to a root namespace for a current profile.
  • the ProvisioningFileName function may be called with any or no inputs and may return a string indicating a name of a file that is used for provisioning
  • the Result function may be called with no inputs and may return an indication of a result of a current profile operation. For example, the result may be: succeeded, aborted, cancelled, failed, partial failure, or warning.
  • the TransactionHandle function may be called with no inputs and may return a transaction handle for use when provisioning a profile.
  • the ExecutionContext function may be called with no inputs and may identify the type of a context in which a current operation is performed. For example, the operation may be performed on the client side, on the server side, or on a standalone tool.
  • the OperationType function may be called with no inputs and may identify the type of a current operation. For example, the current operation may be an import operation or an export operation.
  • the ImportProfil ⁇ function may receive as input a string indicating a name of a file from which one or more profiles are to be imported and may return a context containing a result of the import operation. Additionally, the
  • ImportProfil ⁇ function may receive an input parameter indicating a source of the one or more profiles.
  • the source may be a file distributed over the worldwide web, or the source may be a server side component of a network and connection provisioning framework.
  • the I import Prof Ne function may also receive an input parameter identifying the type of a context in which the import operation is performed.
  • the import operation may be performed in a client side context or a server side context.
  • the ExportProfil ⁇ function may receive as input a list of profiles to be exported and a string indicating a name of a file to which the profiles are to be exported.
  • the ExportProfil ⁇ function may also return a context containing a result of the export operation. Additionally, the ExportProfil ⁇ function may receive an input parameter identifying the type of context in which the export operation is performed. For example, the export operation may be performed on the client side or the server side.
  • the Accept function may be called to proceed to a next phase, for example, after a user has accepted warnings associated with a current phase. The Accept function may receive as input a result of the current profile operation.
  • the SetExternalTransaction function may receive as input a transaction created by an external component and may set the transaction to NULL to revert to an internally created transaction.
  • FIG. 13 is a schematic illustration of an exemplary computer 1300 on which aspects of the present invention may be implemented.
  • the computer 1300 includes a processor or processing unit 1301 and a memory 1302 that can include both volatile and non- volatile memory.
  • the computer 1300 also includes storage 1305 (e.g., one or more disk drives) in addition to the system memory 1302.
  • the memory 1302 can store one or more instructions to program the processing unit 1301 to perform any of the functions described herein.
  • a computer can include any device having a programmed processor, including a rack-mounted computer, a desktop computer, a laptop computer, a tablet computer or any of numerous devices that may not generally be regarded as a computer, which include a programmed processor (e.g., a PDA, an MP3 Player, a mobile telephone, wireless headphones, etc.).
  • the computer may have one or more input and output devices, such as devices 1306 and 1307 illustrated in FIG. 13. These devices can be used, among other things, to present a user interface. Examples of output devices that can be used to provide a user interface include printers or display screens for visual presentation of output and speakers or other sound generating devices for audible presentation of output.
  • Computer 1300 may also comprise network interface cards (e.g., 1318a-c) to enable communication via various networks (e.g., 1319a-c). Examples of networks include a local area network or a wide area network, such as an enterprise network or the Internet. Such networks may be based on any suitable technology and may operate according to any suitable protocol and may include wireless networks, wired networks or fiber optic networks.
  • the above-described embodiments of the invention can be implemented in any of numerous ways.
  • the embodiments may be implemented using hardware, software or a combination thereof.
  • the software code can be executed on any suitable processor or collection of processors, whether provided in a single computer or distributed among multiple computers.
  • the various methods or processes outlined herein may be coded as software that is executable on one or more processors that employ any one of a variety of operating systems or platforms. Additionally, such software may be written using any of a number of suitable programming languages and/or programming or scripting tools, and also may be compiled as executable machine language code or intermediate code that is executed on a framework or virtual machine.
  • the invention may be embodied as a computer readable medium (or multiple computer readable media) (e.g., a computer memory, one or more floppy discs, compact discs, optical discs, magnetic tapes, flash memories, circuit configurations in Field Programmable Gate Arrays or other semiconductor devices, or other tangible computer storage medium) encoded with one or more programs that, when executed on one or more computers or other processors, perform methods that implement the various embodiments of the invention discussed above.
  • the computer readable medium or media can be transportable, such that the program or programs stored thereon can be loaded onto one or more different computers or other processors to implement various aspects of the present invention as discussed above.
  • program or “software” are used herein in a generic sense to refer to any type of computer code or set of computer-executable instructions that can be employed to program a computer or other processor to implement various aspects of the present invention as discussed above. Additionally, it should be appreciated that according to one aspect of this embodiment, one or more computer programs that when executed perform methods of the present invention need not reside on a single computer or processor, but may be distributed in a modular fashion amongst a number of different computers or processors to implement various aspects of the present invention.
  • Computer-executable instructions may be in many forms, such as program modules, executed by one or more computers or other devices.
  • program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types.
  • functionality of the program modules may be combined or distributed as desired in various embodiments.
  • data structures may be stored in computer-readable media in any suitable form. For simplicity of illustration, data structures may be shown to have fields that are related through location in the data structure. Such relationships may likewise be achieved by assigning storage for the fields with locations in a computer-readable medium that conveys relationship between the fields.
  • any suitable mechanism may be used to establish a relationship between information in fields of a data structure, including through the use of pointers, tags or other mechanisms that establish relationship between data elements.
  • Various aspects of the invention may be used alone, in combination, or in a variety of arrangements not specifically discussed in the embodiments described in the foregoing and is therefore not limited in its application to the details and arrangement of components set forth in the foregoing description or illustrated in the drawings. For example, aspects described in one embodiment may be combined in any manner with aspects described in other embodiments.
  • the invention may be embodied as a method, of which an example has been provided. The acts performed as part of the method may be ordered in any suitable way. Accordingly, embodiments may be constructed in which acts are performed in an order different than illustrated, which may include performing some acts simultaneously, even though shown as sequential acts in illustrative embodiments.

Abstract

A network and connection provisioning framework for configuring and provisioning multiple aspects of network connectivity. The framework may comprise a unified configuration interface that enables an administrator to configure multiple different types of network connectivity. A single configuration file comprising settings for multiple aspects of network connectivity may be generated based on preferences entered by a system administrator, or by exporting current settings from a particular computing device. Global configuration policies or other configuration settings that span multiple types of network connectivity may be also created and stored in one or more configuration files. Stand-alone media managers and/or plug-in modules may implement one or more standardized application programming interface functions so that they may interoperate with the network and connection provisioning framework. The standardized API may be used to ensure that configuration information is handled and stored in a standardized manner by different media managers and/or plug-in modules.

