公开(公告)号：US07237263B1

公开(公告)日：2007-06-26

申请号：US09800754

申请日：2001-03-06

申请人： Christopher Boscolo ,  Shabnam Erfani ,  Mark Hughes ,  Brad Robel-Forrest

发明人： Christopher Boscolo ,  Shabnam Erfani ,  Mark Hughes ,  Brad Robel-Forrest

IPC分类号： G06F17/00

CPC分类号： H04L41/0869 ,  H04L41/0816 ,  H04L41/082 ,  H04L63/0272 ,  H04L63/20

摘要： A facility in a single manager computer system for managing properties for a plurality of managed computer systems is described. The facility reiteratively receives new managed properties for an identified managed computer system. In response, the facility delivers the received new managed properties to the identified managed computer system.

摘要翻译： 描述了用于管理多个管理的计算机系统的属性的单个管理计算机系统中的设施。 该设施重新收到一个已识别的受管计算机系统的新管理属性。 作为响应，该设施将接收到的新的托管属性提供给所识别的受管计算机系统。

公开(公告)号：US08191132B1

公开(公告)日：2012-05-29

申请号：US11778350

申请日：2007-07-16

申请人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

发明人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

IPC分类号： G06F9/00

CPC分类号： H04L63/0254 ,  H04L63/123

摘要： A facility for proxying network traffic between a pair of nodes is described. The facility receives packets traveling between the pair of nodes that together constitute a distinguished network connection. For each packet of the connection that is part of a transport protocol setup process, the facility updates a representation of the status of the setup process to reflect the packet, and forwards the packet to its destination without proxying the packet. For each packet of the connection that is subsequent to the setup process, the facility proxies the contents of the packet to the packet's destination.

摘要翻译： 描述了用于在一对节点之间代理网络流量的设施。 该设施接收在一对组成一个可识别的网络连接的一对节点之间行进的分组。 对于作为传输协议建立过程一部分的连接的每个分组，设施更新设置过程的状态的表示以反映分组，并且将分组转发到其目的地而不代理分组。 对于设置过程之后的连接的每个分组，设备将分组的内容代理到分组的目的地。

公开(公告)号：US08650632B2

公开(公告)日：2014-02-11

申请号：US13457319

申请日：2012-04-26

申请人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

发明人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

IPC分类号： G06F7/04

CPC分类号： H04L63/0254 ,  H04L63/123

摘要： A facility for proxying network traffic between a pair of nodes is described. The facility receives packets traveling between the pair of nodes that together constitute a network connection. For each packet of the connection that is part of a transport protocol setup process, the facility updates a representation of the status of the setup process to reflect the packet, and forwards the packet to its destination without proxying the packet. For each packet of the connection that is subsequent to the setup process, the facility proxies the contents of the packet to the packet's destination.

摘要翻译： 描述了用于在一对节点之间代理网络流量的设施。 该设施接收在一起构成网络连接的一对节点之间行进的分组。 对于作为传输协议建立过程一部分的连接的每个分组，设施更新设置过程的状态的表示以反映分组，并且将分组转发到其目的地而不代理分组。 对于设置过程之后的连接的每个分组，设备将分组的内容代理到分组的目的地。

公开(公告)号：US20120216275A1

公开(公告)日：2012-08-23

申请号：US13457319

申请日：2012-04-26

申请人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

发明人： Christopher Boscolo ,  Brad Robel-Forrest ,  Bryan Phillippe

IPC分类号： G06F21/00

CPC分类号： H04L63/0254 ,  H04L63/123

摘要： A facility for proxying network traffic between a pair of nodes is described. The facility receives packets traveling between the pair of nodes that together constitute a distinguished network connection. For each packet of the connection that is part of a transport protocol setup process, the facility updates a representation of the status of the setup process to reflect the packet, and forwards the packet to its destination without proxying the packet. For each packet of the connection that is subsequent to the setup process, the facility proxies the contents of the packet to the packet's destination.

