Patents by Inventor Philip Shafer
Philip Shafer has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8904380Abstract: A multi-chassis router allows an administrator to install software from a single user interface. The multi-chassis router automatically forwards the software to each chassis within the multi-chassis router when given a single command to install the software from an administrator. The multi-chassis router also automatically validates the software on each chassis. After reporting the results of the validations, the multi-chassis router may wait for the administrator to issue a commit command before committing each chassis within the multi-chassis router to the software. Alternatively, in response to a failed validation or for other reason, an administrator can issue a single ROLLBACK command. This allows each chassis within the multi-chassis router to have the same software during all stages of a software installation and ensures software on each chassis is compatible with software on every other chassis.Type: GrantFiled: February 4, 2013Date of Patent: December 2, 2014Assignee: Juniper Networks, Inc.Inventors: Wing Eng, Pallavi Mahajan, Philip A. Shafer
-
Patent number: 8799980Abstract: A network management system is described for assuring that a network device complies with a device-specific configuration policy. One example of the network management system contains one or more business rules that describe a business policy regarding a computer network in a network-independent form. In general, the business rules refer to high-level business requirements and not to device-specific configuration information. The network management system uses the business rule to determine which business policies are currently in force. In addition, the network management system contains one or more network design rules that describe relationship between the business policy and one or more device-specific configuration policies. The network management server uses the network design rules to determine whether to deploy a device-specific configuration policies.Type: GrantFiled: January 5, 2006Date of Patent: August 5, 2014Assignee: Juniper Networks, Inc.Inventors: Philip A. Shafer, Robert P. Enns, Paulo Lima, Greg Sidebottom, William P. Welch, Michael S. Jacobsen, Craig A. Bardenheuer
-
Patent number: 8769129Abstract: In general, the invention is directed to techniques for establishing secure connections with devices residing behind a security device. In accordance with the techniques, a managed device initiates a transmission control protocol (TCP) session to establish a TCP session with a management device such that the management device acts as the TCP server and the managed device acts as a TCP client. Once established, the managed device sends a role reversal message specifying an identity of the managed device via the TCP session. Upon receiving the role reversal message, the management device initiates a secure connection over the TCP session in accordance with a secure protocol such that the management device acts as the secure protocol client and the managed device acts as the secure protocol server. By properly establishing the secure session, each of the devices assumes the proper roles and administrators may more easily configure the devices.Type: GrantFiled: November 14, 2007Date of Patent: July 1, 2014Assignee: Juniper Networks, Inc.Inventors: Kent A. Watsen, Simon J. Gerraty, Paul Fraley, Philip A. Shafer, Darren Tom
-
Patent number: 8661095Abstract: In one example, a device includes a network interface configured to present a command interface to receive input comprising a command and an indicator, wherein the command conforms to an execution format and specifies one or more parameters to be applied during execution of the command, and wherein the indicator indicates, at least in part, that the command is not to be executed, and a control unit configured to reformat, based on the indicator, the command to conform to an extensible markup language (XML) format such that the reformatted command complies with a syntax supported by a script processing module of the network device and specifies the command and the one or more parameters in the XML format in a format that can be executed by the script processing module, and to output the reformatted command via the command interface. Thus, the device may provide XML formatted equivalents for commands.Type: GrantFiled: August 17, 2011Date of Patent: February 25, 2014Assignee: Juniper Networks, Inc.Inventors: Arockia Anbarasan, Philip A. Shafer
-
Patent number: 8433667Abstract: A network device may include logic configured to invoke proactive programs based on the expiration of a long time period within the network device, wherein the proactive programs collect data relating to operations of the network device, invoke reactive programs based on the detection of at least one of an event or expiration of a short time period, wherein the reactive programs collect, correlate and analyze data relating to the detected event or expiration of a short time period, determine a corrective action based on collected and analyzed data, and perform the determined corrective action within the network device.Type: GrantFiled: August 17, 2007Date of Patent: April 30, 2013Assignee: Juniper Networks, Inc.Inventors: Pallavi Mahajan, Philip A. Shafer, Robert P. Enns, Daniel Kharitonov, Dogu Narin, M. Richard Salaiz
-
Patent number: 8370831Abstract: A multi-chassis router allows an administrator to install software from a single user interface. The multi-chassis router automatically forwards the software to each chassis within the multi-chassis router when given a single command to install the software from an administrator. The multi-chassis router also automatically validates the software on each chassis. After reporting the results of the validations, the multi-chassis router may wait for the administrator to issue a commit command before committing each chassis within the multi-chassis router to the software. Alternatively, in response to a failed validation or for other reason, an administrator can issue a single ROLLBACK command. This allows each chassis within the multi-chassis router to have the same software during all stages of a software installation and ensures software on each chassis is compatible with software on every other chassis.Type: GrantFiled: June 29, 2010Date of Patent: February 5, 2013Assignee: Juniper Networks, Inc.Inventors: Wing Eng, Pallavi Mahajan, Philip A. Shafer
-
