Selective persistent storage of controller information
First Claim
Patent Images
1. A device, comprising:
- a memory to store instructions; and
a processor to execute the instructions to;
receive a request from an endpoint,determine whether the endpoint is to authenticate via one of layer 2 or layer 3,download first software to the endpoint when the endpoint is to authenticate via layer 2, the first software causing authentication of the endpoint via another device and instructing the endpoint to not store information regarding the device,download second software to the endpoint when the endpoint is to authenticate via layer 3,where the second software is different from the first software, andauthenticate the endpoint based on the second software when the endpoint is to authenticate via layer 3.
12 Assignments
0 Petitions
Accused Products
Abstract
A controller may receive a request from an endpoint and determine whether the endpoint connects via a first network or a second network. The controller may download first software to the endpoint when the endpoint connects via the first network, where the first software facilitates authentication of the endpoint via another device and instructs the endpoint to not store information regarding the controller. The controller may download second software to the endpoint when the endpoint connects via the second network, where the second software facilitates authentication of the endpoint by the device and instructs the endpoint to store information regarding the controller.
23 Citations
28 Claims
-
1. A device, comprising:
-
a memory to store instructions; and a processor to execute the instructions to; receive a request from an endpoint, determine whether the endpoint is to authenticate via one of layer 2 or layer 3, download first software to the endpoint when the endpoint is to authenticate via layer 2, the first software causing authentication of the endpoint via another device and instructing the endpoint to not store information regarding the device, download second software to the endpoint when the endpoint is to authenticate via layer 3, where the second software is different from the first software, and authenticate the endpoint based on the second software when the endpoint is to authenticate via layer 3. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A device, comprising:
-
a memory to store instructions; and a processor to execute the instructions to; receive a request from an endpoint, determine whether the endpoint is to authenticate via a data link layer or a network layer, download first software to the endpoint when the endpoint is to authenticate via the data link layer, the first software instructing the endpoint to not store information regarding the device and to authenticate via a network device using the data link layer, download second software to the endpoint when the endpoint is to authenticate via the network layer, where the second software includes an authentication module to determine whether the endpoint complies with a particular security policy and a configuration module to instruct the endpoint to store information regarding the device, cause, based on the first software, the endpoint to authenticate via the network device when the first software is downloaded to the endpoint, and authenticate the endpoint when the second software is downloaded to the endpoint. - View Dependent Claims (27)
-
-
14. A controller, comprising:
-
a memory to store instructions; and a processor to execute the instructions to; receive a request from an endpoint, determine whether the endpoint connects via a first network or a second network that is different from the first network, download first software to the endpoint when the endpoint connects via the first network, the first software facilitating authentication of the endpoint via a first device and instructing the endpoint to not store information regarding the controller, download second software to the endpoint when the endpoint connects via the second network, the second software facilitating authentication of the endpoint by the controller and instructing the endpoint to store information regarding the controller, authenticate the endpoint based on the second software when the second software is downloaded to the endpoint, and send a message to a second device instructing the second device to permit the endpoint to access a third network when the endpoint has been successfully authenticated based on the second software, where the third network is different from the first network and the second network. - View Dependent Claims (28)
-
-
15. A method performed by a network controller, the method comprising:
-
receiving, by the network controller, a request from an endpoint to access network resources; determining, by the network controller, whether the endpoint is to authenticate via layer 2 or layer 3; downloading, by the network controller, first software to the endpoint when the endpoint is to authenticate via layer 2, the first software causing the endpoint to authenticate via a network device and instructing the endpoint to not store information regarding the network controller, where the network device authorizes the endpoint to access the network resources when the endpoint has been authenticated via the network device; downloading, by the network controller, second software to the endpoint when the endpoint is to authenticate via layer 3, the second software causing the endpoint to be authenticated by the network controller and instructing the endpoint to store information regarding the network controller; authenticating, by the network controller, the endpoint based on the second software when the endpoint is to authenticate via layer 3; and authorizing, by the network controller, the endpoint to access the network resources after the endpoint has been authenticated based on the second software. - View Dependent Claims (16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
Specification