ARUBA NETWORKS, INC. Patent applications |
Patent application number | Title | Published |
20160128105 | PERIODIC HIGH POWER BEACON BROADCASTS - Described herein are systems, methods and computer program products for controlling operation of wireless beacons, such as Bluetooth Low Energy beacons. Multiple beacons may be controlled centrally or may work together in a cooperative fashion such that signals can be exchanged between or repeated by beacons in order to allow for signals received at one beacon to reach another beacon without requiring further central interaction. Power settings of beacons may be altered to change power consumption or to change a detectable range of the beacons. | 05-05-2016 |
20160127520 | PARTITIONING DATA SETS FOR TRANSMISSION ON MULTIPLE PHYSICAL LINKS - The present disclosure discloses a method and a network device for partitioning data sets for transmission on multiple physical links in a network. Specifically, a network device receives a particular data set addressed to a client device. The network device partitions the particular data set into at least a first subset of data and a second subset of data. Then, the network device encapsulates the first subset of data using a first header and encapsulating the second subset of data using a second header that results in (a) data with the first header being transmitted on a first physical link and (b) data with the second header being transmitted on a second physical link different than the first physical link. Finally, the network device transmits the first subset of data with the first header and the second subset of data with the second header. | 05-05-2016 |
20160127317 | METHOD AND APPARATUS FOR DISPLAYING HTTPS BLOCK PAGE WITHOUT SSL INSPECTION - The present disclosure discloses a method and system for displaying an HTTPS block page without SSL inspection. Specifically, a network device snoops a first message transmitted between a client device and a network resource. The first message is transmitted as part of a SSL Handshake between the client device and the network resource to establish a SSL session. Moreover, the network device determines whether the client device is authorized to access the network resource. If not, the network device blocks the establishment of a SSL session between the client device and the network resource, and spoofs the network resource for establishing the SSL session between the client device and the network device instead of establishment of the SSL session between the client device and the network resource. Otherwise, the network device refrains from blocking the establishment of the SSL session between the client device and the network resource. | 05-05-2016 |
20160127221 | IGMP/MLD LEAVE UPON CLIENT DISASSOCIATION OR USER IDLE TIMER EXPIRY - According to one embodiment, a non-transitory computer readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operation comprising: determining that a client device, in a first Internet Protocol (IP) subnet, is subscribed to a multicast group; determining that the client device is no longer in the first IP subnet; responsive to determining that the client device is no longer in the first IP subnet, transmitting a message on behalf of the client device to unsubscribe the client device from the multicast group is shown. | 05-05-2016 |
20160119838 | EFFICIENT ROAMING OF MOBILE CLIENTS - The present disclosure discloses a method and a network device for efficient mobile client device roaming in a wireless local area network with multiple access points. Specifically, a network device determines a first received signal strength value for a first set of signals transmitted between a client device and a first access point during a first time period; and, determines a second received signal strength value for a second set of signals transmitted between a client device and the access point during a second time period. Based on the first and the second signal strength values, the network device computes a change in signal strength value corresponding to wireless communication between the client device and the first access point. Based on the change in signal strength value, the network device selects the access point from a plurality of access points for providing network access to the client device. | 04-28-2016 |
20160119819 | SESSION AWARE ACCESS POINT LOAD BALANCING - The present disclosure discloses a method and a network device for session aware access point load balancing. Specifically, a network device monitors data corresponding to a plurality of client devices associated with a first access point. Then, the network device determines whether the data matches particular criteria. Responsive to determining that the data matches the particular criteria, the network device select at least a first client device of the plurality of client devices for disassociation and/or de-authentication. Moreover, the network device causes disassociation and/or de-authentication of the first client device from the first access point. | 04-28-2016 |
20160119288 | METHOD AND APPARATUS FOR CONTENT FILTERING ON SPDY CONNECTIONS - The present disclosure discloses a method and a network device for performing content filtering on SPDY connections. Specifically, a network device receives, from a client device, a first control frame identifying a first maximum number of unsolicited unacknowledged messages related to a web resource that can be transmitted by a web server. The network device transmits to the web server a second control frame identifying a second and different maximum number of unsolicited unacknowledged messages related to the web resource that can be transmitted by the web server. In some embodiments, the network device establishes a first connection with the client device without forwarding the request to the web server, and a second connection with the web server. Further, the network device inspects data in the unsolicited unacknowledged messages and forwards at least portion of the data to the client device using the first connection. | 04-28-2016 |
20160117213 | DYNAMIC ADAPTIVE APPROACH FOR FAILURE DETECTION OF NODE IN A CLUSTER - The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a first frequency for transmitting a heartbeat protocol message between the first device and the second device, and transmits a heartbeat protocol message between the first device and the second device at the first frequency. | 04-28-2016 |
20160112520 | METHOD AND SYSTEM FOR CLIENT ASSOCIATION MANAGEMENT BASED ON ESTIMATED SESSION DURATION - The present disclosure discloses a method and a network device for client association management based on estimated session duration. Specifically, a network device determines that a client device is on an active session. The client device is associated with a first access point of a plurality of access points. The network then estimates a remaining duration of the active session to obtain an estimated remaining duration. Responsive at least to the estimated remaining duration of the active session being greater than a threshold value, the network device causes the client device to associate with a second access point different than the first access point. Responsive at least to the estimated remaining duration of the active session being less than the threshold value, the network device refrains from causing the client device to associate with the second access point. | 04-21-2016 |
