Method and system for the assignment of security group information using a proxy
First Claim
1. An apparatus comprising:
- a first network device, comprising at least one hardware processor, whereinsaid first network device is configured to be coupled to a second network device,said first network device is further configured toreceive an address of a network device, whereinsaid address is represented by address information, andsaid address information is received from said second network device,receive a security group of said network device, whereinsaid security group is identified using security group information,said security group information indicates said network device is a member of said security group, andsaid security group information is received from said second network device, andassociate said address information and said security group information with one another by storing said address information and said security group information,said second network device is not configured to support the use of said security group by virtue of not being configured to add said security group information to a packet, such that access control processing of said packet using said security group information can be performed, andsaid second network device is configured to cause said first network device to store said address information and said security group information by virtue of being configured tosend an install message to said first network device, whereinsaid install message comprises said address information and said security group information, andsaid install message is configured to cause said first network device to associate said address information and said security group information.
2 Assignments
0 Petitions
Accused Products
Abstract
A method and system for the assignment of security group information using a proxy is disclosed. The method includes receiving an address of a network device at a first network device, receiving a security group of the network device at the first network device and associating the address information and the security group information with one another at the first network device. The first network device is coupled to a second network device. The address is represented by address information, which is received from the second network device. The security group is identified using the security group information, which indicates the network device is a member of the security group. The address information and the security group information are associated with one another by storing the address information and the security group information at the first network device.
-
Citations
20 Claims
-
1. An apparatus comprising:
a first network device, comprising at least one hardware processor, wherein said first network device is configured to be coupled to a second network device, said first network device is further configured to receive an address of a network device, wherein said address is represented by address information, and said address information is received from said second network device, receive a security group of said network device, wherein said security group is identified using security group information, said security group information indicates said network device is a member of said security group, and said security group information is received from said second network device, and associate said address information and said security group information with one another by storing said address information and said security group information, said second network device is not configured to support the use of said security group by virtue of not being configured to add said security group information to a packet, such that access control processing of said packet using said security group information can be performed, and said second network device is configured to cause said first network device to store said address information and said security group information by virtue of being configured to send an install message to said first network device, wherein said install message comprises said address information and said security group information, and said install message is configured to cause said first network device to associate said address information and said security group information. - View Dependent Claims (2, 3, 4, 5, 19, 20)
-
6. An apparatus comprising:
a first network device comprising at least one hardware processor, means for coupling said first network device to a second network device, means for receiving an address of a network device, wherein said address is represented by address information, and said address information is received from said second network device via said means for receiving, means for receiving a security group of said network device, wherein said security group is identified using security group information, said security group information indicates said network device is a member of said security group, and said security group information is received from said second network device via said means for receiving, and means for associating said address information and said security group information with one another comprising means for storing said address information and said security group information, wherein said second network device is not configured to support the use of said security group by virtue of not being configured to add said security group information to a packet, such that access control processing of said packet using said security group information can be performed, and said second network device is configured to cause said first network device to store said address information and said security group information by virtue of being configured to send an install message to said first network device, wherein
said install message comprises said address information and said security group information, and
said install message is configured to cause said first network device to associate said address information and said security group information.
-
7. An apparatus comprising:
a first network device, comprising at least one hardware processor, wherein said first network device is configured to identify an address of a network device, wherein said address is identified using address information, identify a security group of the network device, wherein said security group is identified using security group information, and said security group information indicates said network device is a member of said security group, and send said address information and said security group information, said first network device is not configured to support the use of said security group by virtue of not being configured to add said security group information to a packet, such that access control processing of said packet using said security group information can be performed, said first network device is an access layer network device, and said access layer network device is configured to cause a distribution layer network device to store said address information and said security group information by virtue of being configured to send an install message to said distribution layer network device, wherein said install message comprises said address information and said security group information, and said install message is configured to cause said distribution layer network device to associate said address information and said security group information. - View Dependent Claims (8, 9, 10)
-
11. A method comprising:
-
identifying, using at least one hardware processor, an address of a network device, wherein said address is identified using address information; identifying a security group of said network device, wherein said security group is identified using security group information, and said security group information indicates said network device is a member of said security group; and sending said address information and said security group information, wherein said identifying said security group and said sending are performed by a first network device, said first network device is not configured to support the use of said security group by virtue of not being configured to add said security group information to a packet, such that access control processing of said packet using said security group information can be performed, and said sending comprises sending an install message from said first network device to a second network device; said install message comprises said address information and said security group information, and said install message is configured to cause said second network device to associate said address information and said security, group information. - View Dependent Claims (12, 13, 14, 15, 16, 17, 18)
-
Specification