Network management system using model-based intelligence

What is claimed is:

1. A system for maintaining and processing information pertaining to a condition of a computer network and providing the information to a user, the computer network including a plurality of network entities such as computer devices and software applications being executed on such devices, the system comprising:

a virtual network machine comprising interrelated, intelligent models of network entities and relations between network entities, the virtual network machine including:

means for acquiring network information pertaining to the condition of a network entity from the corresponding network entity;

means for maintaining objects repesenting network entities and relations between network entities, each of the objects including:

one or more attributes comprising network data relating to a corresponding network entity and derived from the acquired network information, and

one or more inference handlers for processing the network data, the inference handlers being responsive to changes occurring in one or more objects and including means for watching an attribute, means for generating a trigger in response to a change in the watched attribute, and means responsive to the trigger for producing a response in an object, wherein a first object has a first inference handler with a first means for watching an attribute in a second object and a first responsive means responsive to a change in the watched attribute of the second object; and

means for transferring the network data to a user interface; and

a user interface coupled to the virtual network machine for supplying the network data to a user.

2. The system of claim 1, wherein the first object has a second inference handler and a second responsive means, the second means being responsive to changes in an attribute of the first object.

3. The system of claim 1 wherein the network data in one object is inferred from the network data in another object.

4. The system of claim 1, wherein the network data includes hierarchial relations between network entities.

5. The system of claim 1, wherein the network data includes geographical locations of network entities.

6. The system of claim 1, wherein the network data includes topological groupings of network entities.

7. The system of claim 1, wherein the virtual network machine comprises a programmed digital computer.

8. The system of claim 1, wherein the virtual network machine is implemented using an object-oriented programming language selected from the group consisting of C++, Eiffel, Smalltalk, and ADA.

9. The system of claim 1, wherein the virtual network machine comprises part of a network management system.

10. The system of claim 1, wherein the acquiring means includes means for polling the network entities.

11. The system of claim 1, wherein the acquiring means automatically receives network information from network entities.

12. The system of claim 1, wherein the network data includes at least one of configuration data, an event log, statistics, history and current state information.

13. The system of claim 1, wherein the network data includes at least one of: a model name, a model type name, a model type handle, a polling interval, a next-time-to-poll, a retry count, a contact status, an activation status, a time of last poll, and statistics pertaining to the network entity being modeled.

14. The system of claim 1, wherein the inference handler is responsive to changes including at least one of: a creation or destruction of an object, activation or initialization of an object, change of network data in the same object, change of network data in another object, addition or removal of a relation, occurrence of a specified event, and a user specified action.

15. The system of claim 1, wherein the inference handler generates an alarm when the network data satisfies a predetermined criteria.

16. The system of claim 1, wherein the inference handler generates an output which includes at least one of a change in network data, the creation or destruction of an object, and an alarm.

17. The system of claim 1, wherein the watching means in a first object watches an attribute in a second object and the responsive means produces a change in an attribute of the first object.

18. The system of claim 1, wherein the inference handler includes means for isolating network faults.

19. The system of claim 1, wherein the user interface includes a display screen for displaying the network data.

20. The system of claim 1, wherein the user interface includes a view manager allowing the user to select different views.

21. The system of claim 1, wherein the network data provided to the user includes at least one of events, alarms, and statistical information.

22. The system of claim 1, wherein the user interface includes a display and an icon manager for controlling at least some part of the display, and wherein the icon manager receives network data from the virtual network machine for display on the user interface.

23. The system of claim 1, wherein the network data includes a model handle for an icon manager, and the user interface includes an icon manager having the associated model handle.

24. The system of claim 1, including a memory for storing network data, and wherein the objects include a memory flag indicating that network data is stored in the memory.

25. The system of claim 1, including a database for storing network data, and wherein the object include a database flag indicating that the network data is stored in the database.

26. The system of claim 1, wherein the network data is stored in the network entity being modeled, and the objects include an external flag indicating that the network data is maintained in the network entity.