Publication number: 20120303758Abstract: In one example, a device includes a network interface configured to present a command interface to receive input comprising a command and an indicator, wherein the command conforms to an execution format and specifies one or more parameters to be applied during execution of the command, and wherein the indicator indicates, at least in part, that the command is not to be executed, and a control unit configured to reformat, based on the indicator, the command to conform to an extensible markup language (XML) format such that the reformatted command complies with a syntax supported by a script processing module of the network device and specifies the command and the one or more parameters in the XML format in a format that can be executed by the script processing module, and to output the reformatted command via the command interface. Thus, the device may provide XML formatted equivalents for commands.Type: ApplicationFiled: August 17, 2011Publication date: November 29, 2012Applicant: JUNIPER NETWORKS, INC.Inventors: Arockia Anbarasan, Philip A. Shafer
-
Patent number: 8291506Abstract: Configuration information for a network device may be associated with a protection state that may restrict the modification of portions of the configuration information that are set to the protected state. The network device may be configured using configuration information defined as a group of hierarchically arranged configuration statements. Permissions may be stored for the network device relating to users permitted to modify the configuration information. The permissions may include permission tags, or other information defining the protection state, associated with the configuration statements. Intended modifications to the configuration information may be processed based on whether the intended modifications affect configuration statements associated with one of the permission tags.Type: GrantFiled: February 22, 2010Date of Patent: October 16, 2012Assignee: Juniper Networks, Inc.Inventor: Philip A. Shafer
-
Patent number: 8135857Abstract: A multi-chassis router allows an administrator to distribute configuration data from a single user interface. Additionally, the multi-chassis router presents a software image consistent with that of a standalone router and uses configuration data syntax that is consistent with that of a standalone router. The multi-chassis router automatically distributes and validates relevant configuration data at each chassis within the multi-chassis router. In effect, an administrator does not need to account for the multiple chassis configuration, and an administrator familiar with the configuration data syntax for a standalone router can use that knowledge to configure the multi-chassis router.Type: GrantFiled: September 26, 2005Date of Patent: March 13, 2012Assignee: Juniper Networks, Inc.Inventors: Wing Eng, Pallavi Mahajan, Philip A. Shafer
-
Publication number: 20110209203Abstract: Configuration information for a network device may be associated with a protection state that may restrict the modification of portions of the configuration information that are set to the protected state. The network device may be configured using configuration information defined as a group of hierarchically arranged configuration statements. Permissions may be stored for the network device relating to users permitted to modify the configuration information. The permissions may include permission tags, or other information defining the protection state, associated with the configuration statements. Intended modifications to the configuration information may be processed based on whether the intended modifications affect configuration statements associated with one of the permission tags.Type: ApplicationFiled: February 22, 2010Publication date: August 25, 2011Applicant: JUNIPER NETWORKS INC.Inventor: Philip A. SHAFER
-
Patent number: 7822718Abstract: Techniques are described for reliable restoration of archived configuration. For example, a device, such as a router, comprises a first memory to store operational configuration data and a second memory to store candidate configuration data. The candidate configuration data represents a working copy of the operational configuration data. The device further includes a control unit to lock the candidate configuration data, load archived configuration data to replace the locked candidate configuration data and commit the candidate configuration data to restore the archived configuration data as the operational configuration data of the device. In locking the candidate configuration, the device ensures reliable restoration of the candidate configuration by helping prevent the device from becoming both unreachable and inoperable.Type: GrantFiled: April 21, 2009Date of Patent: October 26, 2010Assignee: Juniper Networks, Inc.Inventors: Reid E. Wilson, Philip A. Shafer
-
Patent number: 7761746Abstract: In general, the invention facilitates diagnosing fault conditions, such as flapping, by permitting users to request information for specific components in a network device such as a router. The invention also facilitates the diagnosis of other fault conditions, including, but not limited to, excessive numbers of dropped packets, hard drive crashes, high temperature readings, and inactive interface cards. A user may obtain a targeted log containing information relating to selected fault conditions or other network device events, rather than a system log containing information relating to all network device events, some of which may not be of interest to the user. The targeted log may be parsed and analyzed with greater ease than the system log.Type: GrantFiled: November 2, 2007Date of Patent: July 20, 2010Assignee: Juniper Networks, Inc.Inventors: Philip A. Shafer, Reid E. Wilson
-
Patent number: 7747999Abstract: A multi-chassis router allows an administrator to install software from a single user interface. The multi-chassis router automatically forwards the software to each chassis within the multi-chassis router when given a single command to install the software from an administrator. The multi-chassis router also automatically validates the software on each chassis. This allows each chassis within the multi-chassis router to have the same software during all stages of a software installation and ensures software on each chassis is compatible with software on every other chassis. In effect, an administrator does not need to account for the multiple chassis configuration, and an administrator familiar with software installation on a standalone router can use that knowledge to install software on the multi-chassis router.Type: GrantFiled: September 26, 2005Date of Patent: June 29, 2010Assignee: Juniper Networks, Inc.Inventors: Wing Eng, Pallavi Mahajan, Philip A. Shafer
-
