818 results about "Network administrator" patented technology

A novel network manager for use with a cable television system headend capable of monitoring and managing headend components and set top terminals in a television delivery system is described. The invention relates to methods and apparatus that manage and coordinate the reception of various programming and control signals at a headend. The invention manages and coordinates the storage of such signals for intelligent selection and distribution to set top terminals. The invention makes use of a receiver or set of receivers, a work station, a program control information processing component, a network management CPU, databases, control software and an instruction memory. The invention uses these components to manage and monitor certain headend components, such as signal reception equipment, an authorization component, a file server, MPEG decoders, a digital buffer with frame repeat and channel modulators. The invention is particularly useful in processing and responding to upstream information and subscriber communications received from set top terminals. In so doing, the invention accommodates various system services, including (1) near video on demand (NVOD), (2) virtual video on demand (VVOD), (3) video on demand (VOD), (4) interactive program services, (5) program suggestion features, (6) advertisement targeting, (7) generation of standard and custom menus, and (8) data spooling and text overlaying.

A method and apparatus for concurrently displaying from a single window on a network management station the health status of all network devices and objects of a computer network. The network devices may be categorized according to state or device type, as determined by the network manager. The method and apparatus provides a network manager with the ability to determine the current state of network devices and objects within an enterprise network and invoke further actions such as configuration, performance, fault, and security management tasks. The network manager can drag and drop icons from one network management system application window to another network management system application window to obtain fault information about network devices and objects, thus allowing multiple network management system applications to run concurrently on the same network management station. The network manager is further able to add new network devices and objects by dragging site, folder or device icons from one network management system application window to a second network management system application window for displaying the health status of the new devices. The dragged-in devices are added to the appropriate status panes within the second window according to the method of the present invention.

The present solution provides a spillover management technique for virtual servers of an appliance based on bandwidth. A network administrator may configure a bandwidth threshold for one or more virtual servers, such as virtual servers providing acceleration or load balancing for one or more services. The bandwidth threshold may be specified as a number of bytes transferred via the virtual server. The bandwidth threshold may also be specified as a round trip time or derivative thereof. A user may specify the bandwidth threshold via a configuration interface. Otherwise, the appliance may establish the bandwidth threshold. The appliance monitors the bandwidth used by a first virtual server. In response to detecting the bandwidth reaching or exceeding the bandwidth threshold, the appliance dynamically directs client requests to a second virtual server.

In a communication network constituted of relay nodes and edge nodes interconnected by communication lines and a network manager, the network manager manages relay nodes and edge nodes connected to the network manager by operation management communication lines. The network manager requests to set a logical connection between an ingress and an egress of the connection, and in response to this request, relay nodes and edge nodes set a logical connection specifying at least one of a transmission source and a destination.

A network switch having a unified, adaptive management paradigm for wireless network devices is disclosed. The switch includes configurable ports for connecting devices. A software application running on the switch allows a network administrator to selectively configure each port to support either a wired device or wireless device. Configuration information and software images that are needed for operation of the wireless device are associated with the port. When a wireless device is first plugged into the switch port, it downloads its configuration directly from the switch port. By storing the configuration information and images at the switch and automatically downloading them to the wireless devices, the task of configuring the devices is greatly simplified for the network administrator. This is particularly advantageous in heterogeneous network environments that support both wired and wireless devices, and where wireless device are readily moved to different ports.

Threat intelligence is collected from a variety of different sources. The threat intelligence information is aggregated, normalized, filtered and scored to identify threats to an information network. Threats are categorized by type, maliciousness and confidence level. Threats are reported to network administrators in a plurality of threat feeds, including for example malicious domains, malicious IP addresses, malicious e-mail addresses, malicious URLs and malicious software files.

Methods, apparatuses and systems facilitating the configuration of parameters controlling utilization of a network resource. In one embodiment, the present invention allows a network administrator to quickly and easily configure effective bandwidth utilization controls and observe the results of applying them. According to one embodiment, a network administrator is presented with an interface displaying the most significant traffic types with respect to a bandwidth utilization or other network statistic and allowing for the association of bandwidth utilization controls to these traffic types.

A method and system for "selective" tunneling of streaming data from a server to a client in a computer network having one or more network segments. The server has a tunneler utility, and the client has a receiver utility. The receiver utility first attempts to detect if a given data stream is available via IP multicast on the network segment supporting the client. If not, then the receiver utility issues a request for a IP unicast stream. This request is serviced by the tunneler utility. The tunneler utility re-broadcasts the IP multicast feed using IP unicast to send the data stream directly to the requesting user and/or to a repeater utility. The receiver utility then receives and processes the data stream for output to the end user. Alternatively, the receiver application, or a network administrator, launches the repeater utility, which then converts the IP unicast stream back to IP multicast format for re-broadcast over the network segment to other clients.

