System and method for monitoring and enforcing policy within a wireless network
First Claim
Patent Images
1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:
- scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels;
detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address;
processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame;
transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point;
receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and
sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device.
4 Assignments
0 Petitions
Accused Products
Abstract
In general, one embodiment of the invention is a air monitor adapted to a wireless network. The air monitor enforces policies followed by the wireless network even though it is not involved in the exchange of data between wireless devices of the wireless network such as access points and wireless stations.
79 Citations
24 Claims
-
1. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:
-
scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels; detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address; processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame; transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point; receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations comprising:
-
scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels; detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address and a source MAC address; processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the source MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame; transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point; receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device. - View Dependent Claims (8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
a first device including a hardware processor; wherein the system is configured to perform operations comprising; scanning, by a network monitoring device, a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels; detecting, by the network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address; processing, by the network monitoring device, information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame; transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point; receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device. - View Dependent Claims (14, 15, 16, 17, 18)
-
-
19. A system comprising:
-
a first device including a hardware processor; the system being configured to perform operations comprising; scanning a plurality of frequency channels of a network, wherein the network includes an access point, and wherein the access point communicates with a wireless device on a frequency channel of the plurality of frequency channels; detecting, by a network monitoring device, a wireless frame transmitted by the access point, wherein the wireless frame includes a destination Media Access Control (MAC) address; processing information extracted from the wireless frame, wherein processing the information includes classifying the destination MAC address of the wireless frame as either a wireless MAC address or a wired MAC address based on the information extracted from the wireless frame; transmitting the extracted information, wherein when the extracted information is received at a management server, the extracted information facilitates classification of the access point; receiving a denial of service message, wherein the denial of service message is generated at the management server when the classification is unsecured; and sending a de-authentication message, wherein receiving the de-authentication message facilitates deletion at the access point of the information associated with the wireless device. - View Dependent Claims (20, 21, 22, 23, 24)
-
Specification