Description

UNIFIED STORAGE FOR CONFIGURING MULIPLE NETWORKING
TECHNOLOGIES
BACKGROUND [0001] Many of today's computing devices are enabled with multiple networking technologies (e.g., Ethernet, Wi-Fi, Bluetooth, etc.). To send and receive data using one of these technologies, a computing device includes a piece of hardware, such as a host interface card or host adapter bus (NIC/HBA), which serves as an interface between the remainder of computing device and the physical network medium. Additional software, such as device drivers, may be installed to enable the computing device's operating system to communicate with the NIC/HBA. [0002] In addition to physical media types such as those mentioned above, many computing devices also may connect to one or more networks via virtual media types. For example, a corporate employee with public Internet access may connect to a corporate virtual private network (VPN) by creating a secure shell (SSH) tunnel through the Internet. Supporting a virtual media type typically does not require special hardware, as communications over the virtual network (e.g., a VPN) typically are transmitted via an existing physical network (e.g., are carried in the payload of the packets over the Internet). [0003] Conventionally, a system administrator needs to launch multiple software programs (also known as media managers) to configure settings for different media types (either physical or virtual). For example, as shown in FIG. 1, a system administrator may need to launch a Wi-Fi configuration interface 102 through Wi- Fi manager 106 to configure Wi-Fi settings for connecting to network 122, to launch a separate Ethernet configuration interface 104 through Ethernet manager
108 to configure Ethernet settings for connecting to network 124, etc. [0004] The settings and preferences entered by the system administrator are often handled and stored differently by different media managers. For example, as shown in FIG. 1, Wi-Fi manager 106 may store some configuration information in a database 112 accessible to Wi-Fi driver 110, and other configuration information may be passed to Wi-Fi driver 110 directly, which may store that configuration information in hardware registers in Wi-Fi card 118. Similarly, Ethernet manager 108 may store some configuration information in a file 114 at a designated location accessible to Ethernet driver 116, while other configuration information may be passed to Ethernet driver 116 directly and stored in hardware registers in Ethernet card 120.
SUMMARY
[0005] Applicants have recognized that, as the number of available media types increases steadily, the task of installing, configuring and maintaining all the necessary hardware and software is becoming a heavy burden for system administrators. In accordance with one embodiment of the invention, a unified configuration interface is provided that enables an administrator to configure multiple aspects of network connectivity. For example, the unified configuration interface may be used to configure two or more different media types. [0006] Applicants have further appreciated that conventional systems may have multiple media managers that may handle and store configuration information differently and in several places, making it difficult and time consuming to restore settings on a computing device for the media managers in case of failures or to replicate settings from one computing device to another. In another embodiment of the invention, a single configuration file comprising settings for multiple media types may be generated based on preferences entered by a system administrator, or a single configuration file may be created by exporting, from a particular computing device, current settings for multiple media types. [0007] Applicants have further recognized that conventional media managers are configured with dedicated interfaces, making it difficult to specify policies that involve multiple media types. In another embodiment of the invention, global configuration policies or other configuration settings that span multiple media types may be created.
[0008] In some embodiments of the invention, a network and connection provisioning framework is provided for configuring and provisioning various aspects of network connectivity. Individual media managers may implement a standardized application programming interface (API) so that they may interoperate with the network and connection provisioning framework. The standardized API may be used to ensure that configuration information is handled and stored in a standardized manner by different media managers. This facilitates the process of developing and adding new media managers, rather than having unique and proprietary interfaces for each media manager.
[0009] The foregoing is a non- limiting summary of the invention, which is defined by the attached claims.
BRIEF DESCRIPTION OF DRAWINGS
[0010] The accompanying drawings are not intended to be drawn to scale. In the drawings, each identical or nearly identical component that is illustrated in various figures is represented by a like numeral. For purposes of clarity, not every component may be labeled in every drawing. In the drawings:
[0011] FIG. 1 illustrates a computer system comprising two media managers and a conventional system for configuring those media managers via separate configuration interfaces;
[0012] FIG. 2 illustrates a network and connection provisioning framework for configuring and provisioning multiple types of network connectivity in accordance with some embodiments of the invention;
[0013] FIG. 3 illustrates a network and connection provisioning framework of the type shown in Fig. 2, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment; [0014] FIG. 4 illustrates a network and connection provisioning framework adapted to receive configuration information exported from media managers and/or device drivers in accordance with some embodiments of the invention;
[0015] FIG. 5 illustrates a network and connection provisioning framework of the type shown in Fig. 4, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment;
[0016] FIG. 6 illustrates a process of importing to a client computer a configuration file created by a network and connection provisioning framework in accordance with some embodiment of the invention;
[0017] FIG. 7 illustrates a network and connection provisioning framework comprising a provisioning component for provisioning on a client computer configuration settings for multiple types of network connectivity via a single configuration file in accordance with some embodiments of the invention; [0018] FIG. 8 illustrates a network and connection provisioning framework of the type shown in Fig. 7, implemented using plug-in modules for specific types of network connectivity in accordance with one embodiment;
[0019] FIG. 9 illustrates an exemplary configuration interface for configuring and provisioning various aspects of network connectivity in accordance with some embodiments of the invention;
[0020] FIG. 10 illustrates an exemplary interface for exporting, from a computing device, existing configuration settings in accordance with some embodiments of the invention; [0021] FIG. 11 illustrates an exemplary interface for importing configuration settings from a configuration file in accordance with some embodiments of the invention;
[0022] FIG. 12 illustrates an example of a standardized hierarchical structure for storing configuration information in accordance with some embodiments of the invention; and
[0023] FIG. 13 is a schematic illustration of an exemplary computer, on which aspects of the invention may be implemented.
DETAILED DESCRIPTION [0024] Applicants have recognized that, as the number of available media types increases steadily, the task of installing and maintaining all the necessary hardware and software is becoming a heavy burden for system administrators. This task is complicated by the fact that many media types are developed and marketed by different companies and organizations, which provide different, and often ad-hoc, configuration mechanisms. To configure a newly purchased computing device, a system administrator may need to launch a large number of different media managers to configure all media types available on that device. In addition, when a new media type becomes available, a system administrator may need to familiarize himself with the associated provisioning mechanism and to install the new media type on all devices on the network. Applicants have appreciated that these tasks can be time consuming and error prone using existing techniques. [0025] In accordance with one embodiment of the invention, a unified configuration interface is provided that enables an administrator to configure multiple aspects of network connectivity. For example, the unified configuration interface may be used to configure two or more different media types, providing a number of advantages as discussed below.
[0026] Applicants have further appreciated that conventional systems have media managers that handle and store configuration information differently, making it difficult to collect from a computing device existing configuration settings for different media types. As a result, it is difficult and time consuming to restore settings on a computing device in case of failures or to replicate settings from one computing device to another. Although some existing media managers support restoration and replication from configuration files, each configuration file generated by a particular media manager contains information pertaining only to a particular media type associated with the media manager. To configure multiple media types, multiple configuration files would need to be provided, e.g., one for each media type. There has not been a framework that provides a unified mechanism for exporting and/or importing settings for multiple media types. For example, there has not been a unified framework in which settings can be restored and/or replicated for multiple media types using a single configuration file. [0027] In another embodiment of Applicant's invention, a single configuration file comprising settings for multiple media types may be generated based on preferences entered by a system administrator, or by exporting, from a particular computing device, current settings for multiple media types. [0028] Applicants have further recognized that conventional media managers do not necessarily communicate with each other, making it difficult to specify policies that involve multiple media types. In another embodiment of the invention, global configuration policies and/or other configuration settings that span multiple media types may be created, which provides a number of advantages as discussed below. [0029] In some embodiments of the invention, a network and connection provisioning framework is provided for configuring and provisioning various aspects of network connectivity, and that implements standardized application programming interface (API) for media managers to employ to enable them to interoperate with the network and connection provisioning framework. Providing a standardized API ensures that configuration information is handled and stored in a standardized manner by different media managers. [0030] Illustrative implementations of these and other aspects of the invention are further described below. However, it should be appreciated that the aspects of the present invention described herein can be implemented in any suitable way, and are not limited to the specific implementations described below. [0031] In accordance with some embodiments of the invention shown conceptually in FIG. 2, a network and connection provisioning framework 204 is provided that presents to a system administrator a single network and connection configuration interface 202 for configuring multiple aspects of network connectivity. These aspects may include multiple networks, multiple media types, multiple connections to a same network using a same media type or different media types, etc. Any combination of desired aspects of network connectivity (e.g., any number of networks, media types, and/or connections) may be configured via interface 202, as the invention is not limited in this respect. Examples of networks include enterprise networks (e.g., corporate, government, and university networks), public networks (e.g., WiFi hotspots at airports and public library networks), and personal home networks. Examples of media types include Wi-Fi, Ethernet, VPN, etc. These examples are presented merely for illustration as the aspects of the present invention described herein can be used with any type of network and/or media type. [0032] In accordance with one embodiment, the network and connection provisioning framework 204 may process the information collected via the configuration interface 202, and may generate a configuration file 206 as a result of the processing. The types of information collected, the form of the configuration file, and the nature and extent of the processing of the collected information to create the configuration file are not limitations of the invention, and may vary depending on a number of factors, such as the specific aspects of network connectivity being configured, the types of configuration settings that relate thereto, etc. For example, in one embodiment illustrated in FIG. 2, configuration file 206 may comprise settings for any number of specific networks (e.g., networks 1 through M) and media types (e.g., media types 1 through N).
