Aruba Networks Patent Applications

SYSTEM AND METHOD FOR PROVIDING CONTEXT-BASED ANTICIPATORY DYNAMIC RESOURCE RESERVATION

Granted: January 26, 2017
Application Number: 20170026980
Described herein are systems, devices, techniques and products for operating network devices, such as wireless access points, in a network environment. For example, wireless client devices may have resources reserved for their use by a network device if the wireless client device is categorized for such resource reservation, such as if the wireless client device is categorized as more important than other wireless client devices. Such categorization may be indicated by a context…

HETEROGENEOUS DEPLOYMENT OF ACCESS POINT CLUSTERS

Granted: January 26, 2017
Application Number: 20170027004
Described herein are systems, devices, techniques and products for configuration of access points in access point clustering environments. For example, access points are provided that self-discover existing access point clusters present on a single layer 2 broadcast domain or virtual local area network (VLAN). The access points may join one of the existing access point clusters or establish a new access point cluster, depending on compatibility or capacity, for example. Access point…

USE OF LINK LAYER DISCOVERY PROTOCOL-MEDIA ENDPOINT DISCOVERY TO AVOID FALSE LEGACY POWERED DEVICE DETECTION IN POWER OVER ETHERNET SYSTEMS AND NETWORKS

Granted: January 12, 2017
Application Number: 20170010645
Described herein are systems, devices, techniques and products for minimizing disruption to network systems due to false detection of a Power over Ethernet (PoE) Power Sourcing Equipment (PSE) as a Powered Device (PD). The disclosed systems, devices, techniques and products provide a way for a PSE to identify itself and avoid being detected as a legacy PD. The disclosed systems, devices, techniques and products further provide a way for a PSE to identify devices that do not require power…

INFRASTRUCTURE COORDINATED MEDIA ACCESS CONTROL ADDRESS ASSIGNMENT

Granted: January 12, 2017
Application Number: 20170012935
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…

INFRASTRUCTURE COORDINATED MEDIA ACCESS CONTROL ADDRESS ASSIGNMENT

Granted: January 12, 2017
Application Number: 20170013445
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…

WIRELESS ASSOCIATION TABLE DENIAL OF SERVICE PREVENTION

Granted: January 12, 2017
Application Number: 20170013447
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…

INFRASTRUCTURE COORDINATED MEDIA ACCESS CONTROL ADDRESS ASSIGNMENT

Granted: January 12, 2017
Application Number: 20170013448
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…

INFRASTRUCTURE COORDINATED MEDIA ACCESS CONTROL ADDRESS ASSIGNMENT

Granted: January 12, 2017
Application Number: 20170013449
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…

DISTRIBUTED MEDIA CLASSIFICATION ALGORITHM IN A SERVICE CONTROLLER PLATFORM FOR ENHANCED SCALABILITY

Granted: December 1, 2016
Application Number: 20160352796
A network system and the method is described that splits media identification logic and media classification and/or general data session processing/management logic into separate controllers (e.g., between the local controllers and a service controller). By separating media identification logic and media classification logic (or general media processing/management logic), the system and method allows for greater flexibility and scalability in a network system employing a service…

DISTRIBUTED CALL ADMISSION CONTROL ON UNITY RADIO IN A CLUSTER DEPLOYMENT

Granted: December 1, 2016
Application Number: 20160353261
Various techniques and systems are provided for executing call admission control in a cluster deployment including the sharing of call and capacity information between controllers in a cluster to make call capacity decisions for an access point. Implementations describe devices, computer-program products, and methods including a controller managing an access point retrieving access point capacity information from a storage library; receiving a call communication to initiate a call,…

OPTIMIZING THE USE OF SHARED RADIO FREQUENCY MEDIUM USING INTELLIGENT SUPPRESSION OF PROBE REQUEST FRAMES

Granted: September 1, 2016
Application Number: 20160255661
Described herein are systems, methods and computer program products for controlling operation of wireless network devices, such as wireless access points and wireless client devices. The techniques described simplify the process of associating wireless devices with wireless networks. Wireless devices can associate with a wireless access point without knowing details of the wireless access point, such as a service set identifier (SSID). Upon associating with a wireless access point,…

