Systems and methods of controlling network access
First Claim
1. A method for applying a security policy to a network devices, the method comprising:
- performing an identification of a device connected to an access point;
collecting audit information pertaining to the device, by querying network equipment; and
applying a security policy that includes requirements pertaining to the identification and the audit information, the applying of the security policy taking place at a gatekeeper, wherein applying the security policy includes altering a data communication within the access point with respect to the device.
2 Assignments
0 Petitions
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
-
Citations
30 Claims
-
1. A method for applying a security policy to a network devices, the method comprising:
-
performing an identification of a device connected to an access point; collecting audit information pertaining to the device, by querying network equipment; and applying a security policy that includes requirements pertaining to the identification and the audit information, the applying of the security policy taking place at a gatekeeper, wherein applying the security policy includes altering a data communication within the access point with respect to the device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 23, 24, 25, 26)
-
-
27. A method for applying a security policy to a network device, the method comprising:
-
performing an identification of a device connected to an access point; collecting information pertaining to the device from network equipment to which the device is directly or indirectly connected, by querying the network equipment; collecting information using an agent executing on the device; collecting information by probing the device, the probing including sending a specific packet to the device; and applying a security policy that includes requirements pertaining to the identification, the information collected using the agent, the information collected by probing and the audit information, the applying of the security policy taking place at a gatekeeper, wherein applying the security policy includes altering a data communication within the access point with respect to the device. - View Dependent Claims (28, 29)
-
-
30. A method for applying a security policy to a network device, the method comprising:
-
performing an identification of a device connected to an access point; collecting audit information pertaining to the device from network equipment to which the device is directly or indirectly connected, by querying the network equipment; and applying a security policy that includes requirements pertaining to the identification and the audit information, the applying of the security policy taking place at a gatekeeper, wherein applying the security policy includes altering a data communication within the access point with respect to the device, wherein altering the data communication includes using a RADIUS protocol.
-
Specification