20160112370 | METHOD AND SYSTEM FOR CAUSING CLIENT TO RENEW DYNAMIC HOST CONFIGURATION PROTOCOL INTERNET PROTOCOL ADDRESS BASED ON LINK LOCAL ADDRESSES - The present disclosure discloses a method and a network device for causing client devices to renew DHCP IP addresses based on link local addresses. Specifically, the network device provides for detecting that a wireless client device has been self-assigned with an automatic IP address, and for de-authenticating the wireless client device such that the wireless client device restarts the authentication process and the DHCP process subsequently without excessive delay. In particular, the network device may receive a packet from a wireless client device. The network device then determines that a source or destination IP address of a received packet corresponding to the wireless client device is a link local IP address. Responsive to determining that the source IP address is a link local IP address, the network device transmits at least one message that causes the wireless client device to request a new IP address. | 04-21-2016 |
20160112286 | METHOD AND SYSTEM FOR DETECTING USE OF WRONG INTERNET PROTOCOL ADDRESS - The present disclosure discloses a method and a network device for detecting use of wrong IP addresses by wireless client devices. Specifically, the network device maintains a range of valid IP addresses for a particular IP subnet. Also, the network device receives a message from a wireless client device by an access point on the particular IP subnet. The network device then determines a source IP address in the message received on the particular IP subnet. Further, the network device determines that the source IP address does not match the range of valid IP addresses for the particular IP subnet. Responsive at least to determining that the source IP address does not match the range of valid IP addresses for the particular IP subnet, the network device transmits at least one message that causes the wireless client device to request a new IP address. | 04-21-2016 |
20160094938 | ADVERTISING AND PROFILING USER LOCATION TO UNIFIED COMMUNICATION SUITE IN ENTERPRISE WIRELESS NETWORKS - The present disclosure discloses a method and a network device for advertising and profiling user location to unified communication suite in enterprise wireless environments. Specifically, a network device can determine a location of a first client device corresponding to a user. Based at least on the location of the first client device corresponding to the user, the network device can infer a status for the first user. Further, the network device can display, store and/or transmit the inferred status for the user on an enterprise wireless network. The status has not been explicitly indicated by the user. | 03-31-2016 |
20160065578 | Method and System for Controlling Access to Shared Devices - A non-transitory computer readable medium includes computer readable program code including instructions for snooping a message from a client device addressed to a particular IP address corresponding to a shared device; determining whether the client device has authorization to access the shared device; responsive to determining that the client device does not have authorization to access the shared device, refraining from forwarding the message to the particular IP address; and responsive to determining that the client device has authorization to access the shared device, forwarding the message to the particular IP address. | 03-03-2016 |
20160064830 | ALFORD LOOP ANTENNAS WITH PARASITIC ELEMENTS - According to one embodiment of the invention, a network device comprises a plurality of antennas comprising a first antenna, wherein the first antenna comprises: a first set of one or more elements that form an Alford loop and that is configured for electrical excitation via a current transmitted over a conductive medium from a signal source and a second set of one or more elements that is configured for electromagnetic induction without contact with the conductive medium from the signal source. | 03-03-2016 |
20160037458 | METHOD AND SYSTEM FOR ADAPTIVE CELL SIZE MANAGEMENT - The present disclosure discloses a method and system for adaptive cell size management. The system can determine a minimum SNR value and one or more current environmental factors for a particular environment. Also, the system dynamically determines a minimum signal strength value for receiving wireless signals based on the minimum SNR value and the one or more current environmental factors, and configures a network device to receive signals with the minimum signal strength value. Alternatively, the system can estimate a particular coverage area such that a first set of wireless signals transmitted by devices located within the particular coverage area reach a network device at a minimum signal strength. The system then computes a transmission power such that a second set of wireless signals transmitted by the network device at the transmission power reaches an edge of the particular coverage area at a particular signal strength value. | 02-04-2016 |
20160037384 | NON-BLOCKING UPLINK ARCHITECTURE FOR ACCESS POINTS - The present disclosure discloses a method and a non-blocking uplink architecture for access points augmented by client association based load balancing. Specifically, an access point (AP) can receive a first data set using a particular radio of a plurality of radios, and then transmit the first data set to a network device by: (a) transmitting, to the network device, a first subset of the first data set using a first wired connection between the access point and the network device, and (b) transmitting, to the network device, a second subset of the first data set using a second wired connection between the access point and the network device. Moreover, the AP can select a particular wired connection for transmitting a subset data received from a radio of the AP to the network device, where multiple wired connections exist between the access point and the network device. | 02-04-2016 |
20160036794 | DETERMINING WHETHER TO USE A LOCAL AUTHENTICATION SERVER - The present disclosure discloses a method and a system for determining whether to use a local authentication server. Specifically, a first network device executing a first authentication server receives a request for authentication from a client device. The first network device determines whether the client device was previously successfully authenticated by a second authentication server executing on a second network device within a particular period of time. If so, the first network device attempts to authenticate the client device using the first authentication server. Otherwise, the first network device declines the request for authentication from the client device. | 02-04-2016 |
