Browse Prior Art Database

A Method and System for Automating Virtual Private Network (VPN) for World Wide Operations Server Support for SoftLayer Service Providers

IP.com Disclosure Number: IPCOM000240985D
Publication Date: 2015-Mar-16
Document File: 5 page(s) / 50K

Publishing Venue

The IP.com Prior Art Database

Abstract

A method and system is disclosed for using a master account for creating and managing shared virtual private network (VPN) accounts.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 46% of the total text.

Page 01 of 5

A Method and System for Automating Virtual Private Network (VPN) for World Wide Operations Server Support for SoftLayer Service Providers
Disclosed is a method and system for using a master account for creating and managing shared virtual private network (VPN) accounts.

The method and system disclosed herein utilizes a SoftLayer's Application Program Interface (API) and Master API keys for standard automation. The keys are defined when a user account is created in SoftLayer. When the user account is created a "master user" is defined with an API key. Thereafter, the user can use the master account and the API key to create additional user accounts.

The method and system utilizes the master account to create and manage only the shared virtual private network (VPN) accounts. The accounts are managed with a reservation database. The reservation database contains users' details such as, but not limited to, proof of employment, right to use, assignments and roles. Further, the reservation database tracks the user access and provides an audit trail. The reservation database can also be used to determine the validity of the users account.

Usually, when a new user account is created in SoftLayer, the SoftLayer architecture defines a master user and API key. The user has an option to access all features within the account. The user can use the API key to create additional user accounts and also to limit access to features and servers. Using the user (or a custom user with create user authority) and appropriate API key for each account, the automation can create a standard shared user for an automated process such as

.

.

(ex: opsupport.12345.1 and opsupport.12345.2).

When an account that is supported by the World Wide Operations Team is added to the reservation system (and until it is removed),
World Wide Operation Support Team Process:

1. Login to Reservation System 2. If not authorized, show error [ refer to employee's manager or other authorization process ]. Exit Process.

3. Optional: Validate user's role and display options based on role.
 Default: No Access to Support ID [ no role ]
 Access to all SoftLayer Customer Accounts
 Specific Account Support [ access to only some accounts/servers ]

1


Page 02 of 5


 If No Access/Default [ member of support team, but no SoftLayer access ] - Refer to user's manager to submit access request


 Access all Accounts - Account/Server List contains all servers


 Specific Account Support - List only accounts/servers user is authorized to access

4. Present user with account list / server list to filter down to support
 Defined/Maintained by business process, reference system (CMDB), configs, or SoftLayer API queries


 Accounts hosting more than 50 subnets will require a server or subnet to be specified.


 SL VPN cannot handle large accounts without using subnet assignment for each id.

5. Present user with reservation time list [ configurable, ex: 2hrs, 4hrs, 8hrs, specific time (requires...