-
公开(公告)号:US11792193B2
公开(公告)日:2023-10-17
申请号:US17523263
申请日:2021-11-10
发明人: Rajesh Kumar Ganapathy Achari , Anoop Kumaran Nair , Venkatesh Ramachandran , Pattabhi Attaluri , Bhagya Prasad Nittur , Antoni Milton
CPC分类号: H04L63/0876 , H04L63/105
摘要: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.
-
2.发明授权公开(公告)号:US11228618B2
公开(公告)日:2022-01-18
申请号:US16529255
申请日:2019-08-01
发明人: Rajesh Kumar Ganapathy Achari , Anoop Kumaran Nair , Venkatesh Ramachandran , Pattabhi Attaluri , Rajarao Bhagya Prasad Nittur , Antoni Milton
摘要: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.
-
公开(公告)号:US11463477B2
公开(公告)日:2022-10-04
申请号:US16419138
申请日:2019-05-22
发明人: Antoni Milton , Pattabhi Attaluri
IPC分类号: H04L9/40 , H04L67/1097
摘要: A distributed policy management (PM) system (e.g., system for authentication, authorization, and accounting (AAA) activities on a network) is provided. Nodes of the PM system may share information of the PM system using a distributed data store (e.g., a multi-master cache). Each node of the distributed PM system may further share information from the distributed data store with other nodes of a corporate infrastructure network by augmenting information in a remote authentication dial-in user service (RADIUS) protocol message. Nodes that are involved in policy management (e.g., network authentication server (NAS) or firewall) without access to the distributed data store may receive information via augmented RADIUS messages. In this manner, devices may be interfaced to the distributed PM system without having access to the distributed data store. High availability and load balancing implementations may be provided by leveraging the distributed data store across nodes of the PM system.
-
4.发明申请公开(公告)号:US20200374315A1
公开(公告)日:2020-11-26
申请号:US16419138
申请日:2019-05-22
发明人: Antoni Milton , Pattabhi Attaluri
IPC分类号: H04L29/06
摘要: A distributed policy management (PM) system (e.g., system for authentication, authorization, and accounting (AAA) activities on a network) is provided. Nodes of the PM system may share information of the PM system using a distributed data store (e.g., a multi-master cache). Each node of the distributed PM system may further share information from the distributed data store with other nodes of a corporate infrastructure network by augmenting information in a remote authentication dial-in user service (RADIUS) protocol message. Nodes that are involved in policy management (e.g., network authentication server (NAS) or firewall) without access to the distributed data store may receive information via augmented RADIUS messages. In this manner, devices may be interfaced to the distributed PM system without having access to the distributed data store. High availability and load balancing implementations may be provided by leveraging the distributed data store across nodes of the PM system.
-
5.发明申请公开(公告)号:US20210037059A1
公开(公告)日:2021-02-04
申请号:US16529255
申请日:2019-08-01
发明人: Rajesh Kumar Ganapathy Achari , Anoop Kumaran Nair , Venkatesh Ramachandran , Pattabhi Attaluri , Bhagya Prasad NR , Antoni Milton
IPC分类号: H04L29/06
摘要: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.
-
公开(公告)号:US20210014319A1
公开(公告)日:2021-01-14
申请号:US16508267
申请日:2019-07-10
发明人: Antoni Milton
摘要: Systems and methods are provided for network policy enforcement for externally-hosted application usage. A method for a policy management server in an enterprise network includes: grant permission to a user of the enterprise network to access an application hosted outside the enterprise network; determine a usage of the application by the user subsequent to granting the permission; and revoke the permission responsive to the usage of the application by the user exceeding a predetermined usage limit of the application for the user.
-
公开(公告)号:US20200382516A1
公开(公告)日:2020-12-03
申请号:US16429375
申请日:2019-06-03
发明人: Rajesh Kumar Ganapathy Achari , Anoop Kumaran Nair , Pattabhi Attaluri , Venkatesh Ramachandran , Bhagya Prasad Nittur , Antoni Milton
摘要: Methods and systems for specifying and enforcing network policies are provided. One method for configuring a network that includes a plurality of heterogeneous network access devices includes creating a network enforcement profile based on at least one enforcement policy, and determining a network access device group of the plurality of heterogeneous network access devices that are capable of managing the enforcement profile. The method further includes providing vendor-specific configuration parameters for at least one network access device of the network access device group so as to cause the network to manage the network enforcement profile, and applying the vendor-specific configuration parameters to the at least one network access device.
-
公开(公告)号:US11968238B2
公开(公告)日:2024-04-23
申请号:US17823193
申请日:2022-08-30
发明人: Antoni Milton , Pattabhi Attaluri
IPC分类号: H04L9/40 , G06F16/27 , H04L41/0893 , H04L69/24 , H04L67/1097 , H04L67/56
CPC分类号: H04L63/20 , G06F16/27 , H04L41/0893 , H04L63/0263 , H04L63/0892 , H04L69/24 , H04L63/02 , H04L67/1097 , H04L67/56
摘要: A distributed policy management (PM) system (e.g., system for authentication, authorization, and accounting (AAA) activities on a network) is provided. Nodes of the PM system may share information of the PM system using a distributed data store (e.g., a multi-master cache). Each node of the distributed PM system may further share information from the distributed data store with other nodes of a corporate infrastructure network by augmenting information in a remote authentication dial-in user service (RADIUS) protocol message. Nodes that are involved in policy management (e.g., network authentication server (NAS) or firewall) without access to the distributed data store may receive information via augmented RADIUS messages. In this manner, devices may be interfaced to the distributed PM system without having access to the distributed data store. High availability and load balancing implementations may be provided by leveraging the distributed data store across nodes of the PM system.
-
9.发明公开公开(公告)号:US20240056806A1
公开(公告)日:2024-02-15
申请号:US17819434
申请日:2022-08-12
发明人: Antoni Milton
CPC分类号: H04W12/06 , H04W12/72 , H04L63/0892
摘要: In some examples, a system of an enterprise network sends, in response to a request for authentication transmitted in response to a request by an electronic device to access the enterprise network, an authentication request from the system to a server that is part of a carrier network. The system receives, in response to the authentication request, an authentication response that contains a value representing a mobile number for the electronic device, and checks whether the mobile number represented by the value in the authentication response is present in a user information repository. The system performs authorization of the electronic device based on the check of whether the mobile number represented by the value in the authentication response is present in the user information repository, the authorization for the electronic device to determine an access permission of the electronic device in the enterprise network.
-
公开(公告)号:US11418515B2
公开(公告)日:2022-08-16
申请号:US16429375
申请日:2019-06-03
发明人: Rajesh Kumar Ganapathy Achari , Anoop Kumaran Nair , Pattabhi Attaluri , Venkatesh Ramachandran , Bhagya Prasad Nittur , Antoni Milton
IPC分类号: H04L9/40 , H04L41/0806
摘要: Methods and systems for specifying and enforcing network policies are provided. One method for configuring a network that includes a plurality of heterogeneous network access devices includes creating a network enforcement profile based on at least one enforcement policy, and determining a network access device group of the plurality of heterogeneous network access devices that are capable of managing the enforcement profile. The method further includes providing vendor-specific configuration parameters for at least one network access device of the network access device group so as to cause the network to manage the network enforcement profile, and applying the vendor-specific configuration parameters to the at least one network access device.
-
-
-
-
-
-
-
-
-
搜索结果
19 条记录 (耗时 0.016 秒)
