-
公开(公告)号:US07814531B2
公开(公告)日:2010-10-12
申请号:US11478987
申请日:2006-06-30
CPC分类号: H04L63/102 , H04L61/2015 , H04L63/0227 , H04L63/101 , H04L63/12
摘要: A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.
摘要翻译: 一种检测网络环境以帮助网络访问控制的策略选择的方法和装置。 一种方法的实施例包括接收将设备连接到网络的请求,并且如果接收到用于设备的连接的安全策略,则应用所述设备的策略。 如果没有接收到用于连接设备的安全策略,则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域,这允许选择适当的 域/环境特定策略。
-
公开(公告)号:US20080022355A1
公开(公告)日:2008-01-24
申请号:US11478987
申请日:2006-06-30
IPC分类号: H04L9/00
CPC分类号: H04L63/102 , H04L61/2015 , H04L63/0227 , H04L63/101 , H04L63/12
摘要: A method and apparatus for detection of network environment to aid policy selection for network access control. An embodiment of a method includes receiving a request to connect a device to a network and, if a security policy is received for the connection of the device, applying the policy for the device. If a security policy for the connection of the device is not received, the domain of the device is determined by determining whether the device is in an enterprise domain and determining whether the device is in a network access control domain, which allows selection of an appropriate domain/environment specific policy.
摘要翻译: 一种用于检测网络环境以帮助网络访问控制的策略选择的方法和装置。 一种方法的实施例包括接收将设备连接到网络的请求,并且如果接收到用于设备的连接的安全策略,则应用所述设备的策略。 如果没有接收到用于连接设备的安全策略,则通过确定设备是否在企业域中并确定设备是否在网络访问控制域中来确定设备的域,这允许选择适当的 域/环境特定策略。
-
3.发明申请Method and apparatus for OS independent platform based network access control 审中-公开基于OS独立平台的网络访问控制方法和装置公开(公告)号:US20080005359A1
公开(公告)日:2008-01-03
申请号:US11480629
申请日:2006-06-30
申请人: Hormuzd M. Khosravi , Dylan Larson , Alan D. Ross , Uri Blumenthal , Ahuva Kroizer , Avigdor Eldar , Karanvir Grewal
发明人: Hormuzd M. Khosravi , Dylan Larson , Alan D. Ross , Uri Blumenthal , Ahuva Kroizer , Avigdor Eldar , Karanvir Grewal
IPC分类号: G06F15/16
摘要: Secure enterprise network communication technology provides improved authentication prior to granting network access of enterprise host platforms with the network devices via a backend infrastructure.
摘要翻译: 在通过后端基础设施授予企业主机平台与网络设备的网络访问之前,安全的企业网络通信技术提供了改进的认证。
-
公开(公告)号:US20110246633A1
公开(公告)日:2011-10-06
申请号:US12753427
申请日:2010-04-02
IPC分类号: G06F15/173
CPC分类号: H04L67/2819 , H04L67/28 , H04L69/14
摘要: Embodiments provide methods, apparatus, and systems that enable an embedded processor to detect and configure one or more network access settings. The network access settings may enable the embedded processor to communicate over a network, via out-of-band messages, with a management server or service. Other embodiments may be disclosed or claimed.
摘要翻译: 实施例提供使得嵌入式处理器能够检测和配置一个或多个网络访问设置的方法,装置和系统。 网络访问设置可以使嵌入式处理器能够通过带外消息通过网络与管理服务器或服务进行通信。 可以公开或要求保护其他实施例。
-
公开(公告)号:US20090070467A1
公开(公告)日:2009-03-12
申请号:US11899991
申请日:2007-09-07
IPC分类号: G06F15/173
CPC分类号: H04L63/10 , G06F21/305 , H04L63/162
摘要: In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.
摘要翻译: 在网络访问控制网络中,可能难以提供某些远程访问,例如远程启动或远程存储访问。 可以利用通过芯片组固件(例如主动管理技术(AMT))建立的可用网络连接来建立连接并实现远程访问。 然后,一旦检测到活动的完成(例如远程启动),则可能立即终止连接,以防止不正当的代理访问。
-
公开(公告)号:US09239915B2
公开(公告)日:2016-01-19
申请号:US11904322
申请日:2007-09-26
申请人: Avigdor Eldar , Tal Roth , Hormuzd Khosravi , Tal Shustak , Yael Yanai
发明人: Avigdor Eldar , Tal Roth , Hormuzd Khosravi , Tal Shustak , Yael Yanai
CPC分类号: G06F21/33 , G06F21/71 , G06F21/85 , H04L63/0227 , H04L63/08 , H04L63/162
摘要: In network access controlled networks, it is desirable to prevent access to the network by any non-authenticated entities. Access control may be established through a trusted agent that, in some embodiments, may be implemented with a management co-processor. In some cases, active management technology may establish a connection while a host is inactive. Then, after the host becomes active, the host can attempt to use the management co-processor connection without obtaining the necessary authentications. This may be prevented, in some embodiments, by scanning for an active host and, if such an active host is found, blocking the host from using a layer 2 authentication channel unless the host is properly authenticated and has a proper Internet Protocol address.
