Aruba Networks Patent Grants

Spectrum-aware RF management and automatic conversion of access points to spectrum monitors and hybrid mode access points

Granted: January 17, 2017
Patent Number: 9549332
Methods of operating devices on a wireless network as access points (AP) or spectrum monitors (SM). An adaptive radio management (ARM) process operating on the digital network senses network conditions based on data from APs and SMs on the network, and in response to conditions changes devices from AP operation to SM operation, and from SM operation back to AP operation. A method for providing wideband spectrum analysis functions on a radio operating as an AP on a channel proving client…

Method and system for controlling access to shared devices

Granted: January 10, 2017
Patent Number: 9544331
A non-transitory computer readable medium includes computer readable program code including instructions for subsequent to a client device associating with an access point, receiving a request for a set of allowed shared devices, removing, by the access point and to obtain the set of allowed shared devices, a shared device from a set of shared devices based on a client device user of the client device failing to have a permission required by a device sharing policy of the shared device,…

Method and system for network service health check and load balancing

Granted: January 10, 2017
Patent Number: 9544332
A non-transitory computer readable medium includes instructions which, when executed by one or more network devices, causes performance of operations. The operations include sending, to shared devices, one or more status queries regarding one or more device conditions for each of the shared devices, obtaining responses to the one or more status queries from each of the plurality of shared devices, the responses including the one or more device conditions for each of the shared devices,…

Distributed method for client optimization

Granted: January 10, 2017
Patent Number: 9544840
The present disclosure discloses a distributed method and network device for providing client optimization in WLANs. Specifically, a first access point detects a plurality of client devices. The first access point also receives information identifying a first set of client devices associated with the second access point. Then first access point then identifies a subset of the detected plurality of client devices that are also identified in the first set of client devices associated with…

Authentication survivability for assigning role and VLAN based on cached radius attributes

Granted: December 27, 2016
Patent Number: 9531700
A system and method is described that allows the assignment of roles and/or VLANs to an authenticated client device even when an external remote authentication dial in user service (RADIUS) server is inaccessible. In particular, using RADIUS key-reply attributes stored locally after a previous successful authentication using the external RADIUS server, an internal RADIUS server may perform authentication and pass the stored RADIUS key-reply attributes to an authentication module for…

Method and system for aggregating WiFi signal data and non-WiFi signal data

Granted: December 13, 2016
Patent Number: 9521566
Methods of aggregating spectrum data captured from a narrowband radio to form a spectrum covering a much wider frequency band. Frequency data, such as FFT spectrum data captured from a narrowband receiver such as an IEEE 802.11 Wi-Fi receiver are combined to display representative real-time FFT, average FFT, and FFT duty cycle data of a wideband spectrum. Data is captured from narrow band radios such as access points, station monitors, or client devices on a wireless network. A wideband…

Provisioning devices for secure wireless local area networks

Granted: December 6, 2016
Patent Number: 9515824
Before establishing a connection between a first and a second devices, the first device determines whether a third device is a trusted or untrusted device. If it is a trusted device, the first device receives from the third device a public key and information indicating the public key of the second device; and, uses the public key by combining its own private key and the public key of the second device to generate a shared secret, and using the shared secret to communicate to the second…

Dynamic determination of transmission parameters based on packet priority and network conditions

Granted: December 6, 2016
Patent Number: 9515941
According to one embodiment, a non-transitory computer readable medium is described that comprises instructions which, when executed by one or more hardware processors, cause dynamic determination of one or more transmission parameters for transmitting a particular network packet of a plurality of network packets. The transmission parameters are determined based on (a) a classification associated with the particular network packet and (b) one or more current conditions. Subsequent to…

Device and method for split DNS communications

Granted: December 6, 2016
Patent Number: 9515988
Automatically configuring split DNS operation in a wireless network device connected to a network. The wireless network device snoops one or more exchanged DHCP messages to obtain domain name(s) associated with the organization that are now used as target domain name suffix(es) for split DNS operations. For subsequent DNS queries, information within the message is analyzed to determine if the request includes a domain delimiter. If no delimiter, the DNS query message is sent to an…

Location based access

Granted: December 6, 2016
Patent Number: 9516503
A non-transitory computer readable medium for location based access includes instructions which, when executed by one or more devices, causes performance of operations including identifying a physical location of a client device, determining that the physical location of the client device meets a criterion for allowing access through an entryway, identifying a permission level associated with the client device, determining that the permission level associated with the client device meets…