[0033] In accordance with a further embodiment of the invention, configuration interface 202 may also allow users to specify global policies and/or other settings relating to multiple aspects of network connectivity. In one embodiment, global policies and/or other settings may also be stored in the same configuration file 206 as the other configuration information. However, the aspect of the invention that relates to allowing the configuration of global policies is not limited in this respect, and can be implemented using one or more separated configuration files for global policies.
[0034] Global policies and/or other settings may relate to any combination of the configurable aspects of network connectivity, as the invention is not limited in this respect. For example, a user may specify via configuration interface 202 preferences of media types when attempting to connect to a particular network, (e.g., when multiple media types are available), particular settings for a first media type that may be enforced only when a second media type is in active use, etc. [0035] It should be appreciated that the implementation shown in FIG. 2 employs a number of different inventive features, e.g., those relating to (1) providing a common interface for configuring multiple aspects of network connectivity; (2) providing a single configuration file for storing configuration information pertaining to multiple aspects of network connectivity, and (3) enabling the establishment of global policies that span multiple aspects of network connectivity. Each of these features is advantageous for one or more reasons discussed herein. However, these features are not limited to being employed together, as other embodiments contemplate each of these features being used separately or in any combination.
[0036] Furthermore, the aspects of the invention described herein are not limited to the particular types of configuration settings illustrated in FIG. 2. Configuration file 206 may comprise other types of information and may be structured in any suitable way. An exemplary structure is illustrated in FIG. 9 and will be discussed in greater detail below.
[0037] As discussed above, the network and connection provisioning framework can be implemented in any suitable manner. One exemplary implementation is illustrated in FIG. 3, where network and connection provisioning framework 304 comprises a management component 308 and is configured to receive a plurality of plug-in modules, e.g., plug-in 1 through plug-in N (310-312). The plug-in modules may be developed by the same software developer(s) as the management component 308, or by different software developers. In one embodiment, the management component 308 may provide functionality that crosses all aspects of network connectivity (e.g., all networks, media types, and/or connections), and each plug-in may implement functionality directed to a particular aspect of network connectivity. Thus, a plug-in module may be loaded for each media type available on a computing device. For example, plug-in 310 may be associated with
Ethernet, and plug-in 312 may be associated with Bluetooth. [0038] The use of plug-ins allows an underlying framework to extend easily. For instance, whenever a new media type becomes available, a new plug-in may be loaded into network and connection provisioning framework 304 to handle the collection and processing of configuration information specifically pertaining to the new media type. No additional changes need to be made to framework 304. In the embodiment of FIG. 3, to configure both the existing media types and any newly added media type, a system administrator may launch the same configuration interface 302. In accordance with one embodiment, although configuration interface 302 may comprise new interface elements implemented by the new plug-in, these new interface elements may be organized and presented in a way that is already familiar to the system administrator, so that minimal learning effort is required to configure the new media type. [0039] In one embodiment, the use of plug-ins may shield the management component 308 of the network and connection provisioning framework from the implementation details of each media type. As mentioned above, each plug-in may implement its own interface elements to be presented through the configuration interface 302. Thus, in one embodiment, the configuration interface 302 may simply be a shell hosting various interfaces implemented by the plug-ins, and the software for presenting the configuration interface 302 need not deal with the peculiarities associated with different media types. For example, the management component 308 need not "understand" what information is relevant and what options to present to the system administrator in configuring an Ethernet connection. All of that information will be supplied by a plug-in module associated with Ethernet, e.g., plug-in 310 in FIG. 3.
[0040] The plug-ins and management component can be adapted to share the processing of information in any suitable manner. For example, in one embodiment, plug-ins may perform initial processing of the information collected through the configuration interface 302. In this way, management component 308 need not have complete knowledge of how information should be handled and stored for every media type. The management component may simply "package" processed information received from the plug-ins into a single configuration file. Alternatively, depending on the format of the one or more configuration files created by the network and connection provisioning framework 304 and the formats in which the plug-ins provide the configuration information, the management component 308 may perform some further processing, e.g., extracting and regrouping information provided by the plug-ins, or some other processing. [0041] It should be appreciated that aspects of the invention described herein are not limited to the use of plug-ins, as the network and connection provisioning framework 204 (illustrated in FIG. 2) alternatively can be implemented in other ways. Also, when plug-ins are used, the invention is not limited to how information collection, processing and other functions are distributed between the management component and the various plug-ins.
[0042] In accordance with one embodiment, in addition to obtaining configuration preferences from a system administrator, the network and connection provisioning framework 204 (illustrated in FIG. 2) may also collect existing configuration settings that are already provisioned on a computing device. This is referred to as "exporting" existing settings. In some embodiments of the invention, the network and connection provisioning framework may interface with multiple media managers to retrieve configuration settings, including different types of media managers that handle and store information differently. Media managers may reside on a computing device to manage various aspects of network connectivity on the computing device. For example, a media manager may be associated with a media type available on the computing device and may have access to existing configuration settings pertaining to that media type.
[0043] The retrieval of configuration settings can be done in any suitable way, an example of which is shown in FIG. 4. As one example, network and connection provisioning framework 404 may interface with Ethernet manager 410 and
Bluetooth manager 412 to retrieve configuration settings for Ethernet and Bluetooth, respectively. In some embodiments, the network and connection provisioning framework 404 may also interface directly with device drivers (e.g., if the media managers do not provide an interface through which all desired configuration information can be retrieved). An example of this is shown in FIG. 4, where network and connection provisioning framework 404 interfaces both with Ethernet manager 410 and with Ethernet driver 414). Additionally, or alternatively, network and connection provisioning framework 404 may retrieve configuration information from any other suitable location (e.g., a database or a configuration file at a known location).
[0044] It should be appreciated that the aspects of the invention described herein are not limited to any particular manner in which the network and connection provisioning framework collects existing configuration settings, as this may be done in any suitable way.
[0045] As with the embodiment of FIG. 3 discussed above, a network and connection provisioning framework that has the ability to collect existing configuration settings may be implemented using plug-ins. FIG. 5 shows an embodiment in which the network and connection provisioning framework 504 comprises a management component 508 and a plurality of plug-ins (e.g., 522- 524), where the plug-ins interface with media managers and/or device drivers to collect configuration settings. As discussed above, the use of plug-ins may shield management component 508 from the implementation details of various media types. For example, Ethernet plug-in 522 may collection configuration information directly from Ethernet driver 514 and/or Ethernet manager 510, and process the collected information before it is passed on to management component 508. Bluetooth plug-in 524 may collect configuration information from Bluetooth driver 516 and/or Bluetooth manager 512 and process the collected information before passing it on to management component 508. As discussed above, the aspect of the invention directed to collecting existing configuration settings is not limited by the manner in which plug-ins collect configuration information. They may interface with media managers and/or device drivers, and/or they may obtain configuration information from databases, configuration files or any other suitable sources.
[0046] Once one or more configuration files are created (e.g., by an administrator via a configuration interface or by exporting existing settings), the files may be saved on any suitable storage medium. As shown in FIG. 6, the configuration fϊle(s) 606 created by network and connection provisioning framework 604 may also be transferred to a client device 608 where it is used to provision the client device according to the configuration settings in the file(s). The transfer may take place in any suitable manner, as the invention is not limited in this respect. For example, the configuration fϊle(s) may be copied to the client device via a transportable physical storage medium (e.g., a smart card, a flash drive, etc.). Alternatively, the configuration file may be placed in a store (e.g., a web site) accessible to the client device and be accessed by the client device therefrom. [0047] In some embodiments, a provisioning component may be installed on client devices to provision the client device according to the configuration settings in the configuration fϊle(s). In accordance with one embodiment of the invention, the provisioning component may be considered as part of the network and connection provisioning framework, but it should be appreciated that the aspects of the invention described herein are not limited in this respect, as the components of the system that present a user interface to create one or more configuration files and the provisioning component on the client devices may be viewed as separate system components.
