SYSTEMS AND METHODS OF CONTROLLING NETWORK ACCESS
First Claim
1. A network access control system comprising:
- an extensible authentication protocol module (EAPM) stored in memory and executable by a processor to authenticate a device seeking network access, wherein authentication of the device is based at least on evaluation of authentication information received from the device;
an extensible authentication protocol server layer (ESL) stored in memory and executable by a processor to;
receive authentication information and device information from the device seeking networking access using an extensible authentication protocol (EAP), andconfigure an access point responsive to the approval of the access device by a gatekeeper; and
a server filter (SF) stored in memory and executable by a processor to direct the device information received by the ESL server layer to the gatekeeper.
1 Assignment
0 Petitions
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
-
Citations
6 Claims
-
1. A network access control system comprising:
-
an extensible authentication protocol module (EAPM) stored in memory and executable by a processor to authenticate a device seeking network access, wherein authentication of the device is based at least on evaluation of authentication information received from the device; an extensible authentication protocol server layer (ESL) stored in memory and executable by a processor to; receive authentication information and device information from the device seeking networking access using an extensible authentication protocol (EAP), and configure an access point responsive to the approval of the access device by a gatekeeper; and a server filter (SF) stored in memory and executable by a processor to direct the device information received by the ESL server layer to the gatekeeper. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification
-
- Resources
-
Current AssigneeInfoExpress, Inc.
-
Original AssigneeInfoExpress, Inc.
-
InventorsLum, Stacey C., Alice Lee, Yuhshiow
-
Granted Patent
-
Time in Patent OfficeDays
-
Field of Search
-
US Class Current726/12
-
CPC Class CodesH04L 63/0876 based on the identity of th...H04L 63/20 for managing network securi...
