Systems and methods of controlling network access
DCFirst Claim
1. A network access control system, comprising:
- an authentication module stored in memory and executable by a processor to authenticate a device seeking network access based at least on authentication information received from the device;
a gatekeeper stored in memory and executable to;
formulate an audit request,send the audit request to the device,evaluate device information received from the device in response to the audit request, andapprove the device based on evaluation of the device information; and
an extensible authentication protocol (EAP) server layer (SL) stored in memory and executable to;
receive the authentication information from the device using an EAP encryption protocol, andconfigure an access point in response to approval of the device by the gatekeeper.
1 Assignment
Litigations
1 Petition
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
-
Citations
6 Claims
-
1. A network access control system, comprising:
-
an authentication module stored in memory and executable by a processor to authenticate a device seeking network access based at least on authentication information received from the device; a gatekeeper stored in memory and executable to; formulate an audit request, send the audit request to the device, evaluate device information received from the device in response to the audit request, and approve the device based on evaluation of the device information; and an extensible authentication protocol (EAP) server layer (SL) stored in memory and executable to; receive the authentication information from the device using an EAP encryption protocol, and configure an access point in response to approval of the device by the gatekeeper. - View Dependent Claims (2, 3, 4, 5, 6)
-
Specification