Deep packet inspection (DPI) aware client steering and load balancing in wireless local area network (WLAN) infrastructure
Granted: December 5, 2017
Patent Number:
9838948
Methods and systems are described for intelligently steering client devices operating in an enterprise network system to an appropriate access point based on types of traffic on each client device and/or types of traffic on access points. In particular, client devices may be moved to a different access point when the wireless channel provided by a current access point fails to meet the signal strength requirements of latency sensitive traffic utilized by the client device. Client devices…
Virtual local area network mismatch detection in networks
Granted: December 5, 2017
Patent Number:
9838219
The present disclosure discloses a method and network device for providing VLAN mismatch detection in networks. Specifically, a network device monitors a plurality of packets received by a first device from a second device to identify a first set of VLAN identifiers indicated by at least one of the plurality of packets. The network device receives from a third device at least one packet tagged with a particular VLAN identifier, whereas the at least one packet to be forwarded by the first…
Infrastructure coordinated media access control address assignment
Granted: November 28, 2017
Patent Number:
9832639
Described herein are systems, devices, techniques and products for managing the dynamic assignment of media access control (MAC) addresses to wireless network devices, such as by identifying a dynamically assigned MAC address before, after, or during a wireless association process and communicating the dynamically assigned MAC address to a wireless network device. Also disclosed are systems, devices, techniques and products for preventing a denial of service attack on a wireless access…
Mesh node role discovery and automatic recovery
Granted: November 21, 2017
Patent Number:
9826571
Embodiments of the present disclosure provide for configuring and managing mesh nodes during occasional failure of mesh nodes or addition of new mesh nodes. The disclosed system first determines whether a mesh node is a mesh portal or a mesh point. If it is a mesh portal, the mesh node will advertise its capacity as a mesh portal to other mesh nodes in the network. If it is a mesh point, the mesh node attempts to automatically recover connection to the wireless mesh network if it…
Wireless client traffic continuity across controller failover and load-balancing
Granted: November 21, 2017
Patent Number:
9826449
A non-transitory computer readable medium comprising instructions which causes performance of operations comprising: receiving, by a second network coordination device, current state information of a client device, including a transmit counter and a receive counter, from a first network coordination device, wherein the first network coordination device is a primary network coordination device for the client device and the second network coordination device is a standby coordination…
Dynamic detection and application-based policy enforcement of proxy connections
Granted: November 21, 2017
Patent Number:
9825909
The present disclosure discloses a method and a network device for performing dynamic detection and application-based policy enforcement of proxy connections in a network. Specifically, a network device receives, from a client device, a packet in a session. The network device then determines whether the packet is transmitted to a proxy. In response to determining that the packet is associated with a different application classification or web content category during the same session, the…
Enhancing MU-MIMO to group clients across multiple BSSIDs for a physical radio
Granted: November 21, 2017
Patent Number:
9825684
MU-MIMO provides a mechanism for a wireless network device to transmit to multiple client devices at the same time. When employing MU-MIMO, a network device may group two or more associated client devices, and transmit beamformed signals to each group. In some implementations, a network device may initiate channel sounding. Channel sounding may include transmitting sounding frames to client devices associated with two or more basic service sets. Channel sounding may facilitate…
Method for using mobile devices with validated user network identity as physical identity proof
Granted: November 21, 2017
Patent Number:
9824193
The present disclosure discloses a method and network device for using mobile devices with validated user network identity as physical identity proof. Responsive to successfully authenticating a client device for network access, a system generates a network credential for the client device and transmits the network credential to the client device. Further, the system detects that the client device is within a range of a short range wireless device that is associated with a particular…
Automatic generation of forms for device configuration
Granted: November 21, 2017
Patent Number:
9824080
The present disclosure discloses a method and network device for automatic generation of forms for device configurations. Specifically, a network device receives a static configuration document from a user. The network device waits for a content creator to parse through the configuration document and tag various dynamic fields with supported dynamic content tags. The network device can then extract the dynamic variables from the processed document and generate forms to present to the…
Voice call handover
Granted: November 7, 2017
Patent Number:
9813979
Transitioning voice clients among network resources. A network monitor using IEEE 802.11e QBSS Load IE elements monitors the load on one or more wireless access points. When the load on an access point, as reported in the QBSS Load Element IE exceeds a predetermined threshold, the network monitor sends a message to that AP which causes the AP to send BSS Transition Management Request frames to all connected voice clients which are currently idle. The information passed to the AP and then…
Determining packet priority based on a location associated with a client device
Granted: October 24, 2017
Patent Number:
9800686
A non-transitory computer readable medium storing instructions which, when executed by one or more hardware processors, causes performance of operations including: determining a location associated with a client device, assigning a priority to packets, received from the client device or targeted for the client device, based at least on the location associated with the client device, and processing packets based on the priority assigned to the packets.
