Invention Grant
US08239929B2 Multiple tiered network security system, method and apparatus using dynamic user policy assignment
有权
多层网络安全系统,使用动态用户策略分配的方法和装置
- Patent Title: Multiple tiered network security system, method and apparatus using dynamic user policy assignment
- Patent Title (中): 多层网络安全系统,使用动态用户策略分配的方法和装置
-
Application No.: US12769626Application Date: 2010-04-28
-
Publication No.: US08239929B2Publication Date: 2012-08-07
- Inventor: Philip Kwan , Chi-Jui Ho
- Applicant: Philip Kwan , Chi-Jui Ho
- Applicant Address: US CA San Jose
- Assignee: Foundry Networks, LLC
- Current Assignee: Foundry Networks, LLC
- Current Assignee Address: US CA San Jose
- Agency: Nixon Peabody LLP
- Agent John P. Schaub
- Main IPC: G06F21/00
- IPC: G06F21/00 ; H04L9/32
Abstract:
A multiple key, multiple tiered network security system, method and apparatus provides at least three levels of security. The first level of security includes physical (MAC) address authentication of a user device being attached to the network, such as a user device being attached to a port of a network access device. The second level includes authentication of the user of the user device, such as user authentication in accordance with the IEEE 802.1x standard. The third level includes dynamic assignment of a user policy to the port based on the identity of the user, wherein the user policy is used to selectively control access to the port. The user policy may identify or include an access control list (ACL) or MAC address filter. Also, the user policy is not dynamically assigned if insufficient system resources are available to do so. Failure to pass a lower security level results in a denial of access to subsequent levels of authentication.
Public/Granted literature
- US20100223654A1 MULTIPLE TIERED NETWORK SECURITY SYSTEM, METHOD AND APPARATUS USING DYNAMIC USER POLICY ASSIGNMENT Public/Granted day:2010-09-02
Information query
