Wireless network having multiple security interfaces
First Claim
Patent Images
1. A method comprising:
- establishing, by a network device, a plurality of wireless network sessions between the network device and a plurality of client devices, each of the plurality of client devices transmitting data from one of a plurality of wireless networks, each one of the plurality of wireless networks being associated with one of a plurality of security zones, each of the plurality of security zones being associated with a different one of a plurality of security policies;
receiving, at the network device and from a client device of the plurality of client devices, network traffic destined for a network resource, the network traffic including a source address and a destination address, the source address being associated with a first one of the plurality of wireless networks, the destination address being associated with the network resource;
identifying, at the network device and using the source address and the destination address of the network traffic, a first security zone and a second security zone of the plurality of security zones, the first security zone being associated with the first one of the plurality of wireless networks and the second security zone being associated with a second one of the plurality of wireless networks that is associated with the destination address; and
performing, at the network device, security processing on the network traffic based on security policies, of the plurality of security policies, associated with the identified first security zone and the identified second security zone.
0 Assignments
0 Petitions
Accused Products
Abstract
A number of wireless networks are established by a network device, each wireless network having an identifier. Requests are received from client devices to establish wireless network sessions via the wireless networks using the identifiers. Network privileges of the client devices are segmented into discrete security interfaces based on the identifier used to establish each wireless network session.
-
Citations
20 Claims
-
1. A method comprising:
-
establishing, by a network device, a plurality of wireless network sessions between the network device and a plurality of client devices, each of the plurality of client devices transmitting data from one of a plurality of wireless networks, each one of the plurality of wireless networks being associated with one of a plurality of security zones, each of the plurality of security zones being associated with a different one of a plurality of security policies; receiving, at the network device and from a client device of the plurality of client devices, network traffic destined for a network resource, the network traffic including a source address and a destination address, the source address being associated with a first one of the plurality of wireless networks, the destination address being associated with the network resource; identifying, at the network device and using the source address and the destination address of the network traffic, a first security zone and a second security zone of the plurality of security zones, the first security zone being associated with the first one of the plurality of wireless networks and the second security zone being associated with a second one of the plurality of wireless networks that is associated with the destination address; and performing, at the network device, security processing on the network traffic based on security policies, of the plurality of security policies, associated with the identified first security zone and the identified second security zone. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
-
-
9. A device comprising:
-
a memory to store instructions; and logic, implemented at least partially in hardware, to execute the instructions to; identify a plurality of identifiers, each of the plurality of identifiers being associated with a different wireless network of a plurality of wireless networks, map each of the plurality of identifiers to one of a plurality of security zones, each of the plurality of security zones being associated with a different one of a plurality of security policies, receive, during a wireless network session, network traffic from a client device, the network traffic including one of the plurality of identifiers and a destination address associated with a network resource, identify a destination security zone based on the destination address, identify a source security zone of the plurality of security zones based on the one of the plurality of identifiers included in the network traffic, and perform security processing on the network traffic based on one or more security policies, of the plurality of security policies, associated with the identified source security zone and the identified destination security zone. - View Dependent Claims (10, 11, 12, 13)
-
-
14. A non-transitory computer-readable medium comprising:
-
one or more instructions which, when executed by a processor of a network device, cause the processor to establish a plurality of wireless network sessions between the network device and a plurality of client devices, each of the plurality of client devices transmitting data from one of a plurality of wireless networks, each one of the plurality of wireless networks being associated with one of a plurality of security zones, each of the plurality of security zones being associated with a different one of a plurality of security policies; one or more instructions which, when executed by the processor, cause the processor to receive, from a client device of the plurality of client devices, network traffic destined for a network resource, the network traffic including a source address and a destination address, the source address being associated with a first one of the plurality of wireless networks, the destination address being associated with the network resource; one or more instructions which, when executed by the processor, cause the processor to identify, using the source address and the destination address of the network traffic, a first security zone and a second security zone of the plurality of security zones, the first security zone being associated with the first one of the plurality of wireless networks and the second security zone being associated with a second one of the plurality of wireless networks that is associated with the destination address; and one or more instructions which, when executed by the processor, cause the processor to perform security processing on the network traffic based on security policies, of the plurality of security policies, associated with the identified first security zone and the identified second security zone. - View Dependent Claims (15, 16, 17, 18, 19, 20)
-
Specification