Distributed firewalling in a wireless communication network
First Claim
1. A controller for distributed collaborative firewalling in a wireless wide area communication network including a plurality of controllers, the controller comprising:
- a binding table that is built by the controller in response to receiving identifiers of wireless clients being served by the controller by sending a confirmation request asking for a confirmation that a wireless client is properly associated in order to verify that wireless communication traffic really corresponds to the wireless client, wherein the sending of the confirmation request is rate-limited so that every roam of a wireless client does not generate a confirmation request, the binding table lists the wireless clients properly associated with each access port under control of the controller; and
a processor coupled to the binding table, the processor operable to apply stateless firewalling on wireless communication traffic from the wireless client using the binding table, and applying, by each access port, stateful firewalling on the wireless communication traffic from the wireless client.
12 Assignments
0 Petitions
Accused Products
Abstract
A method and system for distributed collaborative firewalling in a wireless wide area communication network including a plurality of controllers, comprises a binding table that is built by the controller in response to receiving identifiers of wireless clients being served by the controller, where the binding table lists the wireless clients associated with each access port under control of the controller. A processor of the controller is operable to apply stateless firewalling on wireless communication traffic from a wireless client using the binding table, and applying, by each access port, stateful firewalling on the wireless communication traffic from the wireless client.
4 Citations
12 Claims
-
1. A controller for distributed collaborative firewalling in a wireless wide area communication network including a plurality of controllers, the controller comprising:
-
a binding table that is built by the controller in response to receiving identifiers of wireless clients being served by the controller by sending a confirmation request asking for a confirmation that a wireless client is properly associated in order to verify that wireless communication traffic really corresponds to the wireless client, wherein the sending of the confirmation request is rate-limited so that every roam of a wireless client does not generate a confirmation request, the binding table lists the wireless clients properly associated with each access port under control of the controller; and a processor coupled to the binding table, the processor operable to apply stateless firewalling on wireless communication traffic from the wireless client using the binding table, and applying, by each access port, stateful firewalling on the wireless communication traffic from the wireless client. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
-
-
11. A machine-implemented method for distributed collaborative firewalling in a wireless wide area communication network including a plurality of controllers, the method comprising the steps of:
-
receiving a wireless client identifier for binding to a known access port; building, by each controller, a binding table listing wireless clients properly associated with each access port under control of the controller by sending a confirmation request asking for a confirmation that a wireless client is properly associated in order to verify that wireless communication traffic really corresponds to the wireless client, wherein the sending of the confirmation request is rate-limited so that every roam of a wireless client does not generate a confirmation request; and applying, by each controller, stateless firewalling on wireless communication traffic from the wireless client using the binding table, and applying, by each access port, stateful firewalling on the wireless communication traffic from the wireless client. - View Dependent Claims (12)
-
Specification