20160036770 | METHOD TO CONTROL DYNAMIC HOST CONFIGURATION PROTOCOL POOL EXHAUSTION IN DYNAMIC NETWORK ENVIRONMENTS - The present disclosure discloses a method and a network device for controlling DHCP pool exhaustion in dynamic network environments. Specifically, a network device determines that a client device is assigned an Internet Protocol (IP) address by a DHCP server. The network device detects that the client device is disconnected from a network associated with the IP address, for example, by receiving a de-association message from the client device; determining that a session or an entry corresponding to the client device has timed out; determining that the client device has failed to respond to one or more messages transmitted to the client device; determining that the client device has connected to another network different than said network; etc. In response, the network device then generates a DHCP release message on behalf of the client device, and transmits the DHCP release message to the DHCP server. | 02-04-2016 |
20160036634 | ZERO TOUCH CONFIGURATION SUPPORT FOR UNNIVERSAL SERIAL BUS MODEM ON A NETWORK DEVICE - The present disclosure discloses a method and a network device for zero touch configuration support for universal serial bus (USB) modem on a network device. Specifically, an access point determines an identifier of a network device connected to the access point, and location information corresponding to the access point. Based at least on the identifier of the network device and the location information corresponding to the access point, the access point selects a particular configuration, of a plurality of configurations, for the network device. Specifically, the particular configuration selected for the network device is suitable for a geographical location associated with the location information. | 02-04-2016 |
20160035159 | METHOD FOR USING MOBILE DEVICES WITH VALIDATED USER NETWORK IDENTITY AS PHYSICAL IDENTITY PROOF - The present disclosure discloses a method and network device for using mobile devices with validated user network identity as physical identity proof. Responsive to successfully authenticating a client device for network access, a system generates a network credential for the client device and transmits the network credential to the client device. Further, the system detects that the client device is within a range of a short range wireless device that is associated with a particular physical action. Consequently, the system validates the network credential that the client device possesses. Based on the network credential, the system determines that the client device has permissions for performing the particular physical action, and causes performance of the particular physical action. | 02-04-2016 |
20160028650 | METHOD AND SYSTEM FOR A USER TO CREATE FAVORITE SERVER LISTS FOR MULTIPLE SERVICES - The present disclosure discloses a method and system for a user to create favorite server lists for multiple services. Specifically, a network device receives a request for a particular service from a client device. Then, from a plurality of network devices that include functionality to provide the particular service, the network device selects a first subset of network devices based on stored data indicating that the first subset of network devices is associated with the client device. The network device further orders the plurality of network devices to obtain an ordered list such that the first subset of network devices is in a more preferred order than a second subset of network devices that are not included in the stored data. The network device next transmits, to the client device, information identifying the first subset of network devices as available devices for providing the particular service. | 01-28-2016 |
20160027091 | PRODUCT IDENTIFICATION BASED ON LOCATION ASSOCIATED WITH IMAGE OF PRODUCT - According to one embodiment of the invention, a system for creating a virtual shopping cart based on location information embedded in an image and the results of image recognition performed on the image is described. One embodiment of the system comprises an access point comprising a hardware processor wherein the system is configured to perform operations comprising: obtaining a first image, of a particular product, taken by a device operated by a user, identifying a first physical location of the device when the image was taken by the device, based on the first physical location, filtering a set of images corresponding to a plurality of products to obtain a first subset of images that are stored in association with the first physical location, and comparing the first image to the first subset of images to identify a product, from the plurality of products, that matches the particular product. | 01-28-2016 |
20160021564 | INTELLIGENT HANDLING OF VOICE CALLS FROM MOBILE VOICE CLIENT DEVICES - The present disclosure discloses a method and network device for intelligent handling of voice calls from mobile voice client devices. In some embodiments, the network device detects that a load, corresponding to a plurality of client devices associated with an access point, exceeds a particular threshold value. In some embodiments, the network device detects that a call quality for a current ongoing call, corresponding to a first client device associated with an access point, is below a first threshold value. In response, the network device selects a particular client device, of the plurality of client devices associated with the access point, for disassociation with the access point. The network device then causes the particular client device to disassociate with the access point. | 01-21-2016 |
20160021550 | MULTICAST AWARE BEAMFORMING FOR WIRELESS LOCAL AREA NETWORKS - The present disclosure discloses a method and network device for providing a multicast aware beamforming mechanism in a WLAN. Specifically, a network device receives a multicast message to be transmitted to a plurality of client devices. The network devices then selects a first subset of client devices of the plurality of client devices for focusing a directional radiation pattern, and transmits the multicast message using the directional radiation pattern to the plurality of client devices. Note that, the multicast message is successfully received by each of the plurality of client devices. Further, the plurality of client devices includes (a) the first subset of client devices that are located in an approximate direction of the focus of the directional radiation pattern and (b) a second subset of client devices that are located in a different direction than the focus of the directional radiation pattern. | 01-21-2016 |
