Dynamic internet address assignment based on user identity and policy compliance
First Claim
1. A method, comprising:
- presenting a client requesting an IP address from a DHCP server, wherein the client provides client information to the DHCP server, wherein the client information is a security vulnerability, and wherein the client requesting is made in association with a security threat detected by a client security facility;
formulating a first IP assignment and a first plurality of DHCP options by the DHCP server;
intercepting the first IP assignment and the first plurality of DHCP options by a policy management facility, wherein intercepting stops the sending of the first IP assignment and the first plurality of DHCP options to the client;
sending client information to the policy management facility;
formulating a second plurality of DHCP options in association with the policy management facility, wherein the second plurality of DHCP options is sent from the policy management facility to the DHCP server;
changing the DHCP options in the DHCP server from the first IP assignment and first plurality of DHCP options to a second IP assignment and the second plurality of DHCP options; and
sending the second IP assignment and the second plurality of DHCP options from the DHCP server to the client, wherein the client applies the second IP assignment and the second plurality of DHCP options in association with the client security facility.
9 Assignments
0 Petitions
Accused Products
Abstract
In embodiments of the present invention, improved capabilities are described for a method presenting a client, providing client information and requesting an IP address from a DHCP server, where the DHCP server may formulate a first IP assignment and a first multiple DHCP options. A policy management facility may be associated with the interception of the first IP assignment and the first multiple DHCP options, which may result in the first IP assignment and the first multiple DHCP options not being sent to the client. The method may send client information to the policy management facility. The policy management facility may formulate a second multiple DHCP options and may send it to the DHCP server. The DHCP server may change first IP assignment and first multiple DHCP option to a second IP assignment and the second multiple DHCP options. The second IP assignment and the second multiple DHCP options may then be forwarded to the client.
-
Citations
19 Claims
-
1. A method, comprising:
-
presenting a client requesting an IP address from a DHCP server, wherein the client provides client information to the DHCP server, wherein the client information is a security vulnerability, and wherein the client requesting is made in association with a security threat detected by a client security facility; formulating a first IP assignment and a first plurality of DHCP options by the DHCP server; intercepting the first IP assignment and the first plurality of DHCP options by a policy management facility, wherein intercepting stops the sending of the first IP assignment and the first plurality of DHCP options to the client; sending client information to the policy management facility; formulating a second plurality of DHCP options in association with the policy management facility, wherein the second plurality of DHCP options is sent from the policy management facility to the DHCP server; changing the DHCP options in the DHCP server from the first IP assignment and first plurality of DHCP options to a second IP assignment and the second plurality of DHCP options; and sending the second IP assignment and the second plurality of DHCP options from the DHCP server to the client, wherein the client applies the second IP assignment and the second plurality of DHCP options in association with the client security facility. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19)
-
Specification