This innovation can be run as a standalone network application on any computer in a networked environment. This design can be configured to control one or more routers (one instance per router), and can also be configured to listen to a policy server over the network to receive new policies based on the policy-based network management technology. The Router Agent Technology transforms the received policies into suitable Access Control List syntax for the routers it is configured to control. It commits the newly generated access control lists to the routers and provides feedback regarding any errors that were faced. The innovation also automatically generates a time-stamped log file regarding all updates to the router it is configured to control.

This technology, once installed on a local network computer and started, is autonomous because it has the capability to keep listening to new policies from the policy server, transforming those policies to router-compliant access lists, and committing those access lists to a specified interface on the specified router on the network with any error feedback regarding commitment process.

The stand-alone application is named RouterAgent and is currently realized as a fully functional (version 1) implementation for the Windows operating system and for CISCO routers.

This work was done by Edward T. Chow, Gurusham Sudhir, Hsin-Ping Chang, Mark James, and Yih-Chiao J. Liu of Caltech and Winston Chiang of the University of Southern California for NASA’s Jet Propulsion Laboratory.

The software used in this innovation is available for commercial licensing. Please contact Daniel Broderick of the California Institute of Technology at This email address is being protected from spambots. You need JavaScript enabled to view it.. Refer to NPO-47228.

Topics:
Electronics & Computers Exteriors Research and development Windows and windshields
This Brief includes a Technical Support Package (TSP).
Document cover
Router Agent Technology for Policy-Based Network Management

(reference NPO-47228) is currently available for download from the TSP library.

Don't have an account?

Magazine cover
NASA Tech Briefs Magazine

This article first appeared in the August, 2011 issue of NASA Tech Briefs Magazine (Vol. 35 No. 8).

Read more articles from this issue here.

Read more articles from the archives here.

Overview

The document discusses the development of Router Agent Technology for Policy-Based Network Management, a system designed to automate the management of access and security policies across geographically distributed network devices, particularly routers. Traditionally, network administrators manually update access control lists (ACLs) on routers, often using telnet sessions to connect to each device. This process is time-consuming and prone to errors, highlighting the need for a more efficient solution.

The Router Agent Technology aims to address these challenges by introducing a stand-alone application called 'RouterAgent.' This application can be run on any Windows computer within a networked environment and is capable of controlling multiple routers. Key features of the RouterAgent include:

  1. Configuration and Control: The application can be configured to manage one or more routers, with a separate instance required for each router.
  2. Policy Reception: It listens to a policy server over the network to receive new policies based on the policy-based network management framework.
  3. Policy Transformation: The RouterAgent transforms received policies into the appropriate ACL syntax for the routers it manages.
  4. Policy Commitment: It commits the newly generated ACLs to the routers and provides feedback on any errors encountered during the process.
  5. Logging: The application automatically generates a time-stamped log file documenting all updates made to the routers.

The current implementation of RouterAgent is fully functional for Windows XP and Cisco routers, with plans to extend compatibility to Unix/Linux operating systems and Juniper routers. Additionally, there are ongoing efforts to enhance the automation features of the product.

The research and development of this technology were conducted at NASA's Jet Propulsion Laboratory (JPL) under a contract with the National Aeronautics and Space Administration (NASA). The document emphasizes the potential of this technology not only for aerospace applications but also for broader technological, scientific, and commercial uses.

For further inquiries or assistance, the document provides contact information for the Innovative Technology Assets Management team at JPL. Overall, the Router Agent Technology represents a significant advancement in the field of network management, aiming to streamline the process of policy enforcement across distributed network devices.