摘要翻译： 描述了用于在一对节点之间代理网络流量的设施。 该设施接收在一对组成一个可识别的网络连接的一对节点之间行进的分组。 对于作为传输协议建立过程一部分的连接的每个分组，设施更新设置过程的状态的表示以反映分组，并且将分组转发到其目的地而不代理分组。 对于设置过程之后的连接的每个分组，设备将分组的内容代理到分组的目的地。

公开(公告)号：US20060168648A1

公开(公告)日：2006-07-27

申请号：US11337408

申请日：2006-01-23

申请人： Alexandru Vank ,  Xin Shen ,  Matt Cobb ,  Brad Robel-Forrest ,  Evan Webb

发明人： Alexandru Vank ,  Xin Shen ,  Matt Cobb ,  Brad Robel-Forrest ,  Evan Webb

IPC分类号： H04L9/32 ,  G06K9/00 ,  G06F17/30

CPC分类号： H04L63/205 ,  H04L63/08 ,  H04L63/10 ,  H04L63/162 ,  H04L63/20

摘要： The invention enables a client device that does not support IEEE 802.1X authentication to access at least some resources provided through a switch that supports 802.1X authentication by using dynamic authentication with different protocols. When the client device attempts to join a network, the switch monitors for an 802.1X authentication message from the client device. In one embodiment, if the client fails to send an 802.1X authentication message, respond to an 802.1X request from the switch, or a predefined failure condition is detected the client may be deemed incapable of supporting 802.1X authentication. In one embodiment, the client may be initially placed on a quarantine VLAN after determination that the client fails to perform an 802.1X authentication within a backoff time limit. However, the client may still gain access to resources based on various non-802.1X authentication mechanisms, including name/passwords, digital certificates, or the like.

公开(公告)号：US08522318B2

公开(公告)日：2013-08-27

申请号：US12879319

申请日：2010-09-10

申请人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Webb

发明人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Webb

IPC分类号： H04L9/06 ,  H04L29/06

CPC分类号： H04L63/205 ,  H04L63/08 ,  H04L63/10 ,  H04L63/162 ,  H04L63/20

摘要： The invention enables a client device that does not support IEEE 802.1X authentication to access at least some resources provided through a switch that supports 802.1X authentication by using dynamic authentication with different protocols. When the client device attempts to join a network, the switch monitors for an 802.1X authentication message from the client device. In one embodiment, if the client fails to send an 802.1X authentication message, respond to an 802.1X request from the switch, or a predefined failure condition is detected the client may be deemed incapable of supporting 802.1X authentication. In one embodiment, the client may be initially placed on a quarantine VLAN after determination that the client fails to perform an 802.1X authentication within a backoff time limit. However, the client may still gain access to resources based on various non-802.1X authentication mechanisms, including name/passwords, digital certificates, or the like.

摘要翻译： 本发明使得不支持IEEE 802.1X认证的客户端设备通过使用不同协议的动态认证来访问通过支持802.1X认证的交换机提供的至少一些资源。 当客户端设备尝试加入网络时，交换机会监控来自客户端设备的802.1X认证消息。 在一个实施例中，如果客户端不能发送802.1X认证消息，则从交换机响应802.1X请求，或者检测到预定义的故障条件，则客户端可能被认为不能支持802.1X认证。 在一个实施例中，客户端可以在确定客户端在退避时间限制内未能执行802.1X认证之前被初始化为隔离VLAN。 然而，客户端仍然可以基于各种非802.1X认证机制（包括名称/密码，数字证书等）获得对资源的访问。

公开(公告)号：US20140123213A1

公开(公告)日：2014-05-01

申请号：US13952245

申请日：2013-07-26

申请人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Phoenix

发明人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Phoenix

IPC分类号： H04L29/06

CPC分类号： H04L63/205 ,  H04L63/08 ,  H04L63/10 ,  H04L63/162 ,  H04L63/20

摘要： The invention enables a client device that does not support IEEE 802.1X authentication to access at least some resources provided through a switch that supports 802.1X authentication by using dynamic authentication with different protocols. When the client device attempts to join a network, the switch monitors for an 802.1X authentication message from the client device. In one embodiment, if the client fails to send an 802.1X authentication message, respond to an 802.1X request from the switch, or a predefined failure condition is detected the client may be deemed incapable of supporting 802.1X authentication. In one embodiment, the client may be initially placed on a quarantine VLAN after determination that the client fails to perform an 802.1X authentication within a backoff time limit. However, the client may still gain access to resources based on various non-802.1X authentication mechanisms, including name/passwords, digital certificates, or the like.

