US 9,813,292 B2
Network node policy generation and implementation
Alan James Sharp-Paul, Los Altos, CA (US); and Michael Franz Baukes, Sunnyvale, CA (US)
Assigned to Upguard, Inc., Mountain View, CA (US)
Filed by ScriptRock Inc., Mountain View, CA (US)
Filed on Dec. 17, 2014, as Appl. No. 14/574,232.
Prior Publication US 2016/0182296 A1, Jun. 23, 2016
Int. Cl. G06F 15/16 (2006.01); H04L 12/24 (2006.01); G06F 15/177 (2006.01); H04L 29/06 (2006.01); G06F 3/0484 (2013.01)
CPC H04L 41/0813 (2013.01) [H04L 41/0869 (2013.01); H04L 41/0893 (2013.01); G06F 3/04842 (2013.01); G06F 15/177 (2013.01); H04L 41/0803 (2013.01); H04L 41/0806 (2013.01); H04L 41/0816 (2013.01); H04L 63/101 (2013.01)] 20 Claims
OG exemplary drawing
 
1. A computer-implemented method for network management by an operator node comprising a specially configured hardware computing system, the method comprising:
accessing, by the operator node, a configuration policy identifying a set of node objects or settings and comprising a set of tests that, when run, test for an implementation of a subset of the identified set of node objects or settings at a node being tested;
receiving from each of a plurality of nodes within the network, by the operator node, configuration information describing a configuration of the node, the configuration of the node identifying one or more node objects or settings implemented by the node, each of the plurality of nodes configured to perform a self-scan to produce the configuration information and to provide the configuration information to the operator node;
for each of the plurality of nodes:
applying the configuration policy to the configuration information received from the node, wherein applying the configuration policy comprises running the set of tests on the configuration information to determine whether the one or more of the set of node objects or settings are implemented by the node; and
identifying, based on the application of the configuration policy to the configuration information received from the node, one or more of the set of the selected node objects or settings not implemented by the node; and
re-configuring, by the operator node, a subset of the plurality of nodes based on the configuration policy by, for each of the subset of nodes, implementing the identified one or more node objects or settings not implemented by the node.