公开(公告)号：US20220272614A1

公开(公告)日：2022-08-25

申请号：US17182058

申请日：2021-02-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Xiaoding Shang ,  Feng Ding ,  Qiwei Chang

IPC: H04W48/12 ,  H04W48/16 ,  H04W12/06

Abstract: Systems and methods are provided for authentication chaining and firewall optimization in a micro branch deployment comprising a plurality of chained access points (APs) and a gateway AP. A topology of the micro branch deployment may be determined through enhanced hierarchical beaconing. Based on the determined topology, an authentication chain is developed through which a client device associated to an AP of the plurality of chained APs may be authenticated and granted access to the AP. Upon authentication of the client device, firewall optimization is performed to implement access control rules only at the AP to which the client device is associated.

公开(公告)号：US20250080493A1

公开(公告)日：2025-03-06

申请号：US18460409

申请日：2023-09-01

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Zhijun Ren ,  Xiaoding Shang ,  Hao Lu ,  Qiwei Chang

IPC: H04L61/5014 ,  H04L61/10

Abstract: An AP sets up a data tunnel to a remote network and monitors a remote DHCP session between a client device and a remote DHCP server in the remote network. The remote DHCP server assigns a remote IP address to the client device, and communication between the client device and the remote network is based on the remote IP address. In response to determining completion of the remote DHCP session, the AP initializes a local DHCP session with a local DHCP server in a local network to obtain a local IP address for the client device. Communication between the client device and the local network is based on the local IP address. In response to detecting the client device roaming from the AP to a target AP, the AP forwards the remote and local IP addresses and session data of active sessions on the client device to the target AP.

公开(公告)号：US12166745B2

公开(公告)日：2024-12-10

申请号：US17461811

申请日：2021-08-30

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Huimeng Huang ,  Jianpo Han ,  Qiwei Chang

IPC: H04L9/40

Abstract: A packet that includes a header and a payload can be acquired. A first portion of the payload can be selected such that the first portion that is smaller than the payload. The header and the first portion of the payload can be encrypted based on an encryption algorithm to generate an encrypted packet. The encrypted packet can be transmitted to a node on a network.

公开(公告)号：US11792718B2

公开(公告)日：2023-10-17

申请号：US17182058

申请日：2021-02-22

Applicant: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LP

Inventor： Hao Lu ,  Xiaoding Shang ,  Feng Ding ,  Qiwei Chang

IPC: H04W48/12 ,  H04W48/16 ,  H04W12/06 ,  H04W88/08 ,  H04W88/16

CPC classification number: H04W48/12 ,  H04W12/06 ,  H04W48/16 ,  H04W88/08 ,  H04W88/16

Abstract: Systems and methods are provided for authentication chaining and firewall optimization in a micro branch deployment comprising a plurality of chained access points (APs) and a gateway AP. A topology of the micro branch deployment may be determined through enhanced hierarchical beaconing. Based on the determined topology, an authentication chain is developed through which a client device associated to an AP of the plurality of chained APs may be authenticated and granted access to the AP. Upon authentication of the client device, firewall optimization is performed to implement access control rules only at the AP to which the client device is associated.