[0048] Upon receiving one or more configuration fϊle(s) 706, provisioning component 708 may parse the file(s) to extract configuration information. When a configuration file includes information for multiple aspects of network connectivity, provisioning component 708 may be capable of discerning which pieces of information are relevant for which aspects of network connectivity and may forward to each component on the client device to be configured (e.g., each media manager) only the information relevant for that component. For example, provisioning component 708 may extract all information relating to Bluetooth
(e.g., global policies that apply to all media types, settings for networks on which Bluetooth is available, and settings directed to some specific Bluetooth connections) and forward all such information to Bluetooth manager 712. Depending on the format of the received configuration file and the format in which Bluetooth manager 712 expects to receive configuration information, provisioning component 708 may simply pass along the configuration information, or may process it to be more compatible with the Bluetooth manager 712. The Bluetooth manager 712 may then configure Bluetooth driver 716 and/or Bluetooth card 720 according to the received configuration information.
[0049] In addition, and/or as an alternative, to provisioning the client device by interfacing with one or more media managers, provisioning component 708 may provision the received configuration settings by interfacing with device drivers.
For example, in the embodiment shown in FIG. 7, provisioning component 708 may extract all configuration information pertaining to Ethernet and forward it directly to Ethernet driver 714, which in turn configures Ethernet card 718 accordingly. Again, depending on the format of the received configuration file and the format in which Ethernet driver 714 expects to receive configuration information, provisioning component 708 may or may not process the extracted configuration information before forwarding.
[0050] Much like the aspect of the network and connection provisioning framework that presents a user interface to a system administrator and creates one or more configuration files, in one embodiment the provisioning component of the system may be implemented using a framework and plug-in modules on a client device. One such embodiment is illustrated in FIG. 8, in which provisioning component 808 interacts with plug-in modules that are installed on the client side. For instance, provisioning component 808 may extract configuration information pertaining to Ethernet and pass it to Ethernet plug-in 822, which may provide the information to Ethernet driver 814 and may optionally process the configuration information to convert it into a format expected by Ethernet driver 814. Ethernet driver 814 may then configure Ethernet card 818 according to the configuration information received from Ethernet plug-in 822. Depending on the requirements of Ethernet driver 814, Ethernet plug-in 822 may optionally store some of the configuration information in a database or a file accessible by Ethernet driver 814. As a further example, provisioning component 808 may extract configuration information pertaining to Bluetooth and pass it to Bluetooth plug-in 824, which may provide the information to (and optionally convert the configuration information into a format expected by) the Bluetooth manager 812. The Bluetooth manager 812 may then configure Bluetooth driver 816 and/or Bluetooth card 820 according to the received configuration information. In this way, the plug-ins serve as an interface (and optionally a translation layer) between provisioning component 808 and the components on the client to be provisioned (e.g., media managers and/or device drivers).
[0051] One of the advantages to using plug-in modules is shielding provisioning component 808 from the particular ways in which the components being provisioned (e.g., media manager and/or device drivers) consume configuration information. However, the aspects of the invention described herein are not limited to implementing the provisioning component using plug-ins. [0052] FIGs. 9-11 show some examples of user interfaces that a network and connection configuration interface may present to an administrator in accordance with some embodiments of the invention. It should be appreciated that the aspects of the present invention described herein are not limited to using the particular user interfaces illustrated in FIGs. 9-11, as any suitable interfaces may be used. [0053] FIG. 9 shows an example of a main configuration interface that may be used to perform a number of configuration tasks, such as adding, editing, and deleting various policies and settings, as well as exporting and importing settings to/from configuration files. In the example of FIG. 9, policies may be displayed in section 900, near the top of the page. Options such as "Add," "Edit," and "Delete" may be displayed next to each policy category to allow a user to add, edit, or delete policies. "Global policy" may comprise configuration information that is not limited to any particular network or media type. For example, it may comprise a policy specifying that at most one connection is allowed from the client device at any time, a policy specifying that the client device may connect to at most one network at any time (although the number of connections to that network is not limited), etc. "Remote identification policy" may indicate whether direct access technology is allowed, and if so, an administrator may be prompted to specify a
URL for remote network identification. "Discovered network policy" may specify actions to be taken when a network is discovered, e.g., whether or not to connect automatically without prompting for user confirmation. Other policies may also be included, for example, a policy requiring that all wireless media be disabled when battery is low.
[0054] As shown in FIG. 9, policies section 900 may also comprise any suitable policies associated with specific media managers, e.g., the Windows Wi-Fi manager and the Windows Ethernet managers in FIG. 9. For example, "Windows Wi-Fi policy" may comprise policies that apply to all Wi-Fi connections, such as prohibiting ad-hoc Wi-Fi connections or prohibiting Wi-Fi connections to unsecured networks. Of course, this is just an example as any suitable policy or policies can be specified. [0055] As shown in FIG. 9, network and connection profiles may be organized and displayed in section 905. For example, there may be sub-sections, 910, 920, and 930, each of which corresponds to a particular network. While three sub-sections are shown in the example of FIG. 9, it should be appreciated that any number may be used. Each sub-section (e.g., 910) may comprise a profile for the corresponding network (e.g. Network X). Various types of information about the network may be stored in this profile, including network name, an icon to be displayed to identify the network, network category (e.g., work, home, etc.), and policies associated with the network (e.g., allow at most one connection to the network at any time, do not allow connection to another network while connected to this network, etc.). [0056] Each sub-section may also comprise profiles for available connections.
Additional information may be displayed adjacent to each connection, for instance, to indicate the associated media type and whether the connection is secured. For example, as shown in FIG. 9, Network X (910) may have profiles for two connections, NetworkX-WiFi2 (912) and NetworkX- WiFi (914), both of which are secured Wi-Fi connections. Any suitable information may be stored in each of these profiles, including encryption type, SSID (Service Set Identifier), etc. [0057] Similarly, Network Y (920) may comprise a profile for a secured VPN connection 922, and Network Z (930) may comprise a profile for a secured Wi-Fi connection 932. [0058] It should be appreciated that any number of network and connection profiles may be displayed and any suitable information may be stored in these profiles, as the aspects of the invention discussed herein are not limited to use with a user interface that is limited in either regard. [0059] The illustrative embodiment shown in FIG. 9 may also allow a user to add, edit, delete, or re-organize the displayed profiles. For example, these tasks may be performed by clicking on the menu buttons displayed under the section heading "Network and Connection Profiles." There may also be menu buttons for, respectively, importing and exporting settings. Clicking on either of these buttons may bring up a new page for selecting the profiles to be imported or exported. [0060] FIG. 10 shows an example of a page that may be displayed when a user clicks on the "export" button shown in FIG. 9. There may be a "file name" field 1002 where the user may enter a name for the configuration file to which the selected settings are to be exported. There may also be a "browse" button 1004 which the user may use to look through a directory structure to identify a location and/or a name for the configuration file. Existing policies and profiles may be displayed in two separate sections (e.g., 1000 and 1005). The user may select any number of policies and/or profiles to be exported to the configuration file, and may indicate whether each policy or profile should replace an existing version. [0061] FIG. 11 shows an example of a page that may be displayed when a user clicks on the "import" button shown in FIG. 9. This page may show the name (1102) of the configuration file being imported (e.g., NetworkX.cab). Policies and profiles stored in the configuration file may be displayed (e.g., in sections 1100 and 1105, respectively), so that the user may select which policies and/or profiles are to be imported to a client device.
[0062] As discussed above, in accordance with one embodiment, a standardized format is used for configuration files to configure one or more aspects of network connectivity for one or more client devices. The standardized format may ensure that information is stored in a logical manner, thereby facilitating dissemination of configuration settings to different software and/or hardware components that consume the settings. The standardized format can take any form, as the aspect of the invention that relates to using a standardized format is not limited to any particular format. One exemplary format is shown in FIG. 12 and is described below solely for the purpose of illustration, as other formats can be used. [0063] In the embodiment illustrated in FIG. 12, configuration information is organized into a hierarchical tree structure according to a framework referred to herein as the Unified Connection Manager (UCM) framework. This framework provides a standardized format for storing configuration information in a logical fashion so the various pieces of configuration information may be located and disseminated efficiently. [0064] Each node in the hierarchical tree structure is a UCM namespace element, which may contain data as well as sub-namespaces. The addressing mechanism for namespace elements is similar to that for files and subdirectories in a conventional hierarchical directory structure. For instance, in the tree structure of FIG. 12, the root node is the YUCM namespace, which comprises three sub- namespaces: YUCMYPolicy, YUCMYNetworks, and \UCM\Connections. Unlike a conventional subdirectory, however, each of these sub-namespaces may comprise data and/or further sub-namespaces. In other words, there is no file vs. directory distinction within the UCM framework. [0065] Namespace element YUCMYPolicy may be used to store configuration information that is not specific to any particular network or media type, such as the global policies discussed in connection with FIG. 9 above. These policies may be stored directly in the namespace element YUCMYPolicy, or they may be arranged logically into further sub-namepaces, such as YUCMYPolicyYGlobalPolicy, YUCMYPolicyYDefaultNetwork, and YUCMYPolicyYDirectAccess, shown in FIG. 12.