27. The system of claim 1, including a device communication manager connected to the network and to the virtual network machine for handling the transfer of network information between the network entities and the virtual network machine.

28. The system of claim 27, wherein the acquiring means generates requests for network information and the device communication manager converts the request to a network management protocol for communicating with the corresponding network device.

29. The system of claim 27, including a protocol module connected to the device communication manager containing a collection of modules which permit network entities to communicate using a network management protocol.

30. The system of claim 1, including a view module connected to the user interface containing a collection of data modules which permit the user interface to provide different views of the network.

31. The system of claim 1, including a device module connected to the virtual network machine containing a collection of modules which permit network entities to be configured and managed by a network management system.

32. The system of any one of claims 30 to 31, wherein the modules can be modified to permit reconfiguration of the network without changing the virtual network machine.

33. A method for maintaining and processing information pertaining to the condition of a computer network and providing the same to a user, the network including a plurality of network entities such as computer devices and software applications being executed on such devices, the method comprising the steps of:

acquiring network information pertaining to the condition of a network entity from the corresponding network entity;

maintaining a virtual network of interrelated intelligent models comprising objects representing network entities and relations between network entities, each of the objects including:

one or more attributes comprising network data relating to a corresponding network entity and derived from the acquired network information, and

one or more inference handlers for processing the network data, the inference handlers being responsive to changes occurring in one or more objects by watching an attribute, generating a trigger in response to a change in the watched attribute, and responsive to the trigger, producing a response in an object, wherein a first object watches an attribute in a second object and a change in the attribute of the second object triggers the response; transferring the network data to a user interface; and displaying the network data on a user interface.

34. The method of claim 33, wherein a change in an attribute of the first object triggers a change in the first object.

35. The method of claim 33, including providing a protocol module connected to the virtual network machine and containing a collection of modules which permit network entities to communicate using a network management protocol.

36. The method of claim 33, wherein the first object and the second object have a connection relation and a change in an attribute in the first object triggers an inference handler in the second object.

37. The method of claim 33, wherein the first object and the second object have a contains relation and a change in an attribute in the first object triggers an inference handler in the second object.

38. The method of claim 33, wherein the first object and the second object have an executes relation and a change in an attribute in the first object triggers an inference handler in the second object.

39. The method of claim 33, wherein the first object and the second object have an "is part of" relation and a change in an attribute in the first object triggers an inference handler in the second object.

40. The method of claim 33, wherein the responsive means modifies an existing object.

41. The method of claim 33, wherein the responsive means creates a new object.

42. The method of claim 33, wherein the responsive means initiates a fault isolation process.

43. The method of claim 33, wherein the responsive means initiates an alarm notification process.

44. The method of claim 33, wherein the responsive means initiates a transfer of network data to the user interface.

45. The method of claim 33, wherein the responsive means controls an icon manager object for controlling an icon on the user interface.

46. The method of claim 33, wherein the responsive means control a view manager object for controlling a view on the user interface.

47. The method of claim 33, wherein the watched attribute is a condition attribute representative of the status of the corresponding network entity.

48. The method of claim 33, wherein the network information is automatically acquired from the network entities.

49. The method of claim 33, including providing a view module connected to the user interface and containing a collection of data modules which permit the user interface to provide different views of the network.

50. The method of claim 33, including providing a device module connected to the virtual network machine and containing a collection of modules which permit network entities to be configured and managed by a network management system.

51. The method of any one of claim 48 to 50, wherein the modules allow reconfiguration of the network without changing the virtual network machine.

52. The method of claim 33, wherein the network data in one object is inferred from the network data in another object.

53. The method of claim 52, wherein the objects include objects representing a location or topology and the network data in a location or topology object is inferred from the network data in objects which acquire network information from the corresponding network entities.

Description Submit all comments and votes

FIELD OF THE INVENTION

This invention relates to systems for management of computer networks and, more particularly, to network management systems which utilize interrelated, intelligent models of network entities to form a virtual network.

