Method and System for Monitoring a Selected Region of an Airspace Associated with Local Area Networks of computing Devices
8 Assignments
0 Petitions
Accused Products
Abstract
A method for monitoring a selected region of an airspace associated with local area networks of computing devices is provided. The method includes providing one or more segments of a legacy local area network to be protected in a selected geographic region. The legacy local area network is characterized by an unsecured airspace within the selected geographic region. The method includes determining a security policy associated with the one or more segments of the legacy local area network. The security policy at least characterizes a type of wireless activity in the unsecured airspace to be permitted, denied, or ignored. Additionally, the method includes connecting one or more sniffer devices into the legacy local area network. The one or more sniffer devices are spatially disposed within the selected geographic region to cause at least a portion of the unsecured airspace to be secured according to the security policy. Moreover, the method includes coupling a security appliance to the legacy local area network. The method also includes determining if at least one of the sniffer devices is coupled to each of the one or more segments of the legacy local area network to be protected and determining if the one or more sniffer devices substantially covers the portion of the unsecured airspace to be secured The method additionally includes monitoring wireless activity in the airspace using the one or more sniffer devices, and automatically classifying, using a classification process, a portion of information associated with the monitoring of the wireless activity to at least determine if the wireless activity communicates to at least one of the one or more segments to be protected. Further, the method includes detecting a violation of the security policy based upon at least the classifying of the portion of the information from the monitoring of the wireless activity, and automatically processing an action associated with the violation in accordance to the security policy for the one or more segments in the legacy local area network to be protected
-
Citations
71 Claims
-
1-51. -51. (canceled)
-
52. A method for monitoring at least a part of an airspace associated with a network of computing devices, the method comprising:
-
providing a network to be protected, the network being associated with at least a part of an airspace;
using a security policy associated with the network, the security policy at least characterizing a first type of wireless activity in at least the part of the airspace to be permitted, a second type of wireless activity in at least the part of the airspace to be denied, and a third type of wireless activity in at least the part of the airspace to be ignored;
providing one or more sniffer devices, the one or more sniffer devices being spatially disposed to cause at least the part of the airspace to be secured based on at least information associated with the security policy;
determining if the one or more sniffer devices substantially cover at least the part of the airspace to be secured;
monitoring at least a wireless activity in at least the part of the airspace using the one or more sniffer devices, the wireless activity being associated with at least a wireless device other than the one or more sniffer devices;
performing a connectivity test to determine information associated with a connectivity status of the wireless device to the network to be protected; and
determining whether the monitored wireless activity is permitted, denied, or ignored based on at least the information associated with the connectivity status of the wireless device to the network to be protected and information associated with the security policy. - View Dependent Claims (53, 54, 55, 56, 57, 58, 59, 60, 61, 62)
-
-
63. A method for monitoring at least a part of an airspace associated with a network of computing devices, the method comprising:
-
providing a network to be protected, the network being associated with at least a part of an airspace within a vicinity of a selected geographic region;
using a security policy associated with the network, the security policy at least characterizing a first type of wireless activity in at least the part of the airspace to be permitted, a second type of wireless activity in at least the part of the airspace to be denied, and a third type of wireless activity in at least the part of the airspace to be ignored;
providing one or more sniffer devices, the one or more sniffer devices being spatially disposed to cause at least the part of the airspace to be secured based on at least information associated with the security policy;
using a computer model of the selected geographic region;
inputting information associated with the one or more sniffer devices to the computer model of the selected geographic region, the information including at least location information associated with the one or more sniffer devices;
using a radio signal propagation model;
computing information associated with a radio coverage for the one or more sniffer devices based on at least information associated with the computer model of the selected geographic region, the inputted information, and information associated with the radio signal propagation model;
displaying one or more regions associated with the computed radio coverage in relation to a layout of the selected geographic region on a display device to determine whether the one or more sniffer devices substantially cover at least the part of the airspace to be secured;
monitoring at least a wireless activity in at least the part of the airspace using the one or more sniffer devices; and
determining whether the monitored wireless activity is permitted, denied, or ignored based on at least information associated with the security policy, the security policy at least characterizing the first type of wireless activity to be permitted, the second type of wireless activity to be denied, and the third type of wireless activity to be ignored.
-
-
64. A method for preventing undesirable wireless communication in local area network of computing devices, the method comprising:
-
providing a network to be protected;
using a wireless security policy associated with the network to be protected, the wireless security policy at least characterizing a first type of wireless activity associated with a rouge access point device as denied, a second type of wireless activity between an authorized wireless station and an external access point device as denied, and a third type of wireless activity between a neighbor'"'"'s wireless station and an external access point as ignored;
detecting at least a wireless activity using one or more sniffer devices, the wireless activity being associated with a first access point device;
performing a connectivity test to determine information associated with a connectivity status of the first access point device to the network to be protected;
classifying the first access point device as one of at least the rogue access point device and the external access point device;
determining whether the detected wireless activity is denied or ignored based on at least the wireless security policy and the classifying the first access point device; and
initiating a prevention process in response to the detected wireless activity being determined as denied, the prevention process being directed to create hindrance to the detected wireless activity. - View Dependent Claims (65, 66, 67, 68, 69, 70, 71)
-
Specification