System and method for affecting the behavior of a network device in a cable network

US 8,239,506 B2
Filed: 04/15/2009
Issued: 08/07/2012
Est. Priority Date: 08/06/2004
Status: Active Grant

First Claim

Patent Images

1. A method for affecting the behavior of a network device, the network device comprising at least a processor and the method comprising:

creating at the network device a lease renewal request message requesting renewal of an IP address lease, wherein the network device is connected to a cable modem;

directing the renewal message from the network device through the cable modem to a cable modem termination system (CMTS);

inserting at the CMTS the cable modem MAC address into the renewal message;

sending the lease renewal request message to a dynamic host configuration protocol (DHCP) server from the CMTS;

accessing from the DHCP server a configuration record associated with the network device in response to the presence of the modem MAC address in the lease renewal request message;

determining by the DHCP server using the modem MAC address whether the configuration record comprises a quarantine attribute field;

determining an attribute value assigned to the quarantine attribute field when the quarantine attribute field is present in the configuration record;

renewing the lease of the network device and assigning an address of an external DNS server in a lease renewal response message when the quarantine attribute field is not present in the configuration record;

assigning an address of a quarantine DNS server to a DNS IP address option in a lease renewal response message when the attribute value is a first value; and

sending the lease renewal response message to the network device through the cable modem,wherein in response to the lease response message, a DNS query sent from the network device is directed to the quarantine DNS server when the address of the quarantine DNS server is assigned in the lease renewal response message.

View all claims

7 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A subscriber access control system (SACS) configures a network device connected to cable network to affect the behavior of that device. The SACS comprises a rules engine and a datastore that stores the current state of subscribers known to the SACS and historical request information. When the SACS receives a request to quarantine a device, it assigns attributes to a subscriber record accessed by a DHCP server to affect the configuration and behavior of that device. The actual behavior of the quarantined device is determined by the presence of the attribute and the value of the attribute.

Citations

16 Claims

1. A method for affecting the behavior of a network device, the network device comprising at least a processor and the method comprising:
- creating at the network device a lease renewal request message requesting renewal of an IP address lease, wherein the network device is connected to a cable modem;
  
  directing the renewal message from the network device through the cable modem to a cable modem termination system (CMTS);
  
  inserting at the CMTS the cable modem MAC address into the renewal message;
  
  sending the lease renewal request message to a dynamic host configuration protocol (DHCP) server from the CMTS;
  
  accessing from the DHCP server a configuration record associated with the network device in response to the presence of the modem MAC address in the lease renewal request message;
  
  determining by the DHCP server using the modem MAC address whether the configuration record comprises a quarantine attribute field;
  
  determining an attribute value assigned to the quarantine attribute field when the quarantine attribute field is present in the configuration record;
  
  renewing the lease of the network device and assigning an address of an external DNS server in a lease renewal response message when the quarantine attribute field is not present in the configuration record;
  
  assigning an address of a quarantine DNS server to a DNS IP address option in a lease renewal response message when the attribute value is a first value; and
  
  sending the lease renewal response message to the network device through the cable modem,wherein in response to the lease response message, a DNS query sent from the network device is directed to the quarantine DNS server when the address of the quarantine DNS server is assigned in the lease renewal response message.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1, wherein the network device is a customer premises equipment connected to the cable modem.
  - 3. The method of claim 2, wherein the customer premises equipment is selected from the group consisting of a media terminal adapter, a computer, a router, a wireless access point, a firewall, and a network address translation server.
  - 4. The method of claim 1 further comprising:
    - instructing the cable modem to reboot so as to acquire a quarantine boot file when the attribute value is a second value; and
      
      configuring the cable modem using the quarantine boot file.
  - 5. The method of claim 4, wherein configuring the cable modem using the quarantine boot file comprises configuring the cable modem to permit the cable modem to only send packets to IP addresses identified in an upstream filter set and to only receive packets from IP addresses identified in a downstream filter set.
  - 6. The method of claim 5, wherein the communication session is selected from the group consisting of a voice over IP session and a multimedia session.
  - 7. The method of claim 1 further comprising:
    - determining when the cable modem is not engaged in a communication session when the attribute value is a second value;
      
      instructing the cable modem to reboot so as to acquire a quarantine boot file when the cable modem is not engaged in a communication session; and
      
      configuring the cable modem with the quarantine boot file.
  - 8. The method of claim 1 further comprising:
    - acquiring a quarantine request directed to a subscriber;
      
      determining a current state of the subscriber, wherein a subscriber state comprises a quarantined state and an unquarantined state;
      
      determining a desired subscriber state as indicated by the quarantine request;
      
      accessing the configuration record associated with the network device;
      
      creating the quarantine attribute field and assigning the quarantine attribute field the attribute value associated with the desired subscriber state and adding the quarantine attribute field and the attribute value to the configuration record when the current subscriber state is unquarantined and the desired subscriber state is quarantined; and
      
      removing the quarantine attribute value from the quarantined configuration record when the current subscriber state is quarantined and the desired subscriber state is unquarantined.