20160021214 | LOCATION APPROXIMATION AND DISCOVERY OF WIRED SERVERS - The present disclosure discloses a method and network device for providing location approximation and discovery of wired servers in a network. Specifically, a network device can store information indicating that a first client device, with a first set of one or more characteristics, selected a particular shared device from a plurality of shared devices of a first type. The network device then receives, from a second client device, a request for a shared device of the first type. Subsequently, the network device determines that the second client device is associated with the same first set of characteristics as the first client device that selected the particular shared device. Responsive to such determination, the network device presents the particular shared device as an option for selection by the second client device. | 01-21-2016 |
20160021205 | AUTOMATIC DETECTION OF VIP GUESTS ON WIRELESS NETWORKS - The present disclosure discloses a method and network device for automatic detection of VIP guests on wireless networks. The network device can receive a request for network access, by a client device used by a guest user, at a location associated with an entity. Furthermore, the network device can identify characteristics of a sponsor of the guest user, the sponsor being associated with the entity; and/or email domain for the guest user; and/or characteristics of a particular check-in station at which the guest user checked in for access at the location associated with the entity. The network device then determines a set of one or more characteristics of the network access by the client device used by the guest user, and provides the client device used by the guest user network access per the determined set of characteristics of the network access. | 01-21-2016 |
20160021194 | DYNAMIC DETECTION OF INACTIVE VIRTUAL PRIVATE NETWORK CLIENTS - The present disclosure discloses a method and network device for dynamic detection of inactive virtual private network clients. Specifically, a network device receives periodic messages from a first device at a first interval, and determines a timeout value for the first device based at least on the first interval, at which the periodic messages are received from the first device. Subsequent to determining the timeout value, the network device detects that a message has not been received from the first device for a period of time corresponding to the timeout value for the first device. The network device then terminates at least one connection with the first device responsive to determining that no message has been received from the first device for the period of time corresponding to the timeout value for the first device. | 01-21-2016 |
20150381434 | COLOR CODED INTERFACE TO VISUALIZE RADIO FREQUENCY ISSUES ON A FLOOR PLAN - A non-transitory computer readable medium includes instructions which, when executed by one or more hardware processors, cause performance of obtaining a performance measurement and a physical location for client devices, generating visual representations corresponding to the client devices by: for each client device generating a corresponding visual representation based on a respective performance measurement for that client device, and displaying a map of a physical environment with the visual representations, with each visual representation displayed on a location in the map that corresponds to a location of the corresponding client device. | 12-31-2015 |
20150327149 | Secure Hotspot Roaming - Secure hotspot roaming in wireless networks. An enterprise works with one or more hotspot providers to provide secure access to its clients through hotspot locations. The enterprise provides the (hotspot) service provider (SP), with the addresses of enterprise controllers used for client authentication. The SP maintains a database which maps the enterprise realm to the address of the enterprise controller. When a client connects to a hotspot access point (AP), the hotspot AP sends client information such as MAC address to a SP controller. The SP controller determines if the client is new or already known. If the client is known and the realm associated with the client has an entry in the realm to enterprise database, the hotspot AP is instructed to begin client authentication with the specified enterprise controller. If the client is unknown, authentication begins with the SP controller, and the client is queried for realm information. | 11-12-2015 |
20150327090 | Method and System for Aggregating Wifi Signal Data and Non-Wifi Signal Data - Methods of aggregating spectrum data captured from a narrowband radio to form a spectrum covering a much wider frequency band. Frequency data, such as FFT spectrum data captured from a narrowband receiver such as an IEEE 802.11 Wi-Fi receiver are combined to display representative real-time FFT, average FFT, and FFT duty cycle data of a wideband spectrum. Data is captured from narrow band radios such as access points, station monitors, or client devices on a wireless network. A wideband spectrum may be aggregated from data captured from one or from multiple devices. Data may be stored for later analysis and display. | 11-12-2015 |
20150327024 | Multicast Transmissions in a Network Environment With User Anchor Controllers - According to one embodiment of the invention, a non-transitory computer readable medium for improving the scalability and redundancy of a wireless communications network. One embodiment of the non-transitory computer readable medium comprises instructions that determine whether a same data stream is being received by a first access point from each of two or more network devices of a plurality of network devices, responsive at least to the determining operation, select a particular network device, of the plurality of network devices, for transmitting the data stream to the first access point, and configure the plurality of network devices such that the particular network device transmits the data stream to the first access point without any other network devices in the plurality of network devices transmitting the same data stream to the first access point. | 11-12-2015 |
20150319728 | Precise and Custom Location Based Service Discovery Application for Wired and Wireless Devices - The present disclosure discloses a method and network device for providing precise and custom location based service discovery application for wired and wireless devices. Specifically, a network device determines a location of a client device. The network device also identifies a first region including the location of the client device, and identifies at least one network device associated with the first region. Responsive at least to determining that the at least one network device is associated with the first region that comprises the location of the client device, the network device selects the at least one network device, from a set of network devices, for presenting as an available resource to the client device. | 11-05-2015 |
20150319657 | Distributed Method for Client Optimization - The present disclosure discloses a distributed method and network device for providing client optimization in WLANs. Specifically, a first access point detects a plurality of client devices. The first access point also receives information identifying a first set of client devices associated with the second access point. Then first access point then identifies a subset of the detected plurality of client devices that are also identified in the first set of client devices associated with the second access point. Finally, the first access point transmits to the second access point characteristics corresponding to the subset of the plurality of client devices. The characteristics are determined based on wireless signals received by the first access point from the subset of the plurality of client devices. | 11-05-2015 |