[0066] FIG. 12 also shows a sub-namespace YUCMYNetworksY, which may be used to store configuration information associated with the Network Layer (Layer 3) in the Open Systems Interconnection (OSI) model of networking. The Network Layer is below the Transport Layer (Layer 4) and above the Data Link Layer (Layer 2). It receives hop-to-hop communication services from the Data Link
Layer and provides source-to-destination services to the Transport Layer. In accordance with one embodiment all Layer 3 information is grouped into the sub- namespace YUCMYNetworks, so that the information may be located and distributed quickly and easily to software modules that handle Layer 3 operations. [0067] For example, FIG. 12 shows a sub-namespace of YUCMYNetworksY, namely, YUCMYNetworksY Windows .Network. This sub-namespace may be associated with a media manager called Windows .Network. This media manager may be a stand-alone software program or a plug-in to the network and connection provisioning framework, and it may be supplied by the provider of an operating system of a client device to be configured, or by any third-party software vendor.
Furthermore, this media manager may implement one or more UCM-related application programming interface (API) functions. The API functions may be used to ensure that the media manager is compatible with the network and connection provisioning framework, e.g., that the media manager "understands" how information is stored in UCM namespaces and is capable of providing information in accordance with the UCM convention. Some exemplary API functions will be further discussed below merely as examples, as other and/or different API functions are also possible.
[0068] As shown in FIG. 12, \UCM\Networks\ Windows .Network may comprise two sub-namespaces: \UCM\Networks\Windows.Network\Policy and \UCM\Networks\Windows.Network\Persisted*. The former sub-namespace may be used to store policies that apply to all networks. For example, it may comprise a policy specifying that Ethernet is preferred over Wi-Fi regardless of the network to which the computing device wishes to connect. The latter sub-namespace may be used to store profiles for individual networks. As shown in FIG. 12, there may be a profile for each of Network X, Homenetwork, Network Y, and Network Z. These profiles may contain any suitable information, including the illustrative information discussed in connection with FIG. 9 above.
[0069] FIG. 12 also shows a sub-namespace \UCM\Connections\, which may be used to stored configuration information associated with the Data Link Layer (Layer 2 in the OSI model). It may further comprise at least two sub-namespaces corresponding, respectly, to two media managers: Windows. WW AN and Windows. WL AN, where WWAN refers to Wireless Wide Area Network and
WLAN refers to Wireless Local Area Network. As shown in FIG. 12, there may be further sub-namespaces (e.g., YPolicy and YPersisted*) in each of these sub- namespaces. For example, \UCM\Connections\Windows.WLAN\Policy may be used to stored policies that apply to all WLAN connections. The sub-namespace \UCM\Connections\Windows.WLAN\Persisted* may be used to store profiles for individual connections. As shown in FIG. 12, there may be two profiles stored in this sub-namespace. One may be associated with WLAN connections to Network X, while the other may be associated with WLAN connections to Homenetwork. Examples of information stored in each of these profiles can be found in the above discussion in connection with FIG. 9.
[0070] The UCM framework may be used to organize information logically to facilitate efficient access of information. However, as discussed above, the aspect of the invention that relates to employing a standard format is not limited to the use of the UCM framework or even to using a hierarchical structure for storing configuration information in a configuration file, nor is it limited to the use of the OSI networking model or the types of configuration information mentioned in connection with the above-described embodiment. Any suitable standardized format can be employed. In addition, while a standardized format for a configuration file may be used with any of the other aspects of the invention described herein, none of those other aspects are limited to employing a configuration file organized according to a standardized format. [0071] As discussed above, in accordance with some embodiments, a media manager or a plug -in module may implement a set of API functions to interoperate with the network and connection configuration framework. Having a unified set of API functions facilitates the creation of the framework and the media managers (and/or plug-ins), as the interface therebetween is standardized. For example, in the above-described embodiments employing the UCM framework, some of the following API functions may be implemented by a plug-in module. However, it should be appreciated that the aspect of the present invention that relates to establishing a unified set of API functions is not limited to the particular API functions employed below.
Figure imgf000020_0001
Figure imgf000021_0001
[0072] The interfaces INamespaceHelper, IProfϊleManagement, IUCMProfϊleReport, and IUCMProfϊleReportAsXML may be implemented by media managers or plug-ins on the server side (e.g., those that populate profiles with configuration settings and create a configuration file comprising various profiles). The interfaces IProfϊlelmport, IProfileExport, IProfileContext, and IProvisioningService may be implemented by media managers or plug-ins on the client side (e.g., those that provision on a client computer configuration profiles received via a configuration file). However, it should be appreciated that the aspect of the invention that relates to a unified set of API functions is not limited to such a distinction between server-side and client-side functionalities. [0073] The SetElement function takes as a parameter a namespace element, and sets that element as the namespace element to be operated on. For instance, the input element may be a namespace in which profiles are created and/or removed (e.g., \UCM\Connections\ Windows. WLANYP ersisted*, as shown in FIG. 12).
Alternatively, it may be a namespace corresponding to a particular profile (e.g., \UCM\Networks\Windows.Network\Persisted*YNetworkX, as shown in FIG. 12). [0074] The CreateNewProfile function may create a new namespace element, which may be a profile that is either empty or populated with default settings. Alternatively, the function may bring up a page via which a user may enter settings to be stored in the new profile. The function may take four input parameters: parent element, parent window handle, profile type, and child element. The parent element may be a parent of the profile being created. For example, if a profile is being created for a connection, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be
NULL. The parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device. The child element may be the new namespace element in which the new profile is stored.
[0075] The EditProfilθ function may be called to edit an existing profile, and may bring up a page with various editing options. Before returning, this function may persist the edited profile back into the namespace. The EditProfilθ function may take four input parameters: parent element, parent window handle, profile type, and profile. The parent element may be a parent of the profile being edited. For example, if a profile for a connection is being edited, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be NULL. The parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device. The child element may be a namespace element corresponding to the profile being edited. [0076] The DelθteProfilθ function may be called before a profile is removed, and it may take four input parameters: parent element, parent window handle, profile type, and profile. The parent element may be a parent of the profile being deleted. For example, if a profile for a connection is being deleted, a parent element may be a corresponding network element. If no parent element is designated, the parent element parameter may be NULL. The parent window handle parameter may be used when creating a child window, and the profile type may indicate whether the profile is per user or per client device. The child element may be a namespace element corresponding to the profile being deleted. The DelθteProfilθ function may prompt a user for confirmation before removing the profile and may notify the parent element that a child is being removed. It may also support bulk remove, e.g., when a network element is being removed, all connection elements associated with that network may also be removed.
[0077] The Compare function may take as input two profiles and return a value indicating whether the input profiles are identical, and, if they are not, indicate some information about how they compare. For example, if the two input profiles are identical then 0 is returned. If the two profiles are not identical, then, if the first input profile contains all of the information contained in the second input profile, then a positive integer (e.g., 1) is returned, otherwise, a negative integer (e.g., -1) is returned. These values are merely examples, as the aspect of the invention relating to comparing profiles is not limited in this respect. [0078] The get_HeadingFormat function may take any or no inputs and may return a format string indicating the format of a heading printed for the particular namespace element. The format string may be loaded from a resource file.
[0079] The get_HeadingValuθS function may take no inputs and return an array of insertion values that can be inserted into a get_Head ing Format insertion string.
[0080] The get_PropertyCount function may take any or no inputs and return a value indicating the number of customer reporting properties for the profile.
[0081] The GetPropertyDisplayName function may receive an index of a property (e.g., a number between 0 and the value of get_PropertyCount minus 1) and return a string indicating a display name of the property. The name may be loaded from a resource file. [0082] The GetPropertyValueFormat function may receive an index of a property (e.g., a number between 0 and the value of get_PropertyCount minus 1) and return a string indicating a format of the value of the property. The format string may be loaded from a resource file. [0083] The GetPropertyValues function may receive an index of a property (e.g., a number between 0 and the value of gθt_PropθrtyCθunt minus 1) and return an array of insertion values that can be inserted into a GetPropertyValueFormat insertion string.
[0084] The get_XMLEIementString function may take no inputs and return a string containing the XML content for the particular namespace element. [0085] The SθtProfilθ function may receive as input a namespace element corresponding to an input profile and may add the input profile to the client computer on which the SθtProfilθ function is called. The SθtProfilθ function may further receive a Boolean value indicating whether the input profile is an update of a previously provisioned profile. If yes, the existing profile may be modified according to the input profile. Additionally, the SθtProfilθ function may receive a context of the input profile, comprising further information such as user token, validation phase, and/or profile source. [0086] Similarly, the RemoveProfilθ function may receive a namespace element corresponding to an input profile and may remove the input profile from the client computer on which the RemoveProfile function is called. The RemoveProfile function may also receive a context of the input profile. [0087] The Prepare and Complete functions may be called to indicate, respectively, a beginning and an end of a profile operation. Each of these functions may receive as input a context in which the profile operation is performed.