Patent number: 7739330Abstract: A network router management interface offers two different presentation modes for viewing configuration and operational information encoded in extensible markup language output obtained from a network router. The network router management interface provides an application programming interface (API) that permits client applications to formulate configuration and operational requests according to an extensible markup language, such as XML. In response to the configuration and operational requests submitted by a client application, the router produces XML output. On a selective basis, the user may elect to view or archive the XML output in either a rendered or unrendered format. In this manner, clients such as network administrators, installation technicians and applications developers can view raw XML output on a selective basis for use in development and debugging.Type: GrantFiled: December 13, 2005Date of Patent: June 15, 2010Assignee: Juniper Networks, Inc.Inventor: Philip A. Shafer
-
Patent number: 7565416Abstract: Techniques are described for application of implementation-specific configuration policies within a network device. For example, a device, such as a router, may comprise memory to store operational configuration data and candidate configuration data. The device further includes a control unit to apply changes to the candidate configuration data based on input from a client, and apply an implementation-specific configuration policy to a copy of the changed candidate configuration data. Based on a result of applying the implementation-specific configuration policy, the device selectively commits the changes made to the candidate configuration to the operational configuration. In the event an error occurs while applying the implementation-specific configuration policy, the device does not commit the changes to the operational configuration.Type: GrantFiled: April 14, 2004Date of Patent: July 21, 2009Assignee: Juniper Networks, Inc.Inventors: Philip A. Shafer, Robert P. Enns
-
Patent number: 7558835Abstract: A network device includes an initial data source to store configuration data for the network device, and a management module to generate a configuration patch that lists any differences between a working copy of the initial data source and the initial data source. The management module modifies the working copy based on configuration commands received from a client, and updates the initial data source in accordance with the differences defined by the configuration patch. During the update process, the management module verifies that any conditions specified by the patch are satisfied. The management module may generate the configuration patch in response to a first command from a client, and apply the patch in response to a second command from the client. The configuration patch may be communicated to other network devices for configuring the devices.Type: GrantFiled: March 17, 2003Date of Patent: July 7, 2009Assignee: Juniper Networks, Inc.Inventor: Philip A. Shafer
-
Publication number: 20090125633Abstract: In general, the invention is directed to techniques for establishing secure connections with devices residing behind a security device. In accordance with the techniques, a managed device initiates a transmission control protocol (TCP) session to establish a TCP session with a management device such that the management device acts as the TCP server and the managed device acts as a TCP client. Once established, the managed device sends a role reversal message specifying an identity of the managed device via the TCP session. Upon receiving the role reversal message, the management device initiates a secure connection over the TCP session in accordance with a secure protocol such that the management device acts as the secure protocol client and the managed device acts as the secure protocol server. By properly establishing the secure session, each of the devices assumes the proper roles and administrators may more easily configure the devices.Type: ApplicationFiled: November 14, 2007Publication date: May 14, 2009Applicant: Juniper Networks, Inc.Inventors: Kent A. Watsen, Simon J. Gerraty, Paul Fraley, Philip A. Shafer, Darren Tom
-
Patent number: 7523097Abstract: Techniques are described for reliable restoration of archived configuration. For example, a device, such as a router, comprises a first memory to store operational configuration data and a second memory to store candidate configuration data. The candidate configuration data represents a working copy of the operational configuration data. The device further includes a control unit to lock the candidate configuration data, load archived configuration data to replace the locked candidate configuration data and commit the candidate configuration data to restore the archived configuration data as the operational configuration data of the device. In locking the candidate configuration, the device ensures reliable restoration of the candidate configuration by helping prevent the device from becoming both unreachable and inoperable.Type: GrantFiled: January 13, 2004Date of Patent: April 21, 2009Assignee: Juniper Networks, Inc.Inventors: Reid E. Wilson, Philip A. Shafer
-
Publication number: 20090048995Abstract: A network device may include logic configured to invoke proactive programs based on the expiration of a long time period within the network device, wherein the proactive programs collect data relating to operations of the network device, invoke reactive programs based on the detection of at least one of an event or expiration of a short time period, wherein the reactive programs collect, correlate and analyze data relating to the detected event or expiration of a short time period, determine a corrective action based on collected and analyzed data, and perform the determined corrective action within the network device.Type: ApplicationFiled: August 17, 2007Publication date: February 19, 2009Applicant: JUNIPER NETWORKS, INC.Inventors: Pallavi Mahajan, Philip A. Shafer, Robert P. Enns, Daniel Kharitonov, Dogu Narin, M. Richard Salaiz
-
Patent number: 7441018Abstract: A network device displays applied and non-applied configurations in different formats to facilitate distinguishing between active and inactive configurations. In this way, a user can readily distinguish, for example, between applied configurations for active interfaces from loaded configurations for inactive interfaces and non-applied configurations for active interfaces. Configuration information may be encoded using an extensible markup language to identify the type of configuration. The network device uses this type identification to determine whether a particular part of the configuration should be displayed in as normal text or as altered text. The part of the configuration that is displayed in the altered form may represent the non-applied configurations.Type: GrantFiled: September 19, 2002Date of Patent: October 21, 2008Assignee: Juniper Networks, Inc.Inventors: Philip A Shafer, Reid E Wilson