BACKGROUND OF THE INVENTION

Computer networks are widely used to provide increased computing power, sharing of resources and communication between users. Computer systems and computer system components are interconnected to form a network. Networks may include a number of computer devices within a room, building or site that are interconnected by a high speed local data link such as local area network (LAN), token ring, Ethernet, or the like. Local networks in different locations may be interconnected by techniques such as packet switching, microwave links and satellite links to form a world-wide network. A network may include several hundred or more interconnected devices.

In computer networks, a number of issues arise, including traffic overload on parts of the network, optimum placement of network resources, security, isolation of network faults, and the like. These issues become more complex and difficult as networks become larger and more complex. For example, if a network device is not sending messages, it may be difficult to determine whether the fault is in the network device itself, the data communication link or an intermediate network device between the sending and receiving network devices.

Network management systems have been utilized in the past in attempts to address such issues. Prior art network management systems typically operated by remote access to and monitoring of information from network devices. The network management system collected large volumes of information which required evaluation by a network administrator. Prior art network management systems place a tremendous burden on the network administrator. He must be a networking expert in order to understand the implications of a change in a network device parameter. The administrator must also understand the topology of each section of the network in order to understand what may have caused the change. In addition, the administrator must sift through reams of information and false alarms in order to determine the cause of a problem.

It is therefore desirable to provide a network management system which can systematize the knowledge of the networking-expert such that common problems can be detected, isolated and repaired, either automatically or with the involvement of less skilled personnel. Such a system must have certain characteristics in order to achieve this goal. The system must have a complete and precise representation of the network and the networking technologies involved. It is insufficient to extend prior art network management systems to include connections between devices. A network is much more than the devices and the wires which connect them. The networdk involves the network devices, the network protocols and the software running on the devices. Without consideration of these aspects of the network, a model is incomplete. A system must be flexible and extendable. It must allow not only for the modeling of new devices, but must allow for the modeling of new technologies, media applications and protocol. The system must provide a facility for efficiently encapsulating the expert's knowledge into the system.

It is a general object of the present invention to provide improved methods and apparatus for managing networks.

It is another object of the present invention to provide network management systems which utilize models of network entities and interrelationships between network entities.

It is a further object of the present invention to provide network management systems which utilize model-based intelligence to represent a physical network.

It is yet another object of the present invention to provide network management systems wherein models of network entities encapsulate data and intelligence relating to the network entity.

SUMMARY OF THE INVENTION

According to the present invention, these and other objects and advantages are achieved in a method and apparatus for managing networks. A system for use with a computer network comprises a virtual network including a plurality of models for representing network entities, each model containing network data relating to a corresponding network entity and means for processing the network data to provide user information. The virtual network further includes model relations representing relations between the network entities. The system also includes means for transferring network data from the network entities to the corresponding models in the virtual network and means for supplying the user information from the virtual network to a user.

The system of the present invention employs model-based intelligence to create a representation of an entire network. The models represent network devices, geographical locations of network devices, topological groupings of network devices, software applications being executed on the network devices or any other network entity for which a management function is to be performed. The model relations define both network connections between network devices and hierarchical relationships between network entities.

The virtual network includes means for polling selected network devices and updating the network data in the corresponding models. The polling is performed at intervals which can be different for different network devices.

The models are implemented as software objects containing both data relating to the corresponding network entity and one or more inference handlers for processing the data. The inference handlers are triggered by predetermined virtual network events such as a change in specified network data in the same model, a change in specified network data in a different model, predefined events or changes in models or model relations. Information pertaining to the condition of a network entity can be obtained from the network entity by polling or can be inferred from data contained in other models. An alarm condition is generated when the network data meets a predetermined criteria. Events, alarms and statistical information from the virtual network are stored in a database and are selectively displayed for the user.

