Systems and methods of controlling network access
DCFirst Claim
1. A method for applying a security policy to network devices, the method comprising:
- performing an authentication of a device connected to an access point;
scanning the device to collect information regarding the device;
applying a security policy, the security policy including one or more requirements pertaining to the authentication and the information, the application of the security policy taking place in response to a gatekeeper, andconfiguring the access point in response to a result of applying the security policy.
2 Assignments
Litigations
1 Petition
Accused Products
Abstract
A new approach to network security includes manipulating an access point such that an initial communication from an external device is passed to a restricted subset of a computing network including a gatekeeper. The gatekeeper is configured to enforce a security policy against the external device before granting access to a less-restricted subset of the computing network. If requirements of the security policy are satisfied, then the gatekeeper reconfigures the access point such that further communication from the external device may be received by elements of the less-restricted subset. Enforcement of the security policy optionally includes performing a security audit of the external device.
150 Citations
34 Claims
-
1. A method for applying a security policy to network devices, the method comprising:
-
performing an authentication of a device connected to an access point; scanning the device to collect information regarding the device; applying a security policy, the security policy including one or more requirements pertaining to the authentication and the information, the application of the security policy taking place in response to a gatekeeper, and configuring the access point in response to a result of applying the security policy. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15)
-
-
16. A method of providing access over a communication network, the method comprising:
-
receiving at an access point a request for access to a less-restricted network, the request coming from an access device; applying a security policy to the access device in response to the request, application of the security policy including performing an audit of the access device; providing information to the access device to improve compliance of the access device to the security policy, in response to the audit; granting access to the less-restricted network based on satisfaction of the security policy by the updated access device; and authenticating a user of the access device, wherein granting access is further based on the authentication. - View Dependent Claims (17, 18, 19, 20, 21)
-
-
22. A method of providing access over a communication network, the method comprising:
-
receiving at an access point a request for access via a less-restricted network, the request coming from an access device; applying a security policy to the access device in response to the request, application of the security policy including performing an audit of the access device; providing information to the access device to improve compliance of the access device to the security policy, in response to the audit; and granting access to the less-restricted network based on satisfaction of the security policy by the updated access device, the granting of access includes configuring the access point to allow the access. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33)
-
-
34. A method for applying a security policy to network devices, the method comprising:
-
performing an authentication from a device connected to an access point; scanning the device; applying a security policy that includes requirements pertaining to the authentication and the active probe, the applying of the security policy taking place at a gatekeeper, and configuring the access point in response to the security policy.
-
Specification