Network router security method

US 8,594,084 B2
Filed: 09/11/2006
Issued: 11/26/2013
Est. Priority Date: 09/09/2005
Status: Active Grant

First Claim

Patent Images

1. A network routing device for connecting to computer network devices, comprising:

a housing enclosing a circuit configured for connecting a plurality of external network devices to a network;

a non-volatile memory connected to the circuit; and

a switch connected to the circuit and configured to switch the circuit between different operational states, a first operational state wherein the circuit is configured to permit connections to all of the plurality of external network devices then connected to the circuit in response to the switch being in the first operational state, to receive MAC addresses for all of the plurality of external network devices then connected to the circuit, and to store the MAC addresses in the non-volatile memory as authorized MAC addresses for all of the plurality of external devices then connected to the circuit in response to the switch being in the first operational state so long as the switch is in the first operational state without further approval, and a second operational state wherein the circuit is configured to only allow connections with external network devices corresponding to the MAC addresses stored in the non-volatile memory when the switch was in the first operational state and to refuse connections to new external network devices not having an authorized MAC address stored in the non-volatile memory.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A local network is secured using a router or hub that includes a security switch. During or immediately after initial network configuration, the router or hub records MAC addresses of connected network devices. After initial configuration is completed, the switch is activated. After the switch is activated, the router or hub will not allow connection of additional devices, as determined by the MAC addresses of connected devices. The security switch can be deactivated to permit connection of additional devices.

14 Citations

View as Search Results

17 Claims

1. A network routing device for connecting to computer network devices, comprising:
- a housing enclosing a circuit configured for connecting a plurality of external network devices to a network;
  
  a non-volatile memory connected to the circuit; and
  
  a switch connected to the circuit and configured to switch the circuit between different operational states, a first operational state wherein the circuit is configured to permit connections to all of the plurality of external network devices then connected to the circuit in response to the switch being in the first operational state, to receive MAC addresses for all of the plurality of external network devices then connected to the circuit, and to store the MAC addresses in the non-volatile memory as authorized MAC addresses for all of the plurality of external devices then connected to the circuit in response to the switch being in the first operational state so long as the switch is in the first operational state without further approval, and a second operational state wherein the circuit is configured to only allow connections with external network devices corresponding to the MAC addresses stored in the non-volatile memory when the switch was in the first operational state and to refuse connections to new external network devices not having an authorized MAC address stored in the non-volatile memory.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9)
- - 2. The network routing device of claim 1, wherein the switch comprises a remotely-settable memory location.
  - 3. The network routing device of claim 2, wherein the remotely-settable memory location is in a logic device connected to the circuit.
  - 4. The network routing device of claim 1, wherein the switch comprises an electrical switch.
  - 5. The network routing device of claim 4, wherein the electrical switch comprises a mechanical actuator.
  - 6. The network routing device of claim 5, wherein the mechanical actuator is selected from the group comprising a push-button, a membrane switch, a slide and a rotary actuator.
  - 7. The network routing device of claim 1, wherein the network routing device is configured to operate as a device selected from the group comprising a switch, a router, and a hub.
  - 8. The network routing device of claim 1, wherein the circuit is configured to connect to the plurality of external network devices via a wired connection.
  - 9. The network routing device of claim 1, wherein the circuit is configured to connect to the plurality of external network devices via a wireless connection.

10. A network routing device having a switch, the network routing device configured for connecting a plurality of external network devices to a network and having a non-volatile memory, the network routing device configured to operate in an unsecured mode when the switch is in a first position and in a secured mode when the switch is in a second position, wherein the network routing device is configured to permit connections to all of the plurality of external network devices then connected in response to the network routing device being in the unsecured mode, to receive MAC addresses for all of the plurality of external network devices then connected to the circuit, and to store the MAC addresses in the non-volatile memory as authorized MAC addresses for all of the plurality of external network devices then connected in response to the network routing device being in the unsecured mode so long as the network routing device is configured to operate in the unsecured mode without further approval, and to only allow connections with external network devices corresponding to the MAC addresses stored in the non-volatile memory when the network routing device was in the unsecured mode and to refuse connections to new external network devices not having respective authorized MAC addresses stored in the non-volatile memory when the switch is in the second position.
- View Dependent Claims (11, 12, 13, 14, 15, 16, 17)
- - 11. The network routing device of claim 10, further comprising a housing substantially enclosing the network routing device.
  - 12. The network routing device of claim 11, further comprising a first mechanical actuator which comprises the switch on an exterior of the housing, the first mechanical actuator configured to provide external input determining when the network routing device begins operating in the secure mode, in response to actuation by a user.
  - 13. The network routing device of claim 12, wherein the first mechanical actuator is selected from the group comprising a push-button, a membrane switch, a slide and a rotary actuator.
  - 14. The network routing device of claim 12, further comprising a second mechanical actuator on the exterior of the housing, the second mechanical actuator configured to provide external input determining when the network routing device stops operating in the secure mode, in response to actuation by the user.
  - 15. The network routing device of claim 14, wherein the second mechanical actuator is selected from the group comprising a push-button, a membrane switch, a slide and a rotary actuator.
  - 16. The network routing device of claim 10, wherein the network routing device is configured to receive an external input as a signal from an authorized administrator connecting to the network routing device via a secure remote connection.
  - 17. The network routing device of claim 10, wherein the network routing device is configured to operate as a device selected from the group comprising a switch, a router and a hub.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Intellectual Ventures Assets 197 LLC (Intellectual Ventures LLC), TP-Link USA Corporation (TP-Link Technologies Co Limited)
Original Assignee
Intellectual Ventures I LLC (Intellectual Ventures LLC)
Inventors
Shuster, Gary Stephen
Primary Examiner(s)
Ton, Dang
Assistant Examiner(s)
Preval, Lionel

Application Number

US11/530,725
Publication Number

US 20070076711A1
Time in Patent Office

2,633 Days
Field of Search

370/294, 370/389, 370/401, 200/305, 726/12, 726/4, 713/201, 717/177, 709/225
US Class Current

370/389
CPC Class Codes

H04L 45/60   Router architectures

H04L 49/351   for local area network [LAN...

H04L 63/08   for authentication of entit...

H04L 63/0876   based on the identity of th...

H04L 63/10   for controlling access to d...

H04W 12/06   Authentication

H04W 12/08   Access security

Network router security method

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

14 Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Network router security method

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

14 Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links