BRIEF DESCRIPTION OF THE DRAWINGS

For a better understanding of the present invention, together with other and further objects, advantages and capabilities thereof, reference is made to the accompanying drawings which are incorporated herein by reference and in which:

FIG. 1 is a block diagram of a network management system in accordance with the invention;

FIG. 2 is a block diagram showing an example of a network;

FIG. 3 is a schematic diagram showing the structure of models and the relations between models;

FIG. 4 is a block diagram showing a portion of the representation of the network of FIG. 2 in the virtual network machine;

FIG. 5 is a flow chart illustrating an example of operation of the virtual network machine;

FIG. 6 is a flow chart of a fault isolation technique in accordance with the present invention;

FIG. 8A and 8B show examples of toplogical display views provided by the network management system;

FIG. 9 is a schematic diagram of a multifunction icon employed in the user display views; and

FIG. 10 shows an example of an alarm log display provided by the network management system.

DETAILED DESCRIPTION OF THE INVENTION

A block diagram of a network management system in accordance with the present invention is shown in FIG. 1. The major components of the network management system are a user interface 10, a virtual network machine 12, and a device communication manager 14. The user interface 10, which may include a video display screen, keyboard, mouse and printer, provides all interaction with the user. The user interface controls the screen, keyboard, mouse and printer and provides the user with different views of the network that is being managed. The user interface receives network information from the virtual network machine 12. The virtual network machine 12 contains a software representation of the network being managed, including models that represent the devices and other entities associated with the network, and relations between the models. The virtual network machine 12 is associated with a database manager 16 which manages the storage and retrieval of disk-based data. Such data includes configuration data, an event log, statistics, history and current state information. The device communication manager 14 is connected to a network 18 and handles communication between the virtual network machine 12 and network devices. The data received from the network devices is provided by the device communication manager to the virtual network machine 12. The device communication manager 14 converts generic requests from the virtual network machine 12 to the required network management protocol for communicating with each network device. Existing network management protocols include Simple Network Management Protocol (SNMP), Internet Control Message Protocol (ICMP) and many proprietary network management protocols. Certain types of network devices are designed to communicate with a network management system using one of these protocols.

A view personality module 20 connected to the user interface 10 contains a collection of data modules which permit the user interface to provide different views of the network. A device personality module 22 connected to the virtual network machine 12 contains a collection of data modules which permit devices and other network entities to be configured and managed with the network management system. A protocol personality module 24 connected to the device communication manager contains a collection of data modules which permit communication with all devices that communicate using the network management protocols specified by the module 24. The personality modules 20, 22 and 24 provide a system that is highly flexible and user configurable. By altering the personality module 20, the user can specify customized views or displays. By changing the device personality module 22, the user can add new types of network devices to the system. Similarly, by changing the protocol personality module 24, the network management system can operate with new or different network management protocols. The personality modules permit the system to be reconfigured and customized without changing the basic control code of the system.

The overall software architecture of the present invention is shown in FIG. 1. The hardware for supporting the system of FIG. 1 is typically a workstation such as a Sun Model 3 or 4, or a 386 PC compatible computer running Unix. A minimum of 8 megabytes of memory is required with a display device which supports a minimum of 640.times.680 pixels .times.256 color resolution. The basic software includes a Unix release that supports sockets, X-windows and Open Software-Foundation Motif 1.0. The network management system of the present invention is implemented using the C++ programming language, but could be implemented in other object-oriented languages such as Eiffel, Smalltalk, ADA, or the like. The virtual network machine 12 and the device communication manager 14 may be run on a separate computer from the user interface 10 for increased operating speed.

