MANAGING ROGUE DEVICES THROUGH A NETWORK BACKHAUL
First Claim
Patent Images
1. A method comprising:
- receiving, in a network backhaul from an originator switch, a rogue learned MAC message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining if a learned MAC address in the forwarding table matches the MAC address of the rogue device is in a rogue monitor table maintained at the originator switch;
determining if an entry of a rogue learning table maintained in the network backhaul matches the new learned device data;
if it is determined that the new learned device data is absent from the rogue learning table;
adding the new learned device data into a new entry in the rogue learning table;
determining an identification of a rogue AP associated with the new learned device data;
performing mitigation of the rogue AP to prevent the transfer of data to and from the rogue device.
4 Assignments
0 Petitions
Accused Products
Abstract
Managing rogue devices in a network through a network backhaul. A rogue device is detected in a network and a rogue device message that includes the rogue device is sent to a plurality of switches in a backhaul of the network. The rogue device is added into a rogue monitor table. Whether the rogue device is In-Net or Out-Of-Net is determined using forwarding tables of the plurality of switches in the backhaul of the network and the rogue monitor table. Mitigation is performed using a nearest switch to the rogue device of the plurality of switches in the backhaul of the network if it is determined that the rogue device is In-Net.
-
Citations
20 Claims
-
1. A method comprising:
-
receiving, in a network backhaul from an originator switch, a rogue learned MAC message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining if a learned MAC address in the forwarding table matches the MAC address of the rogue device is in a rogue monitor table maintained at the originator switch; determining if an entry of a rogue learning table maintained in the network backhaul matches the new learned device data; if it is determined that the new learned device data is absent from the rogue learning table; adding the new learned device data into a new entry in the rogue learning table; determining an identification of a rogue AP associated with the new learned device data; performing mitigation of the rogue AP to prevent the transfer of data to and from the rogue device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A system comprising:
-
a network backhaul rogue device management system configured to receive, from an originator switch, a rogue learned MAC message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining, by a forwarding tables management engine at the originator switch, if a learned MAC address in the forwarding table matches the MAC address of the rogue device is in a rogue monitor table maintained at the originator switch; a rogue learning table management engine configured to; determine if an entry a rogue learning table maintained in the network backhaul matches the new learned device data; add the new learned device data into a new entry in the rogue learning table, if it is determined that the new learned device data is absent from the rogue learning table; the network backhaul rogue device management system is further configured to; determine an identification of a rogue AP associated with the new learned device data; perform mitigation of the rogue AP to prevent the transfer of data to and from the rogue device. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18, 19)
-
-
20. A system comprising:
-
means for receiving, in a network backhaul from an originator switch, a rogue learned MAC message including new learned device data, the new learned device data including a MAC address of a rogue device newly learned in a forwarding table of at least one switch by determining if a learned MAC address in the forwarding table matches the MAC address of the rogue device is in a rogue monitor table maintained at the originator switch; means for determining if an entry a rogue learning table maintained in the network backhaul matches the new learned device data; means for adding the new learned device data into a new entry in the rogue learning table, if it is determined that the new learned device data is absent from the rogue learning table; means for determining an identification of a rogue AP associated with the new learned device data, if it is determined that the new learned device data is absent from the rogue learning table; means for performing mitigation of the rogue AP to prevent the transfer of data to and from the rogue device, if it is determined that the new learned device data is absent from the rogue learning table.
-
Specification