[0088] The GetProfile function may receive a namespace element corresponding to an existing profile on the client computer on which the SetProfile function is called, and may export the existing profile to an output stream. Additionally, the
SetProfile function may receive a context of the profile to be exported.
[0089] The Phase function may be called with no inputs and may return a phase of a profile operation. For example, there may be three different phases: validate, transacted, and apply. An output of the Phase function may indicated which of these three phases is being performed.
[0090] The UserToken function may be called with no inputs and may return a token for a user or computer associated with a current context.
[0091] The GetProfileType function may receive as input a namespace element corresponding to a profile and may return a profile type for that profile. For example, the profile type may indicate if the profile is a per-user profile or a machine-wide profile.
[0092] The ProfileSource function may be called with no inputs and may return an indication of a source of a profile in a current context. For example, the source may be a file, or a server side component of a network and connection provisioning framework.
[0093] The Root function may be called with no inputs and may return a namespace element corresponding to a root namespace for a current profile.
[0094] The ProvisioningFileName function may be called with any or no inputs and may return a string indicating a name of a file that is used for provisioning
(e.g., import or export). [0095] The Result function may be called with no inputs and may return an indication of a result of a current profile operation. For example, the result may be: succeeded, aborted, cancelled, failed, partial failure, or warning. [0096] The TransactionHandle function may be called with no inputs and may return a transaction handle for use when provisioning a profile.
[0097] The ExecutionContext function may be called with no inputs and may identify the type of a context in which a current operation is performed. For example, the operation may be performed on the client side, on the server side, or on a standalone tool. [0098] The OperationType function may be called with no inputs and may identify the type of a current operation. For example, the current operation may be an import operation or an export operation.
[0099] The ImportProfilθ function may receive as input a string indicating a name of a file from which one or more profiles are to be imported and may return a context containing a result of the import operation. Additionally, the
ImportProfilθ function may receive an input parameter indicating a source of the one or more profiles. For example, the source may be a file distributed over the worldwide web, or the source may be a server side component of a network and connection provisioning framework. The I import Prof Ne function may also receive an input parameter identifying the type of a context in which the import operation is performed. For example, the import operation may be performed in a client side context or a server side context.
[0100] The ExportProfilθ function may receive as input a list of profiles to be exported and a string indicating a name of a file to which the profiles are to be exported. The ExportProfilθ function may also return a context containing a result of the export operation. Additionally, the ExportProfilθ function may receive an input parameter identifying the type of context in which the export operation is performed. For example, the export operation may be performed on the client side or the server side. [0101] The Accept function may be called to proceed to a next phase, for example, after a user has accepted warnings associated with a current phase. The Accept function may receive as input a result of the current profile operation. [0102] The SetExternalTransaction function may receive as input a transaction created by an external component and may set the transaction to NULL to revert to an internally created transaction.
[0103] Again, it should be appreciated that the functions described above are just illustrative and the aspects of the invention directed to API functions for standalone media managers and/or plug-in modules are not limited to these or any other particular functions.
[0104] The aspects of the present invention described herein can be used with any computer or device having a processor that may be programmed to take any of the actions described above for presenting an interface to an administrator to create one or more configuration files and for provisioning any type of client devices based on one or more configuration files. FIG. 13 is a schematic illustration of an exemplary computer 1300 on which aspects of the present invention may be implemented. The computer 1300 includes a processor or processing unit 1301 and a memory 1302 that can include both volatile and non- volatile memory. The computer 1300 also includes storage 1305 (e.g., one or more disk drives) in addition to the system memory 1302. The memory 1302 can store one or more instructions to program the processing unit 1301 to perform any of the functions described herein. As mentioned above, the reference herein to a computer can include any device having a programmed processor, including a rack-mounted computer, a desktop computer, a laptop computer, a tablet computer or any of numerous devices that may not generally be regarded as a computer, which include a programmed processor (e.g., a PDA, an MP3 Player, a mobile telephone, wireless headphones, etc.). [0105] The computer may have one or more input and output devices, such as devices 1306 and 1307 illustrated in FIG. 13. These devices can be used, among other things, to present a user interface. Examples of output devices that can be used to provide a user interface include printers or display screens for visual presentation of output and speakers or other sound generating devices for audible presentation of output. Examples of input devices that can be used for a user interface include keyboards, and pointing devices, such as mice, touch pads, and digitizing tablets. As another example, a computer may receive input information through speech recognition or in other audible format. [0106] Computer 1300 may also comprise network interface cards (e.g., 1318a-c) to enable communication via various networks (e.g., 1319a-c). Examples of networks include a local area network or a wide area network, such as an enterprise network or the Internet. Such networks may be based on any suitable technology and may operate according to any suitable protocol and may include wireless networks, wired networks or fiber optic networks.
[0107] Having thus described several aspects of at least one embodiment of this invention, it is to be appreciated that various alterations, modifications, and improvements will readily occur to those skilled in the art. [0108] Such alterations, modifications, and improvements are intended to be within the spirit and scope of the invention. Accordingly, the foregoing description and drawings are by way of example only.
[0109] The above-described embodiments of the invention can be implemented in any of numerous ways. For example, the embodiments may be implemented using hardware, software or a combination thereof. When implemented in software, the software code can be executed on any suitable processor or collection of processors, whether provided in a single computer or distributed among multiple computers. [0110] Also, the various methods or processes outlined herein may be coded as software that is executable on one or more processors that employ any one of a variety of operating systems or platforms. Additionally, such software may be written using any of a number of suitable programming languages and/or programming or scripting tools, and also may be compiled as executable machine language code or intermediate code that is executed on a framework or virtual machine.
[0111] In this respect, the invention may be embodied as a computer readable medium (or multiple computer readable media) (e.g., a computer memory, one or more floppy discs, compact discs, optical discs, magnetic tapes, flash memories, circuit configurations in Field Programmable Gate Arrays or other semiconductor devices, or other tangible computer storage medium) encoded with one or more programs that, when executed on one or more computers or other processors, perform methods that implement the various embodiments of the invention discussed above. The computer readable medium or media can be transportable, such that the program or programs stored thereon can be loaded onto one or more different computers or other processors to implement various aspects of the present invention as discussed above.
[0112] The terms "program" or "software" are used herein in a generic sense to refer to any type of computer code or set of computer-executable instructions that can be employed to program a computer or other processor to implement various aspects of the present invention as discussed above. Additionally, it should be appreciated that according to one aspect of this embodiment, one or more computer programs that when executed perform methods of the present invention need not reside on a single computer or processor, but may be distributed in a modular fashion amongst a number of different computers or processors to implement various aspects of the present invention.
[0113] Computer-executable instructions may be in many forms, such as program modules, executed by one or more computers or other devices. Generally, program modules include routines, programs, objects, components, data structures, etc. that perform particular tasks or implement particular abstract data types. Typically the functionality of the program modules may be combined or distributed as desired in various embodiments. [0114] Also, data structures may be stored in computer-readable media in any suitable form. For simplicity of illustration, data structures may be shown to have fields that are related through location in the data structure. Such relationships may likewise be achieved by assigning storage for the fields with locations in a computer-readable medium that conveys relationship between the fields. However, any suitable mechanism may be used to establish a relationship between information in fields of a data structure, including through the use of pointers, tags or other mechanisms that establish relationship between data elements. [0115] Various aspects of the invention may be used alone, in combination, or in a variety of arrangements not specifically discussed in the embodiments described in the foregoing and is therefore not limited in its application to the details and arrangement of components set forth in the foregoing description or illustrated in the drawings. For example, aspects described in one embodiment may be combined in any manner with aspects described in other embodiments. [0116] Also, the invention may be embodied as a method, of which an example has been provided. The acts performed as part of the method may be ordered in any suitable way. Accordingly, embodiments may be constructed in which acts are performed in an order different than illustrated, which may include performing some acts simultaneously, even though shown as sequential acts in illustrative embodiments.
[0117] Use of ordinal terms such as "first," "second," "third," etc., in the claims to modify a claim element does not by itself connote any priority, precedence, or order of one claim element over another or the temporal order in which acts of a method are performed, but are used merely as labels to distinguish one claim element having a certain name from another element having a same name (but for use of the ordinal term) to distinguish the claim elements. [0118] Also, the phraseology and terminology used herein is for the purpose of description and should not be regarded as limiting. The use of "including," "comprising," or "having," "containing," "involving," and variations thereof herein, is meant to encompass the items listed thereafter and equivalents thereof as well as additional items. [0119] What is claimed is:

Claims

EP CLAIMS
1. A method for use in a computer system comprising at least one computer (1300), the at least one computer comprising a plurality of media managers (410, 412) that collectively enable the at least one computer (1300) to communicate using a plurality of network connection technologies, the method comprising acts of:
(A) providing at least one management interface (302) that enables an administrator to establish a plurality of sets of one or more network connection settings, each of the plurality of sets of network connection settings corresponding to one of the plurality of media managers (410, 412) and being used to configure the corresponding media manager (410, 412) to enable the at least one computer (1300) to communicate using a network connection technology enabled by the corresponding media manager (410, 412); (B) in response to input received from the administrator via the at least one management interface (302), creating a plurality of network connection profiles that each corresponds to one of the plurality of media managers (410, 412); and
(C) providing the plurality of network connection profiles to the at least one computer in a same network configuration file (306).
2. The method of claim 1, further comprising acts of: receiving the network configuration file (306) at the at least one computer (1300); accessing each of the plurality of network connection profiles from the network configuration file; and using each one of the plurality of sets of network connection settings to configure the corresponding one of the plurality of media managers (410, 412).
3. The method of claim 1 , wherein the at least one management interface
(302) comprises a common application user interface through which the administrator may establish the plurality of network connection settings, and wherein the common management interface (302) is provided via a single application program (304).
4. The method of claim 3, wherein the single application program (304) comprises a framework and at least first and second plug-ins (310, 312) incorporated into the framework, wherein the first plug-in (310) is specially adapted to provide the single application program with functionality that enables the single application program to be used to establish a first set of network connection settings for a first media manager (410) that enables the at least one computer (1300) to communicate using a first network connection technology, and wherein the second plug-in (312) is specially adapted to provide the single application program with functionality that enables the single application program to be used to establish a second set of network connection settings for a second media manager (412) that enables the at least one computer (1300) to communicate using a second network connection technology.
5. The method of claim 4, further comprising acts of: receiving the network configuration file (306) at the at least one computer (1300); accessing first and second network connection profiles from the network configuration file, the first network connection profile comprising the first set of network connection settings, the second network connection profile comprising the second set of network connection settings; using the first set of network connection settings to configure the first media manager (410) to enable the computer (1300) to communicate using the first network connection technology according to the first set of network connection settings; and using the second set of network connection settings to configure the second media manager (412) to enable the computer (1300) to communicate using the second network connection technology according to the second set of network connection settings.
6. The method of claim 1 , wherein the plurality of network connection settings comprises first and second sets of network connection settings, wherein the first set of network connection settings comprises a first plurality of network settings and the second set of network connection settings comprises a second plurality of network settings.
7. The method of claim 1 , wherein the network configuration file comprises at least one setting that relates to at least two of the plurality of media managers (410, 412).
8. The method of claim 1 , wherein the network configuration file comprises a plurality of sub-sections, with each of the plurality of network connection profiles having a corresponding sub-section.
9. The method of claim 8, wherein the plurality of sub-sections that correspond to the plurality of network connection profiles share a common format.
10. The method of claim 1 , wherein the network configuration file comprises a hierarchical structure.
11. The method of claim 10, wherein the hierarchical structure comprises a root node and three nodes below it, the three nodes below the root node comprising a first node that is a policy node that relates to configuration information that is not specific to any particular network or media type, a second node that is a network layer node that relates to configuration information for layer
3 in the Open Systems Interconnection (OSI) model of networking, and a third node that is a connections node that relates to configuration information for layer 2 in the OSI model of networking.
12. A computer (1300) comprising: a first media manager (410) that enables the at least one computer (1300) to communicate using a first network connection technology; a second media manager (412) that enables the at least one computer (1300) to communicate using a second network connection technology that is different than the first network connection technology; and at least one processor (1301) programmed to; retrieve from a same network configuration file (306) a first network connection profile that comprises a first set of one or more network connection settings for the first network connection technology and a second connection profile that comprises a second set of one or more network connection settings for the second network connection technology; use the first set of network connection settings to configure the first media manager (410) to enable the computer (1300) to communicate using the first network connection technology according to the first set of network connection settings; and use the second set of network connection settings to configure the second media manager (412) to enable the computer (1300) to communicate using the second network connection technology according to the second set of network connection settings.
13. The computer of claim 12, wherein the at least one processor (1301) is further programmed to receive the network configuration file (306) in a communication over a network from another computer operated by a system administrator.
14. The method of claim 12, wherein the first set of network connection settings comprises a first plurality of network settings and the second set of network connection settings comprises a second plurality of network settings.
15. The method of claim 12, wherein the network configuration file comprises at least one setting that relates to the first and second media managers
(410, 412), and wherein the at least one processor (1301) is further programmed to use the at least one setting to configure the first and second media managers (410, 412).
PCT/US2009/063623 2008-11-21 2009-11-06 Unified storage for configuring muliple networking technologies WO2010059438A2 (en)

Priority Applications (2)

Application Number Priority Date Filing Date Title
CN200980147048.2A CN102224708B (en) 2008-11-21 2009-11-06 Unified storage for configuring muliple networking technologies
EP09828006A EP2351293A2 (en) 2008-11-21 2009-11-06 Unified storage for configuring muliple networking technologies

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US12/276,157 US8615570B2 (en) 2008-11-21 2008-11-21 Unified storage for configuring multiple networking technologies
US12/276,157 2008-11-21

Publications (2)

Publication Number Publication Date
WO2010059438A2 true WO2010059438A2 (en) 2010-05-27
WO2010059438A3 WO2010059438A3 (en) 2010-08-19

Family

ID=42197366

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2009/063623 WO2010059438A2 (en) 2008-11-21 2009-11-06 Unified storage for configuring muliple networking technologies

Country Status (4)

Country Link
US (1) US8615570B2 (en)
EP (1) EP2351293A2 (en)
CN (1) CN102224708B (en)
WO (1) WO2010059438A2 (en)