20150319102 | Tiered Network Access Based on User Action - The present disclosure discloses a method and network device for providing tiered network access based on user actions. Specifically, a network device can identify a social action performed by a user, where the social action is performed while the user is logged into a social network application. Furthermore, the network device can select a network access level of a plurality of network access levels based on the social action. Accordingly, the network device grants a client device corresponding to the user access to a network based on the selected network access level. Note that the network access level is selected from the plurality of network access levels based on a plurality of social actions performed by the user. | 11-05-2015 |
20150319042 | Virtual Local Area Network Mismatch Detection in Networks - The present disclosure discloses a method and network device for providing VLAN mismatch detection in networks. Specifically, a network device monitors a plurality of packets received by a first device from a second device to identify a first set of VLAN identifiers indicated by at least one of the plurality of packets. The network device receives from a third device at least one packet tagged with a particular VLAN identifier, whereas the at least one packet to be forwarded by the first device to the second device. The network device then determines whether the particular VLAN identifier is included in the first set of VLAN identifiers indicated by at least one of the plurality of packets received by the first device from the second device. If the particular VLAN identifier is not included in the first set of VLAN identifiers, the network device presents a notification. | 11-05-2015 |
20150318878 | AVOIDING SELF INTERFERENCE USING CHANNEL STATE INFORMATION FEEDBACK - Disclosed herein is a system, apparatus, and method for reducing self-interference within a wireless network device using channel state information feedback and beamforming techniques. The self-interference within a device may be reduced by first transmitting, by a first circuitry, a first set signals using a first radiation pattern through a first set of antennas coupled with the first circuitry. Then, based on feedback information associated with the first set of signals detected by a second circuitry of the device, a second radiation pattern to be used by the first circuitry and the first set of antennas that reduces receipt of signals by the second circuitry that are transmitted by the first set of antennas or leaked from the first circuitry may be determined. Thereafter, a second set of signals may be transmitted by the first set of antennas using the second radiation pattern. | 11-05-2015 |
20150312910 | Dynamic Channel Bandwidth Selection Based on Information for Packets transmitted at Different Channel Bandwidths - The present disclosure discloses a method and network device for dynamic channel bandwidth selection in a wireless local area network. Specifically, a network device obtains information corresponding to a first set of packets transmitted on one or more of a plurality of channel bandwidths over a first period of time. Based on the information, the network device selects a particular channel bandwidth, of the plurality of channel bandwidths, for transmitting a second set of packets; and transmits the second set of packets at the particular channel bandwidth. Additionally, based on the information, the network device can dynamically select a number of packets, from a second set of packets, to queue at hardware components with channel bandwidth selection for transmission by the hardware components; and can queue the selected number of packets at the hardware components with channel bandwidth selection. | 10-29-2015 |
20150312877 | DETECTING MOVEMENT IN A PHYSICAL ENVIRONMENT - The present disclosure discloses a method and network device for detecting movement in a physical environment. Specifically, a network device obtains a first feedback information for a first set of wireless signals transmitted by a first device in a physical environment and received by a second device in the physical environment. Moreover, the network device obtains a second feedback information for a second set of wireless signals transmitted by the first device and received by the second device. The network device then compares the first feedback information to the second feedback information to identify a first set of one or more difference values. Based on the first set of one or more difference values, the network device determines that one or more physical entities within the physical environment have moved. | 10-29-2015 |
20150312875 | METHOD AND SYSTEM FOR CLIENT DEVICE LOCALIZATION - A system includes one or more hardware processors causing performance of operations. The operations include transmitting, by a first access point, a set of one or more wireless signals that include a request for feedback information. The set of wireless signals incorrectly identifies a second access point as the sender of the set of wireless signals instead of correctly identifying the first access point as the sender of the set of wireless signals. The operations further include receiving, from a client device associated with the second access point, a feedback information corresponding to the receipt of the set of wireless signals by the client device, and, based on the feedback information: determining a distance between the first access point and the client device that is associated with the second access point. | 10-29-2015 |
20150312861 | METHOD AND SYSTEM FOR DEVICE AWARE POWER SAVE - A non-transitory computer readable medium includes instructions. The instructions, when executed by one or more hardware processors, causes performance of operations including receiving, at an access point, data targeted for a device, and determining whether an amount of the data targeted for the device is above a threshold. The operations further include, responsive at least to determining that the amount of data is below the threshold, transmitting a notification frame falsely indicating that the access point does not have the data targeted for the device. | 10-29-2015 |
20150312853 | ECO-FRIENDLY POWER OVER ETHERNET - The present disclosure discloses a method and network device for providing an eco-friendly PoE mechanism in a WLAN. Specifically, a network device determines that an access point (AP) is connected to two or more network devices that include functionality to power the first AP, selects a first network device and causes the first network device to power the AP instead of the second network device, which is currently powering the AP. Moreover, the network device disables power supply on a first port of the second network device that is connected to the AP, causing the first network device to supply power to the AP via a second port of the first network device that is connected to the AP. Subsequent to the first network device supplying power to the AP via the second port, the network device enables the power supply on the first port of the second network device. | 10-29-2015 |
