Electrical computers and digital processing systems: multicomput – Computer network managing – Computer network access regulating
Reexamination Certificate
2011-03-29
2011-03-29
Zand, Kambiz (Department: 2434)
Electrical computers and digital processing systems: multicomput
Computer network managing
Computer network access regulating
C726S011000, C726S012000, C726S013000, C726S025000, C726S002000, C370S401000, C370S398000
Reexamination Certificate
active
07917621
ABSTRACT:
Prior art quarantine networks were implemented by two methods, the IEEE802.1x method and the DHCP method, but these methods both have different problems. The problem with the IEEE802.1x method is that it is difficult to make the transition from an existing management framework. The problem with the DHCP method is that it is difficult to prevent attacks on the network itself, and to repeat client quarantine. The present invention implements client login authentication and client security status quarantine independently, and controls layer-2 connectivity based on the respective results. This permits quarantine using an existing management framework, as well as enhancing network protection by layer-2 connection control and permitting repeat quarantine of the client using the same IP address. Moreover, by incorporating other layer-2 connectivity control mechanisms, flexible layer-2 connectivity control outside the quarantine network can also be implemented.
REFERENCES:
patent: 7379423 (2008-05-01), Caves et al.
patent: 2005/0273853 (2005-12-01), Oba et al.
patent: 2006/0203815 (2006-09-01), Couillard
patent: 2007/0192862 (2007-08-01), Vermeulen et al.
patent: 2006-252256 (2006-09-01), None
Joseph V. Antrosio, Errin W. Fulp, “Malware Defense Using Network Security Authentication,” iwia, pp. 43-54, Third IEEE International Workshop on Information Assurance (IWIA'05), Mar. 23-24, 2005.
McPherson, Danny . “RFC 3069—VLAN Aggregation for Efficient IP Address Allocation.” FAQs. Feb 2001. The Internet Society. <http://www.faqs.org/rfcs/rfc3069.html>.
Sridhar, Thayumanavan. “Layer 2 and Layer 3 Switch Evolution.” Internet Protocol Journal. 1.2 (1998): 38-43. Print.
“Unauthorized Personal Computers Are Controlled by Quarantine Network”, Nikkei Windows Pro, Nov. 2000 (No. 92). pp. 78-99.
Higuchi Hidemitsu
Miyabe Takao
Shibata Takeshi
Suzuki Shinsuke
ALAXALA Networks Corporation
Brundidge & Stanger, P.C.
Durham Imhotep
Zand Kambiz
LandOfFree
Method and system for network access control does not yet have a rating. At this time, there are no reviews or comments for this patent.
If you have personal experience with Method and system for network access control, we encourage you to share that experience with our LandOfFree.com community. Your opinion is very important and Method and system for network access control will most certainly appreciate the feedback.
Profile ID: LFUS-PAI-O-2733847