System and method for monitoring and enforcing policy within a wireless network

US 9,143,956 B2
Filed: 06/24/2011
Issued: 09/22/2015
Est. Priority Date: 09/24/2002
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:

scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;

detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address;

processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;

transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;

receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and

sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.

View all claims

4 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In general, one embodiment of the invention is a air monitor adapted to a wireless network. The air monitor enforces policies followed by the wireless network even though it is not involved in the exchange of data between wireless devices of the wireless network such as access points and wireless stations.

79 Citations

View as Search Results

24 Claims

1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:
- scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;
  
  detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address;
  
  processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;
  
  transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;
  
  receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and
  
  sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The medium of claim 1, wherein the information comprises a header of the wireless frame.
  - 3. The medium of claim 2, wherein the header of the wireless frame comprises a fromDS bit and a toDS bit, and wherein classifying the destination MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit or the toDS bit.
  - 4. The medium of claim 2, wherein the header of the wireless frame comprises a toDS bit and a fromDS bit, and wherein classifying the destination MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit and the toDS bit.
  - 5. The medium of claim 1, wherein the operations comprise:
    - classifying the destination MAC address as the wireless MAC address based on the information comprising a fromDS bit being set and a toDS bit not being set.
  - 6. The medium of claim 1, wherein the operations comprise:
    - classifying the destination MAC address as the wired MAC address based on the information comprising a fromDS bit not being set and a toDS bit being set.

7. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:
- scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;
  
  detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address and a source MAC address;
  
  processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the source MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;
  
  transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;
  
  receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and
  
  sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The medium of claim 7, wherein the information comprises a header of the wireless frame.
  - 9. The medium of claim 8, wherein the header of the wireless frame comprises a fromDS bit and a toDS bit, and wherein classifying the source MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit or the toDS bit.
  - 10. The medium of claim 8, wherein the header of the wireless frame comprises a toDS bit and a fromDS bit, and wherein classifying the source MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit and the toDS bit.
  - 11. The medium of claim 7, wherein the operations comprise:
    - classifying the source MAC address as the wireless MAC address based on the information comprising a fromDS bit not being set and a toDS bit being set.
  - 12. The medium of claim 7, wherein the operations comprise:
    - classifying the source MAC address as the wired MAC address based on the information comprising a fromDS bit being set and a toDS not bit being set.

13. A system comprising:
- a first device including a hardware processor;
  
  wherein the system is configured to perform operations comprising;
  
  scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;
  
  detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address;
  
  processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;
  
  transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;
  
  receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and
  
  sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.
- View Dependent Claims (14, 15, 16, 17, 18)
- - 14. The system of claim 13, wherein the information comprises a header of the wireless frame.
  - 15. The system of claim 14, wherein the header of the wireless frame comprises a fromDS bit and a toDS bit, and wherein classifying the destination MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit or the toDS bit.
  - 16. The system of claim 14, wherein the header of the wireless frame comprises a toDS bit and a fromDS bit, and wherein classifying the destination MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit and the toDS bit.
  - 17. The system of claim 13, wherein the operations comprise:
    - classifying the destination MAC address as the wireless MAC address based on the information comprising a fromDS bit being set and a toDS bit not being set.
  - 18. The system of claim 13, wherein the operations comprise:
    - classifying the destination MAC address as the wired MAC address based on the information comprising a fromDS bit not being set and a toDS bit being set.

19. A system comprising:
- a first device including a hardware processor;
  
  the system being configured to perform operations comprising;
  
  scanning a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;
  
  detecting, by a network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address;
  
  processing information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;
  
  transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;
  
  receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and
  
  sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.
- View Dependent Claims (20, 21, 22, 23, 24)
- - 20. The system of claim 19, wherein the information comprises a header of the wireless frame.
  - 21. The system of claim 20, wherein the header of the wireless frame comprises a fromDS bit and a toDS bit, and wherein classifying the source MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit or the toDS bit.
  - 22. The system of claim 20, wherein the header of the wireless frame comprises a toDS bit and a fromDS bit, and wherein classifying the source MAC address as either the wireless MAC address or the wired MAC address is based on the fromDS bit and the toDS bit.
  - 23. The system of claim 19, wherein the operations comprise:
    - classifying the source MAC address as the wireless MAC address based on the information comprising a fromDS bit not being set and a toDS bit being set.
  - 24. The system of claim 19, wherein the operations comprise:
    - classifying the source MAC address as the wired MAC address based on the information comprising a fromDS bit being set and a toDS not bit being set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Hewlett Packard Enterprise Development LP (Hewlett-Packard Enterprise Company)
Original Assignee
Hewlett-Packard Development Company, L.P. (HP Inc.)
Inventors
Iyer, Pradeep J., Narasimhan, Partha
Primary Examiner(s)
NGUYEN, STEVEN H D

Application Number

US13/168,794
Publication Number

US 20110258681A1
Time in Patent Office

1,551 Days
Field of Search
US Class Current

1/1
CPC Class Codes

H04L 63/1416   Event detection, e.g. attac...

H04W 12/122   Counter-measures against at...

H04W 24/00   Supervisory, monitoring or ...

H04W 24/02   Arrangements for optimising...

System and method for monitoring and enforcing policy within a wireless network

First Claim

4 Assignments

0 Petitions

Accused Products

Abstract

79 Citations

24 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for monitoring and enforcing policy within a wireless network

First Claim

4 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

79 Citations

24 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links