公开(公告)号：US20220174060A1

公开(公告)日：2022-06-02

申请号：US17675685

申请日：2022-02-18

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Antoni MILTON ,  Timothy CAPPALLI

IPC: H04L9/40

Abstract: Example method includes: establishing a secure tunnel with an unauthenticated client device associated with a user of a restricted network; receiving user credentials associated with the user and transmitted from the unauthenticated client device within the secure tunnel; validating the received user credentials; and transmitting at least a client certificate and device configuration information to the unauthenticated client device within the secure tunnel such that the unauthenticated client device is able to access the restricted network after installing the client certificate and applying the device configurations based on the received device configuration information.

公开(公告)号：US20220417288A1

公开(公告)日：2022-12-29

申请号：US17823193

申请日：2022-08-30

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Antoni MILTON ,  Pattabhi ATTALURI

IPC: H04L9/40

Abstract: A distributed policy management (PM) system (e.g., system for authentication, authorization, and accounting (AAA) activities on a network) is provided. Nodes of the PM system may share information of the PM system using a distributed data store (e.g., a multi-master cache). Each node of the distributed PM system may further share information from the distributed data store with other nodes of a corporate infrastructure network by augmenting information in a remote authentication dial-in user service (RADIUS) protocol message. Nodes that are involved in policy management (e.g., network authentication server (NAS) or firewall) without access to the distributed data store may receive information via augmented RADIUS messages. In this manner, devices may be interfaced to the distributed PM system without having access to the distributed data store. High availability and load balancing implementations may be provided by leveraging the distributed data store across nodes of the PM system.

公开(公告)号：US20220070168A1

公开(公告)日：2022-03-03

申请号：US17523263

申请日：2021-11-10

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Rajesh Kumar GANAPATHY ACHARI ,  Anoop Kumaran NAIR ,  Venkatesh RAMACHANDRAN ,  Pattabhi ATTALURI ,  Bhagya Prasad NITTUR ,  Antoni MILTON

IPC: H04L29/06

Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.

公开(公告)号：US20200351261A1

公开(公告)日：2020-11-05

申请号：US16399301

申请日：2019-04-30

Applicant: Hewlett Packard Enterprise Development LP

Inventor： Antoni MILTON ,  Timothy CAPPALLI

IPC: H04L29/06

Abstract: Example method includes: establishing a secure tunnel with an unauthenticated client device associated with a user of a restricted network; receiving user credentials associated with the user and transmitted from the unauthenticated client device within the secure tunnel; validating the received user credentials; and transmitting at least a client certificate and device configuration information to the unauthenticated client device within the secure tunnel such that the unauthenticated client device is able to access the restricted network after installing the client certificate and applying the device configurations based on the received device configuration information.