An embodiment includes a computer system for detecting and monitoring network intrusion events from log data received from network service devices in a computer network. An embodiment may include an event parser in communication with multiple network service devices. The event parser may parse information to create corresponding event objects concerning intrusion events. The system may include an event manager in communication with the event parser. The event manager may be configured to evaluate the event objects according to at least one predetermined threshold condition. The system may include an event broadcaster in communication with the event manager for receiving event objects designated by the event manager for broadcast. The event broadcaster may be able to transmit the event objects in real time. The system may also include means for alerting the user that a network intrusion event has occurred.

A method and apparatus for managing a network includes detecting occurrence of a network event associated with a new network condition including unplanned and planned macro-events associated with network elements and communication links of the network. The network event is classified as being associated with at least one of a network element failure, communications link failure, and a security breach. In response to the network event exceeding a network degradation threshold, the network event is identified as a network degradation event, and an alert is sent to a network administrator to normalize the network degradation event.

Disclosed herein are a financial services network and associated processes for providing interactive transmissions between network participants. The financial services network includes a private and secure transport network that allows for any number of financial services to be conducted between participants and other entities associated with the network. Each participant can operate as a requestor or responder. The system also includes a network administrator that is configured to govern the flow of messages directly between participants. By interconnecting participants to an unlimited number of information providers, all participants can obtain information and verifications on an interactive basis. Also, by employing a single network having a standardized message format and protocol, all participants can quickly and easily interactively request or provide information and verify to any other participant without the concern of incompatibility between system, transmission, or even message formats or protocols.

A system and method for communicating with network devices without regard to the device type and/or manufacturer is described. In one embodiment, the present invention provides a global graphical user interface (GUI) for communicating with various network devices. The global GUI includes an intuitive interface driven by a template library. For each device type and each device manufacturer, this template library can store both the attribute fields required for device configuration and the format for communicating those attribute fields. When a network administrator wants to communicate with a particular network device, the template associated with that device can be retrieved from the template library. The network administrator can then populate the attribute fields of that template with the appropriate data. This attribute data can be formatted and provided to the network device.

A method and system for extracting and building end-to-end route information in a multi-area Internet protocol (IP) autonomous system (AS) is disclosed. The method and system enable a user, such as a network administrator, to explicitly identify a full set of paths (links and routers) that a given IP packet would potentially traverse from its entry point in the source area of the AS where it originates until its exit point in its intended destination area.

A method and system for updating a group of network nodes, such as a group of MFPs, with replacement software in a manner that improves network performance and the predictability of a completion time for installation of the replacement software involves throttling distribution of a software update package to avoid resource oversubscription while time-bounding distribution so that installation of the software update on all of the network nodes can be completed by a certain time and, in some embodiments, further involves determining a start time for distribution of the software update package based at least in part on a scheduled installation time selected by a network administrator, which provides a high degree of confidence that installation of the software update across the entire group of network nodes will be completed around a scheduled time (e.g. during “off hours”) notwithstanding the staggered distribution of the software update package.

The present invention provides a method in which the physical connection information and the logical network configuration information are kinked to the status of spanning tree, and the status of spanning tree is displayed with the physical connection and the logical network configurations. The method can provide the better recognition about not only intended the physical and logical configurations but the status of spanning tree to a network administrator. Therefore, the network administrator can integrally recognize the status of the network and the failure in the network will be analyzed easily to recover the network to normal state in shorter time.

A system and method for ensuring that machines having invalid or corrupt states are restricted from accessing network resources are provided. A quarantine server located on a trusted machine in a network provides a bill of health to a quarantine agent located on a client computer that wishes to gain access to network resources administered by an organization. The quarantine agent requests bill of health from the quarantine server, and receives a manifest of checks that the client computer must perform. The quarantine agent then sends a status report on the checks back to the quarantine server. If the client computer is in a valid security state, the bill of health is issued to the client. If the client computer is in an invalid state, the client is directed to install the appropriate software/patches to achieve a valid state. When a client requests the use of network resources from a network administrator, the network administrator requests the client's bill of health. If the bill of health is valid, the client is admitted to the network. If the bill of health is invalid, or if the client does not have a quarantine agent, the client is placed in quarantine, in which the only network resources accessible to the client are those necessary to install the quarantine agent and requisite software/patches to achieve a valid state.

