Multiple tiered network security system, method and apparatus
First Claim
Patent Images
1. An apparatus for providing network security, comprising:
- a plurality of input ports;
a switching fabric for routing data received on said plurality of input ports to at least one output port; and
control logic adapted to authenticate a physical address of a device coupled to one of said plurality of input ports and to authenticate user information provided by a user of said device only if said physical address is valid.
6 Assignments
0 Petitions
Accused Products
Abstract
A multiple key, multiple tiered network security system, method and apparatus provides at least three levels of security. The first level of security includes physical MAC address authentication of a device being attached to the network, such as a device being attached to a port of a network switch. The second level includes authentication of the user of the device, such as user authentication in accordance with the 802.1x standard. The third level includes dynamic assignment of the port to a particular VLAN based on the identity of the user. Failure to pass a lower security level results in a denial of access to subsequent levels of authentication.
-
Citations
33 Claims
-
1. An apparatus for providing network security, comprising:
-
a plurality of input ports;
a switching fabric for routing data received on said plurality of input ports to at least one output port; and
control logic adapted to authenticate a physical address of a device coupled to one of said plurality of input ports and to authenticate user information provided by a user of said device only if said physical address is valid. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for providing network security, comprising:
-
authenticating a physical address of a device coupled to a port of a network switch; and
authenticating user information provided by a user of said device only if said physical address is valid. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A network system, comprising:
-
a data communications network;
a network switch coupled to said data communications network; and
a user device coupled to a port of said network switch;
wherein said network switch is adapted to authenticate a physical address of said user device and to authenticate user information provided by a user of said user device only if said physical address is valid. - View Dependent Claims (24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
Specification