20150312835 | DISTRIBUTED RADIO MANAGEMENT - The present disclosure discloses a distributed radio management system that is capable of dynamically tuning a radio antenna to a particular radio frequency channel and/or radio frequency band. The disclosed network device includes a transceiver, an antenna, and a component on a wireless signal path between the transceiver and the antenna. The component includes functionality to dynamically switch between processing signals corresponding to a first radio frequency band and processing signals corresponding to a second radio frequency band. Moreover, the component also may include functionality to dynamically switch between processing signals and refraining from processing wireless signals that are received by the component. | 10-29-2015 |
20150312820 | SELECTION OF ANCHOR CONTROLLERS FOR ACCESS POINTS WITHIN A NETWORK ENVIRONMENT - According to one embodiment of the invention, a non-transitory computer readable medium for improving the scalability and redundancy of a wireless communications network. One embodiment of the non-transitory computer readable medium comprises instructions that select a first controller for controlling a configuration of a first access point and a second access point, detect a particular event and, responsive to detecting the particular event, select a second controller for controlling the configuration of the first access point without modifying the selection of the first controller for controlling the configuration of the second access point. | 10-29-2015 |
20150312819 | USER ANCHOR CONTROLLER COMMUNICATION WITHIN A NETWORK ENVIRONMENT - According to one embodiment of the invention, a non-transitory computer readable medium for improving the scalability and redundancy of a wireless communications network. One embodiment of the non-transitory computer readable medium comprises instructions that configure, by a first controller, a first access point, responsive to a client device associating with the first access point, identify a second controller configured for maintaining information corresponding to the client device, wherein the second controller is different than the first controller that configures the first access point, obtain, by the first access point from the second controller, information corresponding to the client device, and communicate, by the first access point with the client device, based on the information corresponding to the client device. | 10-29-2015 |
20150312724 | FILTERING OUT ACCESS POINT DATA BASED ON NON-CONFORMITY WITH OTHER ACCESS POINT DATA - Methods and systems are described for filtering out signal strength data associated with access points and a client device using heuristic and intra-access point analysis. The filtered data may be used to approximate the location of the client device. By filtering signal strength values through a heuristic and intra-access point analysis; the systems and methods described eliminate inaccurate or anomalistic values, which may negatively alter the estimated location of the client device. Accordingly, the systems and methods may produce more accurate client device location estimates by intelligently examining detected signal strength values. | 10-29-2015 |
20150312721 | DETERMINING LOCATION BASED ON BOTH A DETECTED LOCATION AND A PREDICTED LOCATION - A system and method is described that computes an estimated current location for a client device based on both the detected current location and the predicted current location of the client device. By utilizing the predicted current location, the system and method may account for and compensate for anomalies and inaccuracies in the detected current location. Accordingly, the system and method provides a more accurate estimation for the current location of the client device based on examination of heuristics and a priori environmental data. In particular, the system and method compensates for detected locations that are impossible or improbable based on previous locations of the client device, the layout of the environment in which the client device is traversing, data describing the user of the client device, and/or data describing the client device. | 10-29-2015 |
20150312208 | ADAPTIVE DYNAMIC HOST CONFIGURATION PROTOCOL ASSIGNMENT WITH VIRTUAL LOCAL AREA NETWORK POOL - The present disclosure discloses a method and network device for adaptive DHCP assignment with VLAN pool. Specifically, a network device can assign a client device to a first Virtual Local Area Network (VLAN). The network device then detects a first DHCP Discover message, transmitted by a client device, corresponding to a first VLAN. Also, the network device determines that no DHCP offer message, responsive to the first DHCP Discover message, is transmitted to the client device. Then, the network device transmits on behalf of the client device a second DHCP Discover message for the second VLAN to a DHCP server, and receives a DHCP Offer message in response to the second DHCP Discover message. The network device then assigns the client device to a second VLAN, and subsequently transmits the DHCP Offer message for the second VLAN to the client device. | 10-29-2015 |
20150312131 | Software Defined Wireless Device Management - The present disclosure discloses a method and network device for software-defined client device management. Specifically, a network device can cause a client device to switch association with a first access point to a second access point. The network device determines whether a number of times the client device has been caused to switch association with an access point exceeds a threshold value for the first period of time. If not, the network device causes the client device to switch to an association with a third access point. Also, the network device determines a configuration indicating when any access point with which a client device is associated may be modified. Based on the configuration, the network device determines whether an association of the client device should not be modified. Also, based on one or more attributes, the network device selectively causes the client device to switch an association. | 10-29-2015 |