Families Citing this family (11)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US9235448B2 (en) * 2008-11-25 2016-01-12 Citrix Systems, Inc. Systems and methods for batchable hierarchical configuration
US9128770B2 (en) * 2008-11-25 2015-09-08 Citrix Systems, Inc. Systems and methods for GSLB auto synchronization
US8108495B1 (en) * 2009-04-30 2012-01-31 Palo Alto Networks, Inc. Managing network devices
US8284699B1 (en) 2009-04-30 2012-10-09 Palo Alto Networks, Inc. Managing network devices
JP5618886B2 (en) * 2011-03-31 2014-11-05 株式会社日立製作所 Network system, computer distribution apparatus, and computer distribution method
US9215075B1 (en) 2013-03-15 2015-12-15 Poltorak Technologies Llc System and method for secure relayed communications from an implantable medical device
CN103702437A (en) * 2013-12-16 2014-04-02 海信集团有限公司 Connection control device for wireless network and connection control method for wireless network
US10282346B1 (en) * 2014-02-05 2019-05-07 Cisco Technology, Inc. Scalable network device self-configuration in large networks
US20150370272A1 (en) 2014-06-23 2015-12-24 Google Inc. Intelligent configuration of a smart environment based on arrival time
US9788039B2 (en) 2014-06-23 2017-10-10 Google Inc. Camera system API for third-party integrations
CN106937359B (en) * 2015-12-29 2021-07-06 西安中兴新软件有限责任公司 Information processing method, server and hotspot device

Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20050091357A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Network and interface selection on a computing device capable of establishing connections via multiple network communications media
US20050260989A1 (en) * 2004-02-09 2005-11-24 Palmsource, Inc. System and method of managing connections with an available network
US20070067446A1 (en) * 2005-09-16 2007-03-22 Microsoft Corporation Connecting to different network types through a common user interface
US20080183856A1 (en) * 2002-04-25 2008-07-31 Duane Mark Baldwin Methods and apparatus for management of mixed protocol storage area networks

Family Cites Families (24)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5497504A (en) * 1994-05-13 1996-03-05 The Trustees Of Columbia University System and method for connection control in mobile communications
US6029196A (en) * 1997-06-18 2000-02-22 Netscape Communications Corporation Automatic client configuration system
EP1093054B1 (en) * 1999-10-15 2008-07-16 Alcatel Lucent Method for installing software components at a user-terminal, related devices and related software modules
US20020029273A1 (en) * 2000-06-05 2002-03-07 Mark Haroldson System and method for calculating concurrent network connections
US7107326B1 (en) * 2000-10-13 2006-09-12 3Com Corporation Method and system for integrating IP address reservations with policy provisioning
US7027412B2 (en) * 2000-11-10 2006-04-11 Veritas Operating Corporation System for dynamic provisioning of secure, scalable, and extensible networked computer environments
US7168044B1 (en) * 2000-12-22 2007-01-23 Turin Networks Apparatus and method for automatic network connection provisioning
US8392586B2 (en) * 2001-05-15 2013-03-05 Hewlett-Packard Development Company, L.P. Method and apparatus to manage transactions at a network storage device
US7257116B2 (en) * 2001-08-01 2007-08-14 Certicom Corp. Disabling header compression over point-to-point protocol (PPP)
US6910127B1 (en) * 2001-12-18 2005-06-21 Applied Micro Circuits Corporation System and method for secure network provisioning by locking to prevent loading of subsequently received configuration data
US7363398B2 (en) * 2002-08-16 2008-04-22 The Board Of Trustees Of The Leland Stanford Junior University Intelligent total access system
TW200419413A (en) * 2003-01-13 2004-10-01 I2 Technologies Inc Master data management system for centrally managing core reference data associated with an enterprise
US20050149948A1 (en) * 2003-12-30 2005-07-07 Intel Corporation System and method for monitoring and managing connection manager activity
US20070220494A1 (en) * 2003-11-06 2007-09-20 Intuwave Limited A Method of Rapid Software Application Development for a Wireless Mobile Device
US7668944B2 (en) * 2004-02-20 2010-02-23 Evgeny Leib System and unified setting interface for configuring network manageable devices
JP2006050515A (en) * 2004-06-30 2006-02-16 Ntt Docomo Inc Mobile node, and its control method and program
US7430664B2 (en) * 2005-02-02 2008-09-30 Innomedia Pte, Ltd System and method for securely providing a configuration file over and open network
US7685316B2 (en) * 2005-06-16 2010-03-23 Cisco Technology, Inc. System and method for coordinated network configuration
US20070067146A1 (en) * 2005-09-16 2007-03-22 Velmurugan Devarajan System and method of interactively optimizing shipping density for a container
US7483978B2 (en) * 2006-05-15 2009-01-27 Computer Associates Think, Inc. Providing a unified user interface for managing a plurality of heterogeneous computing environments
US8245284B2 (en) * 2006-10-05 2012-08-14 Microsoft Corporation Extensible network discovery
US20080092131A1 (en) * 2006-10-16 2008-04-17 Invensys Systems, Inc. Centralized management of human machine interface applications in an object-based supervisory process control and manufacturing information system environment
JP2008270999A (en) * 2007-04-18 2008-11-06 Sony Corp Communicating system and communication equipment
US7831218B2 (en) * 2007-05-22 2010-11-09 Symbol Technologies, Inc. Modular keypad with wireless arrangement for a mobile device

Patent Citations (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US20080183856A1 (en) * 2002-04-25 2008-07-31 Duane Mark Baldwin Methods and apparatus for management of mixed protocol storage area networks
US20050091357A1 (en) * 2003-10-24 2005-04-28 Microsoft Corporation Network and interface selection on a computing device capable of establishing connections via multiple network communications media
US20050260989A1 (en) * 2004-02-09 2005-11-24 Palmsource, Inc. System and method of managing connections with an available network
US20070067446A1 (en) * 2005-09-16 2007-03-22 Microsoft Corporation Connecting to different network types through a common user interface

Also Published As

Publication number Publication date
EP2351293A2 (en) 2011-08-03
CN102224708B (en) 2014-05-07
US20100131622A1 (en) 2010-05-27
CN102224708A (en) 2011-10-19
US8615570B2 (en) 2013-12-24
WO2010059438A3 (en) 2010-08-19

Similar Documents

Publication Publication Date Title
US8676942B2 (en) Common configuration application programming interface
US8683046B2 (en) Unified interface for configuring multiple networking technologies
US8615570B2 (en) Unified storage for configuring multiple networking technologies
EP2351457B1 (en) Creating cross-technology configuration settings
US11068241B2 (en) Guided definition of an application programming interface action for a workflow
TW526429B (en) Graphical editor for defining and creating a computer system
US8850423B2 (en) Assisting server migration
US20200301902A1 (en) Graphical user interfaces for incorporating complex data objects into a workflow
US8161140B2 (en) Interfacing between a command line interface-based application program and a remote network device
US8744980B2 (en) Systems and methods for analysis of network equipment command line interface (CLI) and runtime management of user interface (UI) generation for same
US20220391221A1 (en) Providing a different configuration of added functionality for each of the stages of predeployment, deployment, and post deployment using a layer of abstraction
US10678418B1 (en) Graphical user interfaces for defining complex data objects
US20210034225A1 (en) Templates for rapid development of native mobile application graphical user interfaces
US8027362B2 (en) Methods and systems for pushing and pulling network data in user interface design
US11340968B1 (en) Executing repetitive custom workflows through API recording and playback
TW201448544A (en) Message exchange via generic TLV generator and parser
US20200236163A1 (en) Scale out network-attached storage device discovery
Andročec et al. Methodology for detection of cloud Interoperability problems
Beckner What’s New in BizTalk 2010
Konopinski Meeting the Computational Demands for Data Driven Biology at VectorBase

Legal Events

Date Code Title Description
WWE Wipo information: entry into national phase

Ref document number: 200980147048.2

Country of ref document: CN

121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 09828006

Country of ref document: EP

Kind code of ref document: A2

WWE Wipo information: entry into national phase

Ref document number: 2009828006

Country of ref document: EP

WWE Wipo information: entry into national phase

Ref document number: 3242/CHENP/2011

Country of ref document: IN

NENP Non-entry into the national phase

Ref country code: DE