-
公开(公告)号:US07577996B1
公开(公告)日:2009-08-18
申请号:US10773394
申请日:2004-02-06
申请人: Shehzad T. Merchant , Derek H. Pitcher , Victor C. Lin , Manish M. Rathi , Jia-Ru Li , Matthew R. Peters , Balaji Srinivasan , Vipin K. Jain , Amit K. Maitra
发明人: Shehzad T. Merchant , Derek H. Pitcher , Victor C. Lin , Manish M. Rathi , Jia-Ru Li , Matthew R. Peters , Balaji Srinivasan , Vipin K. Jain , Amit K. Maitra
CPC分类号: H04L63/0853
摘要: Devices, systems and related methods are disclosed for improving operational security of a network and/or network devices, such as wireless access points (APs). In the disclosed systems, a network device is not fully operational until it is attached to a network and downloads sensitive information. The information is stored in the network device so that when the device is disconnected from the network, the sensitive information is erased from the device, making the device inoperative and removing sensitive information, such as passwords, network security keys, or the like. Disabling the network device in this manner not only prevents the theft of sensitive network access information, by also discourages theft of the device itself because it cannot be used on another network without the configuration information. In addition to downloading configuration information, the network device can also download an executable image that is likewise not permanently resident on the device.
摘要翻译: 公开了用于改善诸如无线接入点(AP)的网络和/或网络设备的操作安全性的设备,系统和相关方法。 在所公开的系统中,网络设备在连接到网络并且下载敏感信息之前不能完全运行。 该信息存储在网络设备中,使得当设备与网络断开连接时,敏感信息从设备中被擦除,使得设备不起作用,并且去除诸如密码,网络安全密钥等的敏感信息。 以这种方式禁用网络设备不仅防止了敏感网络访问信息的窃取,还阻止了设备本身的窃取,因为它不能在没有配置信息的情况下在另一个网络上使用。 除了下载配置信息之外,网络设备还可以下载同样不永久驻留在设备上的可执行映像。
-
2.发明授权Method and system for detecting and preventing access intrusion in a network 有权用于检测和防止网络中的访问入侵的方法和系统公开(公告)号:US08707432B1
公开(公告)日:2014-04-22
申请号:US11961677
申请日:2007-12-20
IPC分类号: G06F12/14
CPC分类号: H04L63/1408 , H04L63/1441
摘要: A wireless computer network includes components cooperating together to prevent access intrusions by detecting unauthorized devices connected to the network, disabling the network connections to the devices, and then physically locating the devices. The network can detect both unauthorized client stations and unauthorized edge devices such as wireless access points (APs). The network can detect intruders by monitoring information transferred over wireless channels, identifying protocol state machine violations, tracking roaming behavior of clients, and detecting network addresses being improperly used in multiple locations. Upon detecting an intruder, the network can automatically locate and shut off the physical/logical port to which the intruder is connected.
摘要翻译: 无线计算机网络包括通过检测连接到网络的未授权设备,禁止到设备的网络连接,然后物理地定位设备来协作在一起的组件来防止接入入侵。 网络可以检测未经授权的客户端站和未授权的边缘设备,如无线接入点(AP)。 该网络可以通过监视通过无线信道传输的信息,识别协议状态机违规,跟踪客户端的漫游行为以及检测多个位置中不正确使用的网络地址来检测入侵者。 检测到入侵者后,网络可以自动定位和关闭与入侵者连接的物理/逻辑端口。
-
公开(公告)号:US07310664B1
公开(公告)日:2007-12-18
申请号:US10773487
申请日:2004-02-06
申请人: Shehzad T. Merchant , Manish M. Rathi , Victor C. Lin , Vipin K. Jain , Jia-Ru Li , Amit K. Maitra , Matthew R. Peters , Derek H. Pitcher , Balaji Srinivasan
发明人: Shehzad T. Merchant , Manish M. Rathi , Victor C. Lin , Vipin K. Jain , Jia-Ru Li , Amit K. Maitra , Matthew R. Peters , Derek H. Pitcher , Balaji Srinivasan
IPC分类号: G06F15/173
CPC分类号: H04L41/0886 , H04L41/0213 , H04L41/046 , H04L41/082 , H04L63/101 , H04W12/06 , H04W24/02 , H04W88/14 , H04W92/045 , H04W92/24
摘要: A network switch having a unified, adaptive management paradigm for wireless network devices is disclosed. The switch includes configurable ports for connecting devices. A software application running on the switch allows a network administrator to selectively configure each port to support either a wired device or wireless device. Configuration information and software images that are needed for operation of the wireless device are associated with the port. When a wireless device is first plugged into the switch port, it downloads its configuration directly from the switch port. By storing the configuration information and images at the switch and automatically downloading them to the wireless devices, the task of configuring the devices is greatly simplified for the network administrator. This is particularly advantageous in heterogeneous network environments that support both wired and wireless devices, and where wireless device are readily moved to different ports.
摘要翻译: 公开了一种具有用于无线网络设备的统一的自适应管理范例的网络交换机。 交换机包括用于连接设备的可配置端口。 交换机上运行的软件应用程序允许网络管理员选择性地配置每个端口以支持有线设备或无线设备。 无线设备操作所需的配置信息和软件映像与端口相关联。 当无线设备首次插入交换机端口时,它直接从交换机端口下载其配置。 通过将配置信息和图像存储在交换机上并自动将其下载到无线设备,为网络管理员大大简化了配置设备的任务。 这在支持有线和无线设备以及无线设备容易地移动到不同端口的异构网络环境中特别有利。
-
4.发明授权Method and system for detecting and preventing access intrusion in a network 有权用于检测和防止网络中的访问入侵的方法和系统公开(公告)号:US07823199B1
公开(公告)日:2010-10-26
申请号:US10794203
申请日:2004-03-05
IPC分类号: G06F12/14 , G06F15/173 , G08B23/00 , H04W4/00
CPC分类号: H04L63/1408 , H04L63/1441
摘要: A wireless computer network includes components cooperating together to prevent access intrusions by detecting unauthorized devices connected to the network, disabling the network connections to the devices, and then physically locating the devices. The network can detect both unauthorized client stations and unauthorized edge devices such as wireless access points (APs). The network can detect intruders by monitoring information transferred over wireless channels, identifying protocol state machine violations, tracking roaming behavior of clients, and detecting network addresses being improperly used in multiple locations. Upon detecting an intruder, the network can automatically locate and shut off the physical/logical port to which the intruder is connected.
摘要翻译: 无线计算机网络包括通过检测连接到网络的未授权设备,禁止到设备的网络连接,然后物理地定位设备来协作在一起的组件来防止接入入侵。 网络可以检测未经授权的客户端站和未授权的边缘设备,如无线接入点(AP)。 该网络可以通过监视通过无线信道传输的信息,识别协议状态机违规,跟踪客户端的漫游行为以及检测多个位置中不正确使用的网络地址来检测入侵者。 检测到入侵者后,网络可以自动定位和关闭与入侵者连接的物理/逻辑端口。
-
-
-
搜索结果
4 条记录 (耗时 0.02 秒)