-
公开(公告)号:US09178884B2
公开(公告)日:2015-11-03
申请号:US11899991
申请日:2007-09-07
CPC分类号: H04L63/10 , G06F21/305 , H04L63/162
摘要: In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.
-
公开(公告)号:US08332510B2
公开(公告)日:2012-12-11
申请号:US12753427
申请日:2010-04-02
IPC分类号: G06F15/16
CPC分类号: H04L67/2819 , H04L67/28 , H04L69/14
摘要: Embodiments provide methods, apparatus, and systems that enable an embedded processor to detect and configure one or more network access settings. The network access settings may enable the embedded processor to communicate over a network, via out-of-band messages, with a management server or service. Other embodiments may be disclosed or claimed.
摘要翻译: 实施例提供使得嵌入式处理器能够检测和配置一个或多个网络访问设置的方法,装置和系统。 网络访问设置可以使嵌入式处理器能够通过带外消息通过网络与管理服务器或服务进行通信。 可以公开或要求保护其他实施例。
-
9.发明申请Synchronizing between host and management co-processor for network access control 有权同步主机和管理协处理器进行网络访问控制公开(公告)号:US20090083844A1
公开(公告)日:2009-03-26
申请号:US11904322
申请日:2007-09-26
申请人: Avigdor Eldar , Tal Roth , Hormuzd Khosravi , Tal Shustak , Yael Yanai
发明人: Avigdor Eldar , Tal Roth , Hormuzd Khosravi , Tal Shustak , Yael Yanai
IPC分类号: G06F21/20 , G06F15/173
CPC分类号: G06F21/33 , G06F21/71 , G06F21/85 , H04L63/0227 , H04L63/08 , H04L63/162
摘要: In network access controlled networks, it is desirable to prevent access to the network by any non-authenticated entities. Access control may be established through a trusted agent that, in some embodiments, may be implemented with a management co-processor. In some cases, active management technology may establish a connection while a host is inactive. Then, after the host becomes active, the host can attempt to use the management co-processor connection without obtaining the necessary authentications. This may be prevented, in some embodiments, by scanning for an active host and, if such an active host is found, blocking the host from using a layer 2 authentication channel unless the host is properly authenticated and has a proper Internet Protocol address.
摘要翻译: 在网络访问控制网络中,期望防止任何未经认证的实体访问网络。 访问控制可以通过可信代理来建立,在一些实施例中,可以使用管理协处理器来实现。 在某些情况下,主动管理技术可能会在主机处于非活动状态时建立连接。 然后,在主机变为活动状态之后,主机可以尝试使用管理协处理器连接,而无需获得必要的认证。 在一些实施例中,可以通过扫描活动主机来防止这种情况,并且如果发现这样的活动主机,则阻止主机使用第2层认证信道,除非主机被正确认证并具有适当的因特网协议地址。
-
公开(公告)号:US08902906B2
公开(公告)日:2014-12-02
申请号:US13346181
申请日:2012-01-09
申请人: Avigdor Eldar , Izoslav Tchigevsky
发明人: Avigdor Eldar , Izoslav Tchigevsky
CPC分类号: H04L29/12216 , H04L29/12783 , H04L61/2007 , H04L61/35
摘要: In an embodiment, a method is provided. The method of this embodiment provides receiving indication of an event at a platform operating in shared address mode, the platform having an auxiliary entity, in response to the indication of the event, switching operation of the platform to multi address mode by acquiring a second address, and assigning the second address to the auxiliary entity, and receiving one or more packets directed to the second address.
摘要翻译: 在一个实施例中,提供了一种方法。 该实施例的方法提供了在共享地址模式下操作的平台处的事件的接收指示,所述平台具有辅助实体,响应于事件的指示,通过获取第二地址来将平台切换到多地址模式 并且将第二地址分配给辅助实体,以及接收针对第二地址的一个或多个分组。
-
-
-
-
-
-
-
-
-
搜索结果
57 条记录 (耗时 0.018 秒)