IGMP/MLD LEAVE UPON CLIENT DISASSOCIATION OR USER IDLE TIMER EXPIRY

Granted: May 5, 2016
Application Number: 20160127221
According to one embodiment, a non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operation comprising: determining that a client device, in a first Internet Protocol (IP) subnet, is subscribed to a multicast group; determining that the client device is no longer in the first IP subnet; responsive to determining that the client device is no longer in the first IP subnet, transmitting a message on…

METHOD AND APPARATUS FOR DISPLAYING HTTPS BLOCK PAGE WITHOUT SSL INSPECTION

Granted: May 5, 2016
Application Number: 20160127317
The present disclosure discloses a method and system for displaying an HTTPS block page without SSL inspection. Specifically, a network device snoops a first message transmitted between a client device and a network resource. The first message is transmitted as part of a SSL Handshake between the client device and the network resource to establish a SSL session. Moreover, the network device determines whether the client device is authorized to access the network resource. If not, the…

PARTITIONING DATA SETS FOR TRANSMISSION ON MULTIPLE PHYSICAL LINKS

Granted: May 5, 2016
Application Number: 20160127520
The present disclosure discloses a method and a network device for partitioning data sets for transmission on multiple physical links in a network. Specifically, a network device receives a particular data set addressed to a client device. The network device partitions the particular data set into at least a first subset of data and a second subset of data. Then, the network device encapsulates the first subset of data using a first header and encapsulating the second subset of data…

PERIODIC HIGH POWER BEACON BROADCASTS

Granted: May 5, 2016
Application Number: 20160128105
Described herein are systems, methods and computer program products for controlling operation of wireless beacons, such as Bluetooth Low Energy beacons. Multiple beacons may be controlled centrally or may work together in a cooperative fashion such that signals can be exchanged between or repeated by beacons in order to allow for signals received at one beacon to reach another beacon without requiring further central interaction. Power settings of beacons may be altered to change power…

DYNAMIC ADAPTIVE APPROACH FOR FAILURE DETECTION OF NODE IN A CLUSTER

Granted: April 28, 2016
Application Number: 20160117213
The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a…

METHOD AND APPARATUS FOR CONTENT FILTERING ON SPDY CONNECTIONS

Granted: April 28, 2016
Application Number: 20160119288
The present disclosure discloses a method and a network device for performing content filtering on SPDY connections. Specifically, a network device receives, from a client device, a first control frame identifying a first maximum number of unsolicited unacknowledged messages related to a web resource that can be transmitted by a web server. The network device transmits to the web server a second control frame identifying a second and different maximum number of unsolicited unacknowledged…

SESSION AWARE ACCESS POINT LOAD BALANCING

Granted: April 28, 2016
Application Number: 20160119819
The present disclosure discloses a method and a network device for session aware access point load balancing. Specifically, a network device monitors data corresponding to a plurality of client devices associated with a first access point. Then, the network device determines whether the data matches particular criteria. Responsive to determining that the data matches the particular criteria, the network device select at least a first client device of the plurality of client devices for…

EFFICIENT ROAMING OF MOBILE CLIENTS

Granted: April 28, 2016
Application Number: 20160119838
The present disclosure discloses a method and a network device for efficient mobile client device roaming in a wireless local area network with multiple access points. Specifically, a network device determines a first received signal strength value for a first set of signals transmitted between a client device and a first access point during a first time period; and, determines a second received signal strength value for a second set of signals transmitted between a client device and the…

METHOD AND SYSTEM FOR DETECTING USE OF WRONG INTERNET PROTOCOL ADDRESS

Granted: April 21, 2016
Application Number: 20160112286
The present disclosure discloses a method and a network device for detecting use of wrong IP addresses by wireless client devices. Specifically, the network device maintains a range of valid IP addresses for a particular IP subnet. Also, the network device receives a message from a wireless client device by an access point on the particular IP subnet. The network device then determines a source IP address in the message received on the particular IP subnet. Further, the network device…