Detection of network environment
First Claim
Patent Images
1. A method comprising:
- receiving a request to connect a device to a network;
if a security policy is received for the connection of the device, applying the policy for the device; and
if a security policy for the connection of the device is not received, determining the domain of the device by;
determining whether the device is in an enterprise domain, anddetermining whether the device is in a network access control domain.
1 Assignment
0 Petitions
Accused Products
Abstract
A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.
-
Citations
27 Claims
-
1. A method comprising:
-
receiving a request to connect a device to a network; if a security policy is received for the connection of the device, applying the policy for the device; and if a security policy for the connection of the device is not received, determining the domain of the device by; determining whether the device is in an enterprise domain, and determining whether the device is in a network access control domain. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A network security apparatus comprising:
-
a network access control module, the network access control module to identify the platform of a device that seeks to connect to a network, the identification of the platform including; a determination whether the device in contained in an enterprise domain, and a determination whether the device is contained in a network access control domain; and a network management module, the network management module to control access of the device to the network based at least in part on the determination of the platform of the device. - View Dependent Claims (13, 14, 15)
-
-
16. A system comprising:
-
a network access control unit for a network to determine network access for a device; a trust server to provide compliance vectors to the network access control unit; and a router, the router to direct a device connection request to the network access control unit, the device supporting a network management system; wherein the network access control unit obtains data regarding the device to determine the domain of the device, including; whether the device is contained in an enterprise domain, and whether the device is contained in a network access control domain. - View Dependent Claims (17, 18, 19, 20, 21, 22)
-
-
23. A machine-readable medium having stored thereon data representing sequences of instructions that, when executed by a machine, cause the machine to perform operations comprising:
-
receiving a request to connect a device to a network; if a security policy is received for the connection of the device, applying the policy for the device; and if a security policy for the connection of the device is not received, determining the domain of the device by; determining whether the device is in an enterprise domain, determining whether the device is in a network access control domain. - View Dependent Claims (24, 25, 26, 27)
-
Specification