Dynamic use of RTS and/or CTS frames

Granted: December 6, 2016
Patent Number: 9516672
A method is described for intelligently toggling request-to-send/clear-to-send (RTS/CTS) mechanisms on and off for a channel between an access point and a client device. In particular, the method may determine one or more characteristics related to the transmission of frames and toggle RTS/CTS based on these characteristics. The characteristics may describe (1) the airtime used to transmit frames, (2) the data rate used to transmit frames, (3) traffic measurements on the wireless channel…

Synthetic client

Granted: November 29, 2016
Patent Number: 9509586
A system with a device including a hardware processor is configured to perform operations: receiving, by the device, a message over a wired medium, wherein the message has a frame including (a) a MAC address as a source MAC address for the frame and (b) a second MAC address as a destination MAC address for the frame, extracting, by the device, the frame from the message received over the wired medium, and wirelessly transmitting, by the device, the frame without modifying the source MAC…

Distributed virtual private network

Granted: November 29, 2016
Patent Number: 9509606
A system includes: multiple access points, the multiple access points including at least a first access point and a second access point; the system performs operations including: receiving, by the second access point from a client device, a data packet to be transmitted to a device outside of the system; forwarding the data packet by the second access point to the first access point; assigning, by the first access point, a first sequence number to the data packet to be used for…

Method and apparatus for displaying HTTPS block page without SSL inspection

Granted: November 29, 2016
Patent Number: 9509661
The present disclosure discloses a method and system for displaying an HTTPS block page without SSL inspection. Specifically, a network device snoops a first message transmitted between a client device and a network resource. The first message is transmitted as part of a SSL Handshake between the client device and the network resource to establish a SSL session. Moreover, the network device determines whether the client device is authorized to access the network resource. If not, the…

Provisioning remote access points

Granted: November 29, 2016
Patent Number: 9509746
Provisioning remote access points for use in a telecommunication network. A remote access point contains identity information established during manufacturing; this identity information may be in the nature of a digital certificate. The identity information is stored in the remote access point, and may be stored in a Trusted Platform Module if present. When the remote access node is powered up in unprovisioned state, outside the manufacturing environment, it attempts to establish an…

Location approximation and discovery of wired servers

Granted: November 29, 2016
Patent Number: 9509785
The present disclosure discloses a method and network device for providing location approximation and discovery of wired servers in a network. Specifically, a network device can store information indicating that a first client device, with a first set of one or more characteristics, selected a particular shared device from a plurality of shared devices of a first type. The network device then receives, from a second client device, a request for a shared device of the first type.…

Access control in bluetooth® low energy devices

Granted: November 29, 2016
Patent Number: 9510136
A computer readable medium comprising instructions which, when executed, cause performance of operations comprising: successfully establishing a Bluetooth connection between a Bluetooth Low Energy (BLE) device and another device, receiving, by the BLE device from the other device, a request for a change in a configuration, determining, by the BLE device, if the BLE device is in a configuration-changes-enabled state, responsive to determining that the BLE device is in a…

Intelligent handling of voice calls from mobile voice client devices

Granted: November 29, 2016
Patent Number: 9510233
The present disclosure discloses a method and network device for intelligent handling of voice calls from mobile voice client devices. In some embodiments, the network device detects that a load, corresponding to a plurality of client devices associated with an access point, exceeds a particular threshold value. In some embodiments, the network device detects that a call quality for a current ongoing call, corresponding to a first client device associated with an access point, is below a…

Wireless client position estimating system and method

Granted: November 29, 2016
Patent Number: 9510315
The present invention comprises a system and method for determining an estimated position of a wireless mobile client device operating in a communications environment covered by a wireless local area network. The received signal strength of the wireless mobile client device is measured by one or more access points serving devices in the communications environment. In a preferred embodiment, the error between the received signal strength measured by the access points and the expected…

Dynamic user-configurable information element

Granted: November 29, 2016
Patent Number: 9510329
According to one embodiment of the invention, a system for providing a dynamic user-customizable beacon information element (IE) is described. One embodiment of the system comprises an access point comprising a hardware processor wherein the system is configured to perform operations comprising: periodically transmitting, by an access point, a first beacon frame comprising a plurality of IEs, based on user input, configuring at least one IE of the plurality of IEs in the first beacon…