An example of a network is shown in FIG. 2. The network includes workstations 30, 31, 32, 33 and disk units 34 and 35 interconnected by a data bus 36. Workstations 30 and 31 and disk unit 34 are located in a room 38, and workstations 32 and 33 and disk unit 35 are located in a room 40. The rooms 38 and 40 are located within a building 42. Network devices 44, 45 and 46 are interconnected by a data bus 47 and are located in a building 48 at the same site as building 42. The network portions in buildings 42 and 48 are interconnected by a bridge 50. A building 52 remotely located (in a different city, state or country) from buildings 42 and 48, contains network devices 53, 54, 55 and 56 interconnected by a data bus 57. The network devices in building 52 are interconnected to the network in building 48 by interface devices 59 and 60, which may communicate by a packet switching system, a microwave link or a satellite link. The network management system shown in FIG. 1 and described above is connected to the network of FIG. 2 at any convenient point, such as data bus 36.

In general, the network management system shown in FIG. 1 performs two major operations during normal operation. It services user requests entered by the user at user interface 10 and provides network information such as alarms and events to user interface 10. In addition, the virtual network machine 12 polls the network to obtain information for updating the network models as described hereinafter. In some cases, the network devices send status information to the network management system automatically without polling. In either case, the information received from the network is processed so that the operational status, faults and other information pertaining to the network are presented to the user in a systematized and organized manner.

As indicated above, the network entities that make up the network that is being managed by the network management system are represented by software models in the virtual network machine 12. The models-represent network devices such as printed circuit boards, printed circuit board racks, bridges, routers, hubs, cables and the like. The models also represent locations or topologies. Location models represent the parts of a network geographically associated with a building, country, floor, panel, rack, region, room, section, sector, site or the world. Topological models represent the network devices that are topologically associated with a local area network or subnetwork. Models can also represent components of network devices such as individual printed circuit boards, ports and the like. In addition, models can represent software applications such as data relay, network monitor, terminal server and end point operations. In general, models can represent any network entity that is of interest in connection with managing or monitoring the network.

The virtual network machine includes a collection of models which represent the various network entities. The models themselves are collections of C++ objects. The virtual network machine also includes model relations which define the interrelationships between the various models. Several types of relations can be specified. A "connects to" relation is used to specify an interconnection between network devices. For example, the interconnection between two workstations is specified by a "connects to" relation. A "contains" relation is used to specify a network entity that is contained within another network entity. Thus for example, a workstation model may be contained in a room, building or local network model. An "executes" relation is used to specify the relation between a software application and the network device on which it runs. An "is part of" relation specifies the relation between a network device and its components. For example, a port model may be part of a board model or a card rack model.

Relations are specified as pairs of associations. The relations can specify peer-to-peer associations and hierarchical associations.

Each model includes a number a attributes and one or more inference handlers. The attributes are data which define the characteristics and status of the network entity being modeled. Basic attributes include a model name, a model type name, a model type handle, a polling interval, a next-time-to-poll, a retry count, a contact status, an activation status, a time-of-last-poll and statistics pertaining to the network entity which is being modeled. Polling of network devices will be described hereinafter. In addition, attributes that are unique to a particular type of network device can be defined. For example, a network bridge contains a table that defines the devices that are located on each side of the bridge. A model of the network bridge can contain, as one of its attributes, a copy of the table.

In a preferred embodiment of the invention, each attribute contained in a model type includes the following:

1. An attribute name that identifies the attribute.

2. An attribute type that defines the kind of attribute. Attribute types may include Boolean values, integers, counters, dates, text strings, and the like.

3. Attribute flags indicate how the attribute is to be manipulated. A memory flag indicates that the attribute is stored in memory. A database flag indicates that the attribute is maintained in the database of the virtual network machine. An external flag indicates that the attribute is maintained in the device being modeled. A polled flag indicates that the attributes value should be periodically surveyed or polled by the device being modeled. The flags also indicate whether the attribute is readable or writable by the user.

4. Object identifier is the identifier used to access the attribute in the device is defined by the network management protocol used to access the device.

5. Attribute help string is a text string which contains a description of the defined attribute. When the user asks for help regarding this attribute, the text string appears on the user interface screen.

6. Attribute value is the value of the attribute.

The models used in the virtual network machine also include one or more inference handlers