System and method for monitoring and enforcing policy within a wireless network
First Claim
Patent Images
1. A method comprising:
- detecting an Access Point (AP) previously undetected within a signal coverage area by a device monitoring wireless transmissions between other devices within the signal coverage area;
extracting information from a wireless frame transmitted from the AP, the extracted information includes a Basic Service Set Identifier (BSSID) of the AP, and a channel number to indicate a particular channel that the wireless frame is detected; and
transmitting a first message including the extracted information to a Management Server from the device to begin classification of the AP, the first message includes an AP class parameter to indicate a current classification of the AP, the AP class parameter is set to a Rogue state upon initially detecting the AP;
receiving a second message by the device from the Management Server to classify the AP, the second message including at least the BSSID of the AP; and
transmitting a third message from the device to the Management Server in response to the second message, the third message including the BSSID of the AP, identifiers for each AP detected within the signal coverage area, a number of wired nodes coupled to each AP, and media access control (MAC) addresses for each of the wired nodes.
5 Assignments
0 Petitions
Accused Products
Abstract
In general, one embodiment of the invention is a air monitor adapted to a wireless network. The air monitor enforces policies followed by the wireless network even though it is not involved in the exchange of data between wireless devices of the wireless network such as access points and wireless stations.
-
Citations
5 Claims
-
1. A method comprising:
-
detecting an Access Point (AP) previously undetected within a signal coverage area by a device monitoring wireless transmissions between other devices within the signal coverage area; extracting information from a wireless frame transmitted from the AP, the extracted information includes a Basic Service Set Identifier (BSSID) of the AP, and a channel number to indicate a particular channel that the wireless frame is detected; and transmitting a first message including the extracted information to a Management Server from the device to begin classification of the AP, the first message includes an AP class parameter to indicate a current classification of the AP, the AP class parameter is set to a Rogue state upon initially detecting the AP; receiving a second message by the device from the Management Server to classify the AP, the second message including at least the BSSID of the AP; and transmitting a third message from the device to the Management Server in response to the second message, the third message including the BSSID of the AP, identifiers for each AP detected within the signal coverage area, a number of wired nodes coupled to each AP, and media access control (MAC) addresses for each of the wired nodes. - View Dependent Claims (2, 3)
-
-
4. An apparatus adapted to a wireless network, comprising:
-
a transceiver to receive a wireless frame propagating over a prescribed signal coverage area between wireless devices of the wireless network other than the apparatus; and at least one component to process information extracted from the wireless frame, the at least one component classifies a media access control (MAC) address of the wireless frame as either a wireless MAC address or a wired MAC address by using values set in both a fromDS bit and a toDS bit in a header of the wireless frame, the fromDS bit is set and the toDS bit is not set if the MAC address is a wireless MAC address, wherein the at least one component includes a processor and a memory, the memory to store a table including a plurality of entries, at least one entry of the plurality of entries including (1) the media access control (MAC) address extracted from the wireless frame, (2) information to indicate whether the MAC address is a wireless MAC address or a wired MAC address and (3) a Basic Service Set Identifier (BSSID) to identify that an Access Point is one of the wireless devices.
-
-
5. An apparatus adapted to a wireless network, comprising:
-
a transceiver to receive a wireless frame propagating over a prescribed signal coverage area between wireless devices of the wireless network other than the apparatus; and at least one component to process information extracted from the wireless frame, the at least one component classifies a media access control (MAC) address of the wireless frame as either a wireless MAC address or a wired MAC address based on a value of both a fromDS bit and a toDS bit in a header of the wireless frame, the fromDS bit is set and the toDS bit is not set if the MAC address is a wireless MAC address, wherein the at least one component classifies a source MAC address of the wireless frame as a wired MAC address and a destination MAC address is classified as the wireless MAC address when the fromDS bit is set and the toDS bit is not set.
-
Specification
-
- Resources
Litigation Campaign Assessment
Thank you for your request. You will receive a custom alert email when the Litigation Campaign Assessment is available.
×
-
Current AssigneeHewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
-
Original AssigneeAruba Networks Incorporated (Hewlett-Packard Enterprise Company)
-
InventorsIyer, Pradeep J., Narasimhan, Partha
-
Primary Examiner(s)D AGOSTA, STEPHEN M
-
Application NumberUS11/171,913Publication NumberTime in Patent Office2,190 DaysField of Search370/310, 370/310.2, 370328-329, 370/338, 370/351, 455/41.2, 455/41.3, 455/422.1, 455/43.1, 455/434, 455/435.1, 455/435.2, 455/450, 455/455, 455/464US Class Current370/338CPC Class CodesH04L 63/1416 Event detection, e.g. attac...H04W 12/122 Counter-measures against at...H04W 24/00 Supervisory, monitoring or ...H04W 24/02 Arrangements for optimising...