9. A system for affecting the behavior of a network device, the system comprising:
- a cable modem termination system (CMTS);
  
  a dynamic host configuration protocol (DHCP) server;
  
  a network device, wherein the network device is connected to a cable modem, and wherein the cable modem cooperates with the CMTS via a network;
  
  wherein the CMTS is configured for;
  
  receiving a lease renewal request message from the network device via the cable modem;
  
  inserting a cable modem MAC address into the lease renewal request message; and
  
  sending the lease renewal request message to the DHCP server; and
  
  wherein the DHCP server is configured for;
  
  receiving the lease renewal request message from the CMTS;
  
  accessing a configuration record associated with the network device in response to the presence of the cable modem MAC address;
  
  determining using the modem MAC address whether the configuration record comprises a quarantine attribute field;
  
  determining an attribute value assigned to the quarantine attribute field when the quarantine attribute field is present in the configuration record;
  
  renewing the lease of the network device and assigning an address of an external DNS server in a lease renewal response message when the quarantine attribute field is not present in the configuration record;
  
  assigning an address of a quarantine DNS server to a DNS IP address option in a lease renewal response message when the attribute value is a first value; and
  
  sending the lease renewal response message to the network device through the cable modem,wherein in response to the lease response message, a DNS query sent from the network device is directed to the quarantine DNS server when the address of the quarantine DNS server is assigned in the lease renewal response message.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The system of claim 9, wherein the customer premises equipment is selected from the group consisting of a media terminal adapter, a computer, a router, a wireless access point, a firewall, and a network address translation server.
  - 11. The system of claim 9, wherein the lease management server is further configured for renewing the lease of the network device when the quarantine attribute field is not present in the configuration record.
  - 12. The system of claim 9, wherein the attribute value of the network device is associated with a quarantine state of the network device, wherein the system further comprises a subscriber access control system, and wherein the subscriber access control system is configured for:
    - instructing the cable modem to reboot so as to acquire a quarantine boot file when the attribute value is a second value; and
      
      configuring the cable modem using the quarantine boot file.
  - 13. The system of claim 12, wherein the quarantine boot file comprises network filters which when configured on the cable modem cause the cable modem to only send packets to IP addresses identified in an upstream filter set and to only receive packets from IP addresses identified in a downstream filter set.
  - 14. The system of claim 9, wherein the attribute value of the network device is associated with a quarantine state of the network device, wherein the system further comprises a subscriber access control system, and wherein the subscriber access control system is configured for:
    - determining when the cable modem is not engaged in a communication session when the attribute value is a second value;
      
      instructing the cable modem to reboot so as to acquire a quarantine boot file when the cable modem is not engaged in a communication session; and
      
      configuring the cable modem with the quarantine boot file.
  - 15. The system of claim 14, wherein the communication session is selected from the group consisting of a voice over IP session and a multimedia session.
  - 16. The system of claim 9 further comprising a subscriber access control system and wherein the subscriber access control system is configured for:
    - acquiring a quarantine request directed to a subscriber;
      
      determining a current state of the subscriber, wherein a subscriber state comprises a quarantined state and an unquarantined state;
      
      determining a desired subscriber state as indicated by the quarantine request;
      
      accessing a configuration record associated with the network device;
      
      creating the quarantine attribute field and assigning the quarantine attribute field the attribute value associated with the desired subscriber state and adding the quarantine attribute field and the attribute value to the configuration record when the current subscriber state is unquarantined and the desired subscriber state is quarantined; and
      
      removing the quarantine attribute value from the quarantined configuration record when the current subscriber state is quarantined and the desired subscriber state is unquarantined.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Time Warner Cable Enterprises LLC (Charter Communications Incorporated)
Original Assignee
Time Warner Cable Inc. (Charter Communications Incorporated)
Inventors
Danforth, Andrew, Webb, William, Dillon, Michael
Primary Examiner(s)
Shaw, Peling
Assistant Examiner(s)
RICHARDSON, THOMAS W

Application Number

US12/424,154
Publication Number

US 20090198804A1
Time in Patent Office

1,210 Days
Field of Search

709/221, 726/1
US Class Current

709/221
CPC Class Codes

H04L 63/10 for controlling access to d...

H04L 63/14 for detecting or protecting...

System and method for affecting the behavior of a network device in a cable network

First Claim

7 Assignments

0 Petitions

Accused Products

Abstract

Citations

16 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for affecting the behavior of a network device in a cable network

First Claim

7 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

16 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links