20150312091 | SELECTION OF ANCHOR CONTROLLERS FOR CLIENT DEVICES WITHIN A NETWORK ENVIRONMENT - According to one embodiment of the invention, a non-transitory computer readable medium for improving the scalability and redundancy of a wireless communications network. One embodiment of the non-transitory computer readable medium comprises instructions that configure a first controller, of a plurality of controllers, as a primary controller for maintaining data associated with each particular device of a plurality of devices, for each particular device of the plurality of devices, select a respective secondary controller, from the plurality of controllers, for maintaining data associated with that particular device based on a respective identifier associated with that particular device, subsequent to selecting the secondary controller for each particular device of the plurality of devices, detect an error associated with the first controller, and responsive to detecting the error associated with the first controller, establish the secondary controller selected for each particular device, based on the respective identifier, as the primary controller for that particular device. | 10-29-2015 |
20150312012 | ENFORCING STATION FAIRNESS WITH MU-MIMO DEPLOYMENTS - A non-transitory computer readable medium including instructions which, when executed by one or more hardware processors, causes performance of operations. The operations include: obtaining a first pathloss value for a first data transmitted between a first device and a second device; receiving, at a first component of the first device, a second data to be transmitted to the second device; based at least on the first pathloss value: selecting a first subset of the second data for transmission from the first component to a second component of the first device, where the second component is configured for causing transmission of the first subset of the second data to the second device; transmitting, during a first period of time from the first component to the second component, the first subset of the second data. | 10-29-2015 |
20150304978 | AUTOMATIC CALIBRATION OF PROBE REQUEST RECEIVED SIGNAL STRENGTH INDICATION (RSSI) THRESHOLD TO CONTROL ASSOCIATIONS - System and methods are provided for dynamically setting a threshold signal-to-noise ratio for probe requests for one or more access points in a wireless network based on several factors, including density/distance between access points and/or current and expected load on access points. By dynamically adjusting a threshold signal-to-noise for probe requests, the systems and methods described herein may efficiently utilize resources based on current and/or expected conditions. In particular, an access point may ignore client device probe requests when another access point may be better positioned to handle such a request and/or when the access point would be unable to meet expected load requirements if such an associate were made. | 10-22-2015 |
20150304011 | MU-MIMO IMPLEMENTATION WITH CONFIGURABLE ANTENNA SYSTEM - Disclosed herein is a system, apparatus, and method for using an antenna system comprising individually configurable antenna circuitries in a wireless network device to simulate the standard MU-MIMO transmissions as specified in the IEEE 802.11ac standard with antenna beamforming. The individually configurable antenna circuitries can be configured to transmit radio frequency (RF) signals with specific radiation patterns including directional beam patterns. Client devices may be grouped and antenna circuitries may be configured in such a way as to minimize inter-user interference. Frequent sounding-channel state feedback cycles and associated overhead are obviated with antenna beamforming, and no change to standard-compliant client devices is necessary. A better overall performance compared to MU-MIMO based on DSP-based beamforming as specified in the IEEE 802.11ac standard is expected. | 10-22-2015 |
20150295826 | Offloading Packet Treatment using Modified Packet Headers in a Distributed Switch System - According to one embodiment, a method comprises an operation of receiving a packet with a packet header indicating that a first treatment is needed to be applied to the packet. The first treatment is applied and the packet header is modified to indicate that the first treatment is no longer needed to be applied to the packet. The packet is forwarded with the modified header. | 10-15-2015 |
20150289207 | METHOD AND SYSTEM FOR TRACKING DEVICES - Described herein are systems, methods and computer program products for controlling operation of wireless beacons, such as Bluetooth Low Energy beacons. Multiple beacons may be controlled centrally or may work together in a cooperative fashion such that related advertisement signals are transmitted by each beacon in a cooperative fashion to allow, for example, long-term indoor tracking of mobile devices in standby, locked, or sleep modes or with applications in background or non-execution states. | 10-08-2015 |
20150278545 | ANONYMIZATION OF CLIENT DATA - The present disclosure discloses a method and network device for providing anonymization of client data in a wireless local area network. Specifically, a network device adds a first client device identifier containing private personal data (e.g., a Media Access Control (MAC) address and/or an Internet Protocol (IP) address) into a large data file, and sends at least a portion of the large data file as input to a one-way hash function to generate a second client device identifier for the client device. The network device then provides to a third party client context information with the second client device identifier without providing the first client device identifier. No private personal data can be derived from the second client device identifier. Thus, the disclosed system protects wireless clients' privacy while facilitating analytics of client data by an external third party. | 10-01-2015 |
20150237002 | Centralized Configuration with Dynamic Distributed Address Management - The present disclosure discloses a network device and/or method for centralized configuration with dynamic distributed address management. The disclosed network device receives, at a first network node, a range of sub network addresses and a specified size for a sub network. The disclosed network device then divides the range of sub network addresses into a plurality of sub-ranges of sub network addresses based on the specified size. Further, the network device allocates the plurality of sub-ranges of sub network addresses to a plurality of sub networks, and transmits an allocated sub-range of sub network addresses to a corresponding sub network at a second network node through an established secure communication channel. Moreover, the network device can retrieve a profile template that includes the range of sub network addresses and the specified size of the sub network; and create a profile based on the profile template. | 08-20-2015 |
20150236946 | OPERATING ON A NETWORK WITH CHARACTERISTICS OF A DATA PATH LOOP - Methods and systems are described for handling traffic in a network system in which a data path loop has been detected. Upon detection of a set of loopy ports, transmission of data packets through these loopy ports may be intelligently controlled through the balancing of data packets accepted or dropped by each port and/or the designation of a favored loopy port for each entry in a bridge table. By selectively and intelligently transmitting data packets through loopy ports, the method and systems described herein ensure that a single loopy port is not overly utilized and load balancing may be realized across the set of loopy ports. | 08-20-2015 |