摘要翻译： 本发明使得不支持IEEE 802.1X认证的客户端设备通过使用不同协议的动态认证来访问通过支持802.1X认证的交换机提供的至少一些资源。 当客户端设备尝试加入网络时，交换机会监控来自客户端设备的802.1X认证消息。 在一个实施例中，如果客户端不能发送802.1X认证消息，则从交换机响应802.1X请求，或者检测到预定义的故障条件，则客户端可能被认为不能支持802.1X认证。 在一个实施例中，客户端可以在确定客户端在退避时间限制内未能执行802.1X认证之前被初始化为隔离VLAN。 然而，客户端仍然可以基于各种非802.1X认证机制（包括名称/密码，数字证书等）获得对资源的访问。

公开(公告)号：US20100333176A1

公开(公告)日：2010-12-30

申请号：US12879319

申请日：2010-09-10

申请人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Webb

发明人： Alexandru Z. Vank ,  Xin Shen ,  Matt B. Cobb ,  Brad Robel-Forrest ,  Evan M. Webb

IPC分类号： G06F21/00 ,  G06F15/16

CPC分类号： H04L63/205 ,  H04L63/08 ,  H04L63/10 ,  H04L63/162 ,  H04L63/20

摘要： The invention enables a client device that does not support IEEE 802.1X authentication to access at least some resources provided through a switch that supports 802.1X authentication by using dynamic authentication with different protocols. When the client device attempts to join a network, the switch monitors for an 802.1X authentication message from the client device. In one embodiment, if the client fails to send an 802.1X authentication message, respond to an 802.1X request from the switch, or a predefined failure condition is detected the client may be deemed incapable of supporting 802.1X authentication. In one embodiment, the client may be initially placed on a quarantine VLAN after determination that the client fails to perform an 802.1X authentication within a backoff time limit. However, the client may still gain access to resources based on various non-802.1X authentication mechanisms, including name/passwords, digital certificates, or the like.

摘要翻译： 本发明使得不支持IEEE 802.1X认证的客户端设备通过使用不同协议的动态认证来访问通过支持802.1X认证的交换机提供的至少一些资源。 当客户端设备尝试加入网络时，交换机会监控来自客户端设备的802.1X认证消息。 在一个实施例中，如果客户端不能发送802.1X认证消息，则从交换机响应802.1X请求，或者检测到预定义的故障条件，则客户端可能被认为不能支持802.1X认证。 在一个实施例中，客户端可以在确定客户端在退避时间限制内未能执行802.1X认证之前被初始化为隔离VLAN。 然而，客户端仍然可以基于各种非802.1X认证机制（包括名称/密码，数字证书等）获得对资源的访问。

公开(公告)号：US07810138B2

公开(公告)日：2010-10-05

申请号：US11337408

申请日：2006-01-23

申请人： Alexandru Zsolt Vank ,  Xin Shen ,  Matt Brian Cobb ,  Brad Robel-Forrest ,  Evan McClendon Phoenix

发明人： Alexandru Zsolt Vank ,  Xin Shen ,  Matt Brian Cobb ,  Brad Robel-Forrest ,  Evan McClendon Phoenix

IPC分类号： H04L9/00 ,  H04L29/06

CPC分类号： H04L63/205 ,  H04L63/08 ,  H04L63/10 ,  H04L63/162 ,  H04L63/20

摘要： The invention enables a client device that does not support IEEE 802.1X authentication to access at least some resources provided through a switch that supports 802.1X authentication by using dynamic authentication with different protocols. When the client device attempts to join a network, the switch monitors for an 802.1X authentication message from the client device. In one embodiment, if the client fails to send an 802.1X authentication message, respond to an 802.1X request from the switch, or a predefined failure condition is detected the client may be deemed incapable of supporting 802.1X authentication. In one embodiment, the client may be initially placed on a quarantine VLAN after determination that the client fails to perform an 802.1X authentication within a backoff time limit. However, the client may still gain access to resources based on various non-802.1X authentication mechanisms, including name/passwords, digital certificates, or the like.

摘要翻译： 本发明使得不支持IEEE 802.1X认证的客户端设备通过使用不同协议的动态认证来访问通过支持802.1X认证的交换机提供的至少一些资源。 当客户端设备尝试加入网络时，交换机会监控来自客户端设备的802.1X认证消息。 在一个实施例中，如果客户端不能发送802.1X认证消息，则从交换机响应802.1X请求，或者检测到预定义的故障条件，则客户端可能被认为不能支持802.1X认证。 在一个实施例中，客户端可以在确定客户端在退避时间限制内未能执行802.1X认证之前被初始化为隔离VLAN。 然而，客户端仍然可以基于各种非802.1X认证机制（包括名称/密码，数字证书等）获得对资源的访问。