Systems and methods of controlling network access
DCFirst Claim
1. A method for auditing a device, the method comprising:
- performing an authentication using an EAP protocol from the device, the device being connected via a computer network to an access point configured to use an 802.1x protocol;
sending a request for audit data to an agent running on the device;
receiving the audit data at a gatekeeper configured to control access to a network, from the agent, the audit data pertaining to the device and having been obtained by the agent;
applying a security policy that includes at least one requirements pertaining to the audit data and at least one requirement pertaining to the authentication, the applying of the security policy taking place under control of the gatekeeper.
2 Assignments
Litigations
0 Petitions
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
-
Citations
22 Claims
-
1. A method for auditing a device, the method comprising:
-
performing an authentication using an EAP protocol from the device, the device being connected via a computer network to an access point configured to use an 802.1x protocol; sending a request for audit data to an agent running on the device; receiving the audit data at a gatekeeper configured to control access to a network, from the agent, the audit data pertaining to the device and having been obtained by the agent; applying a security policy that includes at least one requirements pertaining to the audit data and at least one requirement pertaining to the authentication, the applying of the security policy taking place under control of the gatekeeper. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A method for auditing a device, the method comprising:
-
performing an authentication using an EPA protocol from the device, the device being connected to an access point configured to use an 802.1x protocol; sending a request for audit data to an agent running on the device; receiving the audit data at a gatekeeper configured to control access to a network, from the agent, the audit data pertaining to the device and having been obtained by the agent; applying a security policy that includes at least one requirements pertaining to the audit data and at least one requirement pertaining to the authentication, the applying of the security policy taking place under control of the gatekeeper, where applying the security policy includes configuring the access point; receiving, from the agent, updated audit pertaining to the device while the device has access to a less-restricted subset of the network; and re-auditing the device in accordance to the security policy using the received updated audit data.
-
Specification