Methods, systems, and computer program products for dynamic network access device port and user device configuration for implementing device-based and user-based policies
First Claim
Patent Images
1. A method for dynamic network access device port configuration, the method comprising:
- (a) storing, at a network switch, at least one mapping between a user device type and at least one port configuration command corresponding to the user device type and at least one user device configuration parameter corresponding to the user device type, wherein the port configuration command includes a dynamic attribute;
(b) determining, by the network switch, a device type of a user device plugged into a port of the network switch, wherein determining a user device type includes determining the user device type in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes exchanging discovery protocol messages with the user device;
(c) extracting, from storage of the network switch, the port configuration command corresponding to the user device type;
(d) dynamically configuring, by the network switch, the port using the configuration command, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type; and
(e) extracting, from the at least one stored mapping at the network switch, a user device configuration parameter corresponding to the user device type and communicating the user device configuration parameter to the user device, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device.
8 Assignments
0 Petitions
Accused Products
Abstract
Methods, systems, and computer program products for dynamic network access device port and user device configuration are disclosed. According to one method, when a user device is connected to a port of a network access device, the type of user device is determined. The type of user device is used to locate a corresponding port configuration policy. The port to which the device is connected is dynamically configured based on the port configuration policy.
42 Citations
38 Claims
-
1. A method for dynamic network access device port configuration, the method comprising:
-
(a) storing, at a network switch, at least one mapping between a user device type and at least one port configuration command corresponding to the user device type and at least one user device configuration parameter corresponding to the user device type, wherein the port configuration command includes a dynamic attribute; (b) determining, by the network switch, a device type of a user device plugged into a port of the network switch, wherein determining a user device type includes determining the user device type in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes exchanging discovery protocol messages with the user device; (c) extracting, from storage of the network switch, the port configuration command corresponding to the user device type; (d) dynamically configuring, by the network switch, the port using the configuration command, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type; and (e) extracting, from the at least one stored mapping at the network switch, a user device configuration parameter corresponding to the user device type and communicating the user device configuration parameter to the user device, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11)
-
-
12. A method for dynamically configuring a port of a network access device based on user group information, the method comprising:
-
(a) storing, at a network switch, at least one association between a user group and a group-based network access policy and a mapping between the user device type and a user device configuration parameter; (b) detecting a user connecting a user device to a port of the network switch; (c) determining, by the network switch, a user group to which the user belongs, wherein determining a user group includes determining the user group in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes receiving an authentication request from the user device; (d) extracting, from the at least one association stored at the network switch, a port configuration command that implements a user-based network access policy corresponding to the user group, the port configuration command including a dynamic attribute; (e) dynamically configuring, by the network switch, the port to implement the user-based network access policy, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type; and (f) extracting, from the at least one stored mapping at the network switch, the user device configuration parameter corresponding to the user device type and communicating the user device configuration parameter to the user device, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device. - View Dependent Claims (13, 14, 15, 16, 17, 18, 19, 20, 21)
-
-
22. A system for dynamic network access device port configuration, the system comprising:
-
a network switch device including; at least one port configured to provide physical access to a network; a device and port configuration database configured to store port and user device configuration data, the device and port configuration database configured to store at least one port configuration command including a dynamic attribute; a dynamic device/port configurator configured to determine a type of a user device connected to the at least one port, wherein determining a user device type includes determining the user device type in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes exchanging discovery protocol messages with the user device, the dynamic device/port configurator for dynamically configuring the at least one port based on the user device type using the at least one port configuration command, which corresponds to the user device type stored in the database and for communicating, to the user device, a user device configuration parameter corresponding to the user device type using at least one user device configuration parameter corresponding to the user device type stored in the database, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type. - View Dependent Claims (23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34, 35, 36)
-
-
37. A non-transitory computer readable medium having stored thereon computer executable instructions that when executed by a processor of a computer perform steps comprising:
-
(a) storing, at a network switch, at least one mapping between a user device type and;
at least one port configuration command corresponding to the user device type and at least one user device configuration parameter corresponding to the user device type, the port configuration command including a dynamic attribute;(b) determining, by the network switch, a device type of a user device plugged into a port of the network switch, wherein determining a user device type includes determining the user device type in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes exchanging discovery protocol messages with the user device; (c) extracting, from storage of the network switch, the port configuration command corresponding to the device type; (d) dynamically configuring, by the network switch, the port using the configuration, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type; and (e) extracting, by the network switch, a user device configuration parameter corresponding to the user device type from the at least one stored mapping at the network switch and communicating the user device configuration parameter to the user device, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device.
-
-
38. A non-transitory computer readable medium having stored thereon computer executable instructions that when executed by a processor of a computer perform steps comprising:
-
(a) storing, at a network switch, at least one association between a user group and a group-based network access policy and a mapping between a user device type and a user device configuration parameter; (b) detecting, by the network switch, a user connecting a user device to a port of the network switch; (c) determining, by the network switch, a user group to which the user belongs, wherein determining a user group includes determining the user group in response to the user device being connected to the port and exchanging messages with the user device over the port, and wherein exchanging messages with the user device includes receiving an authentication request from the user device; (d) extracting, from the at least an association stored at the network switch, a port configuration command that implements a user-based network access policy corresponding to the user group, the port configuration command including a dynamic attribute; (e) dynamically configuring, by the network switch, the port to implement the user-based network access policy, wherein dynamically configuring the port includes substituting a parameter of the user device for the dynamic attribute so that the port configuration command becomes specific to the user device and executing the user-device-specific port configuration command, wherein dynamically configuring the port includes configuring the port to implement a quality of service parameter and at least one of an access control list and a VLAN corresponding to the user device type; and (f) extracting, by the network switch, a user device configuration parameter corresponding to the user device type from the stored mapping at the network switch and communicating the user device configuration parameter to the user device, wherein communicating the user device configuration parameter to the user device includes downloading the parameter to the user device using a link layer discovery protocol (LLDP) message and using the parameter in configuring the user device.
-
Specification