DYNAMIC NETWORK ACCESS CONTROL METHOD AND APPARATUS
4 Assignments
0 Petitions
Accused Products
Abstract
A method of network access control identifies, in response to a request by an end node to access a network, attributes of the end node and of a device receiving the request. Based on the attributes, a network access control implementation is selected from a plurality of network access control implementations to apply to the request.
101 Citations
26 Claims
-
1-6. -6. (canceled)
-
7. An apparatus for network access control, said device comprising:
-
a memory storing machine readable instructions to; identify attributes of an end node that requests access to a network and of a device receiving the request; and select, based on the attributes of both the end node and the device receiving the request, a network access control implementation from a plurality of network access control implementations to apply to the end node, wherein the plurality of network access control implementations include different combinations of authentication and posture checking implementations, wherein the posture checking implementations comprise a plurality of implementations to determine if the end node has stored thereon software that is potentially harmful to other devices on the network, and wherein the attributes of the end node and the device receiving the request comprise at least one of user identity, manufacturer, model, firmware, time of access request, and locations of the end node and the device receiving the request; and a processor to implement the machine readable instructions. - View Dependent Claims (8, 9, 10, 11, 12, 13, 14, 15, 16, 17)
-
-
18. An apparatus for network access control, said device comprising:
-
a memory storing machine readable instructions to; identify attributes of devices in a network, wherein the devices comprise an end node device and a device to receive a request from the end node; and select, based on the attributes of the devices, a network access control implementation from a plurality of network access control implementations to apply to a request by the end node device to access the network, wherein the plurality of network access control implementations include different combinations of authentication and posture checking implementations, wherein the posture checking implementations comprise a plurality of implementations to determine if the end node device has been compromised with stored thereon software that is potentially harmful to other devices on the network, and wherein the attributes of the network devices comprise at least one of user identity, manufacturer, model, firmware, time of access request, and locations of the network devices; and a processor to implement the machine readable instructions. - View Dependent Claims (19, 20, 21, 22, 23, 24)
-
-
25. A non-transitory computer readable storage medium on which is embedded a set of machine readable instructions that when executed by a processor, implement a method for controlling network access, said machine readable instructions comprising code to:
-
identify, in response to a request by an end node to access a network, attributes of the end node and of a device receiving the request; select, based on the attributes of both the end node and the device receiving the request, a network access control implementation from a plurality of network access control implementations to apply to the end node, wherein the plurality of network access control implementations include different combinations of authentication and posture checking implementations, wherein the posture checking implementations comprise a plurality of implementations to determine if the end node has stored thereon software that is potentially harmful to other devices on the network, and wherein the attributes of the end node and the device receiving the request comprise at least one of user identity, manufacturer, model, firmware, time of access request, and locations of the end node and the device receiving the request. - View Dependent Claims (26)
-
Specification