Method and system to support network port authentication from out-of-band firmware
First Claim
1. A method comprising:
- loading port authentication firmware instructions in a supplicant system; and
authenticating a network port hosted by an authenticator system to which the supplicant system is linked via execution of the port authentication firmware instructions on the supplicant system.
1 Assignment
0 Petitions
Accused Products
Abstract
Methods and systems for performing network port authentication without requiring any operating system (OS) complicity are disclosed. Under one method, port authentication instructions are loaded into a protected memory space during a pre-boot of a supplicant system. In response to a port authentication request, the supplicant system'"'"'s processor is switched to a hidden execution mode and executes the port authentication instructions to authenticate a network port hosted by an authenticator system to which the supplicant system is linked. One authentication process employs an authentication server that authenticates the supplicant via one of various authentication schemes, including an access challenge. Port authentication may also be performed via an out-of-band base management controller that operates independently from an operating system running on the supplicant.
-
Citations
30 Claims
-
1. A method comprising:
-
loading port authentication firmware instructions in a supplicant system; and
authenticating a network port hosted by an authenticator system to which the supplicant system is linked via execution of the port authentication firmware instructions on the supplicant system. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14)
-
-
15. A method comprising:
executing instructions comprising port authentication code via a baseboard management controller (BMC) in a supplicant system to perform port authentication of a authenticator system port to which the supplicant system is linked in communication. - View Dependent Claims (16, 17)
-
18. A method comprising:
-
retrieving authentication credentials pertaining to a supplicant system during a pre-boot phase of the supplicant system;
passing the authentication credentials to an operating system running on the supplicant system during an operating system runtime phase; and
authenticating a network port to which the supplicant system is connected via use of the authentication credentials. - View Dependent Claims (19, 20)
-
-
21. A machine-readable media on which firmware instructions are stored, which when executed by a supplicant system perform operations including:
authenticating a network port hosted by an authenticator system to which the supplicant system is linked. - View Dependent Claims (22, 23, 24)
-
25. A supplicant system comprising:
-
a processor;
a network interface, coupled to the processor; and
a flash device coupled to the processor, having firmware instructions stored therein that when executed on the processor perform operations including;
authenticating a network port hosted by an authenticator system to which the supplicant system is linked in communication via the network interface. - View Dependent Claims (26, 27)
-
-
28. A supplicant system comprising:
-
a baseboard management controller (BMC);
a network interface, coupled to the baseboard management controller; and
machine-executable instructions stored on the supplicant system, which when executed on the BMC perform operations including;
authenticating a network port hosted by an authenticator system to which the supplicant system is linked in communication via the network interface. - View Dependent Claims (29, 30)
-
Specification