Control plane protection for various tables using storm prevention entries
Granted: October 24, 2017
Patent Number:
9800503
The present disclosure discloses a method and network device for control plane protection for various tables using storm prevention entries. Specifically, the disclosed system receives a first packet, and creates an inactive entry in a table. The system then forwards the first packet from a first processor to a second processor for processing. Also, the system associates the inactive entry with a timestamp indicating when the first packet is forwarded to the second processor, and…
Testing by simulation using variations of real-time traffic
Granted: October 24, 2017
Patent Number:
9800490
A system with at least one device including a hardware processor, performs the steps of receiving, by the system, a packet from a second system to be transmitted to a third system, forwarding, by the system to the third system, the packet received from the second system; modifying a portion of the packet to obtain a modified packet that falsely identifies a fourth system as a source of the modified packet, and transmitting, by the system to the third system, the modified packet…
Precise and custom location based service discovery application for wired and wireless devices
Granted: October 10, 2017
Patent Number:
9788154
The present disclosure discloses a method and network device for providing precise and custom location based service discovery application for wired and wireless devices. Specifically, a network device determines a location of a client device. The network device also identifies a first region including the location of the client device, and identifies at least one network device associated with the first region. Responsive at least to determining that the at least one network device is…
Geographic proximity based service discovery
Granted: October 10, 2017
Patent Number:
9787778
According to one embodiment of the invention, a method comprises an operation of determining, by a first digital device, a location of a second digital device providing a network service. Thereafter, information is provided to a digital device requesting the network service based on the determined location of the second digital device.
Centralized configuration with dynamic distributed address management
Granted: October 10, 2017
Patent Number:
9787632
The present disclosure discloses a network device and/or method for centralized configuration with dynamic distributed address management. The disclosed network device receives, at a first network node, a range of sub network addresses and a specified size for a sub network. The disclosed network device then divides the range of sub network addresses into a plurality of sub-ranges of sub network addresses based on the specified size. Further, the network device allocates the plurality of…
Estimating a relative difference between signal strengths of wireless signals received by a device
Granted: September 26, 2017
Patent Number:
9775102
Methods and systems are described for determining an optimal access point for a client device based on the relative difference between signal strengths of wireless signals received by the client device from access points. In particular, the signal strengths of wireless signals received by a client device from access points are determined without receipt of signal strength and/or transmit power information from the client device. Instead, the signal strength difference value may be…
Distributed media classification algorithm in a service controller platform for enhanced scalability
Granted: September 19, 2017
Patent Number:
9769233
A network system and the method is described that splits media identification logic and media classification and/or general data session processing/management logic into separate controllers (e.g., between the local controllers and a service controller). By separating media identification logic and media classification logic (or general media processing/management logic), the system and method allows for greater flexibility and scalability in a network system employing a service…
Dynamic host configuration protocol release on behalf of a user
Granted: September 5, 2017
Patent Number:
9756148
The present disclosure discloses a method and a network device for performing DHCP release on behalf of a user in dynamic network environments. Specifically, a network device determines that a client device is no longer using a first Internet Protocol (IP) address assigned to the client device. In response to the determining that the client device is no longer using the first IP address, the network device then generates a Dynamic Host Configuration Protocol (DHCP) release message on…
Method and system for partitioning wireless local area network
Granted: September 5, 2017
Patent Number:
9756682
The present disclosure discloses a method and system for partitioning WLAN in order to separate network traffic from different WLANs. Specifically, a network device receives a packet from a client connected to a first network device on an access network. The network device then determines that the received packet is associated with a VLAN that is pre-configured on the first network device based on the access network to which the client is connected. Furthermore, the network device…
