Managing rogue devices through a network backhaul
First Claim
Patent Images
1. A method comprising:
- receiving, by a network backhaul rogue device management system in a network backhaul from an originator switch, a rogue learned media access control (MAC) message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining whether a learned MAC address in the forwarding table matches the MAC address of the rogue device in a rogue monitor table maintained at the originator switch;
determining, by the network backhaul rogue device management system, whether an entry in a rogue learning table maintained in the network backhaul rogue device management system matches the new learned device data;
when it is determined that the new learned device data is absent from the rogue learning table;
adding, by the network backhaul rogue device management system, the new learned device data into a new entry in the rogue learning table;
determining, by the network backhaul rogue device management system, an identification of a rogue access point (AP) associated with the new learned device data;
causing, by the network backhaul rogue device management system, a switch coupled to the rogue AP to perform mitigation of the rogue AP to prevent transfer of data to and from the rogue device,wherein performing the mitigation includes;
sending a block port mitigation message to a nearest switch to the rogue device;
learning neighboring devices corresponding to ports of the nearest switch;
determining whether a neighboring device of the neighboring devices corresponding to a port of the ports of the nearest switch is the rogue device;
when it is determined that the neighboring device corresponding to the port is the rogue device;
determining whether the port is supplying power;
when it is determined that the port is supplying power, blocking traffic on the port.
4 Assignments
0 Petitions
Accused Products
Abstract
Managing rogue devices in a network through a network backhaul. A rogue device is detected in a network and a rogue device message that includes the rogue device is sent to a plurality of switches in a backhaul of the network. The rogue device is added into a rogue monitor table. Whether the rogue device is In-Net or Out-Of-Net is determined using forwarding tables of the plurality of switches in the backhaul of the network and the rogue monitor table. Mitigation is performed using a nearest switch to the rogue device of the plurality of switches in the backhaul of the network if it is determined that the rogue device is In-Net.
-
Citations
23 Claims
-
1. A method comprising:
-
receiving, by a network backhaul rogue device management system in a network backhaul from an originator switch, a rogue learned media access control (MAC) message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining whether a learned MAC address in the forwarding table matches the MAC address of the rogue device in a rogue monitor table maintained at the originator switch; determining, by the network backhaul rogue device management system, whether an entry in a rogue learning table maintained in the network backhaul rogue device management system matches the new learned device data; when it is determined that the new learned device data is absent from the rogue learning table; adding, by the network backhaul rogue device management system, the new learned device data into a new entry in the rogue learning table; determining, by the network backhaul rogue device management system, an identification of a rogue access point (AP) associated with the new learned device data; causing, by the network backhaul rogue device management system, a switch coupled to the rogue AP to perform mitigation of the rogue AP to prevent transfer of data to and from the rogue device, wherein performing the mitigation includes; sending a block port mitigation message to a nearest switch to the rogue device; learning neighboring devices corresponding to ports of the nearest switch; determining whether a neighboring device of the neighboring devices corresponding to a port of the ports of the nearest switch is the rogue device; when it is determined that the neighboring device corresponding to the port is the rogue device; determining whether the port is supplying power; when it is determined that the port is supplying power, blocking traffic on the port. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A system in a network backhaul comprising:
-
a rogue device message engine configured to receive, from an originator switch, a rogue learned media access control (MAC) message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining, by a forwarding table management engine at the originator switch, whether a learned MAC address in the forwarding table matches the MAC address of the rogue device in a rogue monitor table maintained at the originator switch; a rogue learning table management engine configured to; determine whether an entry in a rogue learning table maintained in the network backhaul matches the new learned device data; add the new learned device data into a new entry in the rogue learning table, when it is determined that the new learned device data is absent from the rogue learning table; the system is further configured to; determine an identification of a rogue access point (AP) associated with the new learned device data; cause a switch coupled to the rogue AP to perform mitigation of the rogue AP to prevent transfer of data to and from the rogue device; wherein the rogue device message engine is further configured to; send a block port mitigation message to a nearest switch to the rogue device; cause the nearest switch to; learn neighboring devices corresponding to ports of the nearest switch; determine whether a neighboring device of the neighboring devices corresponding to a port of the ports of the nearest switch is the rogue device; determine whether the port is supplying power when it is determined that the neighboring device corresponding to the port is the rogue device; block traffic on the port, when it is determined that the port is supplying power. - View Dependent Claims (10, 11, 12, 13, 14, 15)
-
-
16. A system in a network backhaul comprising:
-
means for receiving, in a network backhaul from an originator switch, a rogue learned media access control (MAC) message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining whether a learned MAC address in the forwarding table matches the MAC address of the rogue device in a rogue monitor table maintained at the originator switch; means for determining whether an entry in a rogue learning table maintained in the network backhaul matches the new learned device data; means for adding the new learned device data into a new entry in the rogue learning table, when it is determined that the new learned device data is absent from the rogue learning table; means for determining an identification of a rogue access point (AP) associated with the new learned device data, when it is determined that the new learned device data is absent from the rogue learning table; means for causing a switch coupled to the rogue AP to perform mitigation of the rogue AP to prevent transfer of data to and from the rogue device, when it is determined that the new learned device data is absent from the rogue learning table; wherein performing the mitigation includes; sending a block port mitigation message to a nearest switch to the rogue device; learning neighboring devices corresponding to ports of the nearest switch; determining whether a neighboring device of the neighboring devices corresponding to a port of the ports of the nearest switch is the rogue device; when it is determined that the neighboring device corresponding to the port is the rogue device; determining whether the port is supplying power; when it is determined that the port is supplying power, blocking traffic on the port. - View Dependent Claims (17, 18, 19, 20, 21, 22, 23)
-
Specification