A system, method and computer program product for managing diagnostic and performance information for communications system terminal endpoints (TEs) communicating over an Internet Protocol (IP) network. The TEs communicate by connections that are voice, modem, facsimile, video, data transmissions, or the like. A Diagnostic Supervisor (DS) transmits Diagnostic Configuration Messages (DCMs) to the TEs. The TE's generate Diagnostic Messages (DMs) based on diagnostic information, including error statistics, voice statistics, facsimile statistics, video statistics, data statistics, or the like, concerning IP network connections in which the TEs participate. The DCMs instructs the TEs how to format and when to transmit DMs. The DMs are transmitted by the TEs to the DS. In a system with more that one DS, the TEs can transmit DMs to the plural DSs, other TEs or any network devices. The DS can be programmed locally or remotely to send various types of DCMs. The DS can also be programmed locally or remotely to provide diagnostic reports based on DMs to network users or to the network administrator. Diagnostic information is used for disconnect supervision, answer detection, attendant supervision, billing management, rerouting of IP connections to the PSTN, and the like.

According to one embodiment, a system comprising a dynamic analysis server comprising one or more virtual machines is disclosed, wherein the one or more virtual machines may be configured to execute certain event logic with respect to a loaded module. The virtual machines may be communicatively coupled to a virtual machine manager and a database; and rule-matching logic comprising detection logic, wherein the detection logic is configured to determine (1) whether an access source is attempting to access a protected region such as a page guarded area; and (2) determine whether the access source is from the heap. The system further comprises reporting logic that is configured to generate an alert so as to notify a user and/or network administrator of a probable application-execution hijacking attack.

A GUI (Graphical User Interface) Manager is used by a network administrator to fill-in predefined templates. The administrator does not need to compile, debug or write a single line of scripting code. The GUI manager has a “select the box” and “point and click” and “fill-in the blank” approach for selecting computer settings. The predefined configuration and/or template(s) are used by a logon script program on a client system to manage the configuration of resources on at least one client. There are three levels of resources that can be managed. The first type of resource is an operating system. The second type of resource is an application resource. And the third type of resource is to redirect a resource on the client to a resource on a network such as a drive letter mapping. Resources include configurations from the group of configuration settings consisting of drive mappings, shell folders, printer deployment, proxy server access, application paths, service packs, anti-virus updates, policies and automatic mail profile creation. In another embodiment, validation logic is used on the clients' system during the execution of an application program that takes the template and applies the defined configuration settings in the template to the clients' system so as to automatically configure at least one configuration setting for a user if the combination of one or more predefined conditions for a selected group, a selected operating system and a selected connection method are met. In still another embodiment, an interpretive engine is used on the client's system to permit the administration of client resources with a template while also allowing network administrators to build their own custom logon scripts.

One embodiment of the present invention enables an individual to selectively choose an area(s) of interest and automatically scan a database to intelligently retrieve the relevant information and filter out the irrelevant information. Next, the relevant information may then be collated and made available in an electronic “book” format for ease of distribution. For example, a network administrator may go to his/her company's web page and utilize the present embodiment to download an electronic “book” pertaining to troubleshooting his/her particular network configuration. It is appreciated that the present embodiment may be utilized in a broad number of different areas since it covers any application where there may be a huge database of information and only a part of which may be of interest to selected parties. For example, the present embodiment may be quite useful in areas such as, but not limited to, pharmaceutical, manufacturing, medical, defense, and computer networking.

Customizable software provides assurances about the ability of an IP network to satisfy security, regulatory and availability requirements by comprehensive vulnerability and compliance assessment of IP networks through automated analysis of configurations of devices such as routers, switches, and firewalls. The solution comprises three main approaches for testing of IP device configurations to eliminate errors that result in vulnerabilities or requirements compliance issues. The first two fall in to the “static constraint validation” category since they do not change significantly for each IP network, while the last approach involves incorporation of each specific IP network's policies/requirements. These approaches are complementary, and may be used together to satisfy all the properties described above. The first approach involves checking the configurations of devices for conformance to Best-Current-Practices provided by vendors (e.g. Cisco Network Security Policy) and organizations such as the NIST, NSA or CERT. Also this includes checks of compliance with regulations such as FISMA, SOX, HIPPA, PCI, etc. The second approach is where as one reads device configurations, one collects beliefs about network administrator intent. As each belief is collected, an inference engine checks whether the new belief is inconsistent with previously accumulated beliefs. The third approach addresses the multiple device/protocol issue by including an understanding of high-level service and security requirements about the specific IP network under test from the network administrators.