20150236911 | DETECTING CHARACTERISTICS OF A DATA PATH LOOP ON A NETWORK - Methods and systems are described for detecting data path loops between ports on a device in a network system. Data path loops may be detected by first detecting data path loop characteristics exhibited by ports on a device. Upon detection of data path loop characteristics, the existence of a data path loop may be verified through the transmission of a broadcast packet through the potentially loopy ports. By first detecting characteristics of a data path loop and thereafter confirming the presence of a loop, the methods and systems described herein ensure that anomalies in data packet and/or port movement are not the product of configuration changes in the network system, but are instead the result of data path loops. By more intelligently identifying data path loops, false positives may be reduced. | 08-20-2015 |
20150229606 | SECURELY VIRTUALIZATING NETWORK SERVICES - Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run. | 08-13-2015 |
20150223192 | ADAPTIVE MANAGEMENT OF WIRELESS CLIENTS BASED ON CLIENTS RADIO BEHAVIORS AND CAPABILITIES - The present disclosure discloses a method and network device for adaptive management of wireless clients based on clients' radio behaviors and capabilities. Specifically, a disclosed network device can dynamically select a location tracking mechanism based on a probing characteristic of a client device. The disclosed network device can also dynamically selects a communication mechanism based on a power saving characteristics of a client device. Moreover, the disclosed network device can determine whether to select a new access point for a client device based on roaming characteristics of the client device. The adaptive management of client devices can be performed on a group of client devices with similar radio behaviors and/or capabilities on a per-radio rather than per-BSSID (basic service set identifier) basis. | 08-06-2015 |
20150223168 | AUTOMATIC DELIVERY TRAFFIC INDICATION MESSAGE INTERVAL CONTROL FOR BETTER MOBILE POWER SAVE PERFORMANCE - The present disclosure discloses a method and network device for automatic delivery traffic indication message (DTIM) interval control for better mobile power save performance. The disclosed network device determines one or more characteristics for at least one client device connected to an Access Point (AP). The network device then dynamically selects a DTIM interval for the AP based on the characteristics for the at least one client device, and configures the AP to transmit a DTIM beacon frame at a frequency based on the dynamically selected DTIM interval. Alternatively, the network device can determine one or more characteristics for a client device, and dynamically select a Virtual Access Point (VAP) for providing network access to the client device based on the characteristics for the client device and a DTIM interval configured for the VAP, and then cause the client device to connect to the VAP. | 08-06-2015 |
20150223105 | MODIFYING FEEDBACK INFORMATION TO CONTROL A SOURCE DEVICE - A non-transitory computer readable medium includes instructions which, when executed by one or more processors cause performance of operations, including: receiving feedback information related to a receipt of packets by a receiving device, the packets being transmitted by a source device, modifying the feedback information to obtain modified information related to the receipt of the packets by the receiving device, and transmitting, to the source device, the modified information related to the receipt of the packets by the receiving device. | 08-06-2015 |
20150222727 | DETERMINING PACKET PRIORITY BASED ON A LOCATION ASSOCIATED WITH A CLIENT DEVICE - A non-transitory computer readable medium storing instructions which, when executed by one or more hardware processors, causes performance of operations including: determining a location associated with a client device, assigning a priority to packets, received from the client device or targeted for the client device, based at least on the location associated with the client device, and processing packets based on the priority assigned to the packets. | 08-06-2015 |
20150222562 | SYSTEM AND METHOD FOR EFFICIENT FRAME AGGREGATION - The present disclosure discloses a method and network device for efficient frame aggregation. Specifically, a network device queues a first set of packets until one of the first set of aggregation limits is detected. The network device then transmits the first set of packets, and receives feedback information. Then, the network device modifies the first set of aggregation limits to obtain a second set of aggregation limits based on the feedback information. The network device queues a second set of packets until one of the second set of aggregation limits is detected, and then transmits the second set of packets. Also, the network device determines whether a received packet has a particular characteristic. If so, the network device transmits the first set of packets before at least one of the first set of aggregation limits is detected. | 08-06-2015 |
20150222540 | DISTRIBUTED GATEWAY FOR LOCAL SUBNET - A computer readable medium storing instructions with functionality for: receiving a first request, from a first client device in a particular IP subnet, to identify a MAC address that corresponds to a particular IP address in the particular IP subnet; transmitting a first response to the first client device that identifies a first MAC address, of a first network device in the particular IP subnet, as the MAC address that corresponds to the particular IP address; receiving a second request, from a second client device in the particular IP subnet, to identify the MAC address that corresponds to the particular IP address; transmitting a second response to the second client device that identifies a second MAC address, of a second network device in the particular IP subnet, as the MAC address that corresponds to the particular IP address, the second MAC address being different than the first MAC address. | 08-06-2015 |
20150222527 | METHOD AND SYSTEM FOR IMPLEMENTING A PRIORITY FOR ACCESS POINTS - A non-transitory computer readable medium includes instructions which, when executed by one or more hardware processors, cause performance of operations including determining a priority level for an Access Point (AP). Subsequent to determining the priority level for the AP, the instructions further cause performance of operations including receiving multiple packets, determining one or more transmission parameters for transmitting the packets based at least in part on the priority level of the AP, and transmitting the packets using the one or more transmission parameters that were determined based at least in part on the priority level of the AP. | 08-06-2015 |
20150222507 | INITIATING DATA COLLECTION BASED ON WIFI NETWORK CONNECTIVITY METRICS - The present disclosure discloses a method and network device for initiating data collection based on WiFi network connectivity metrics. Specifically, detects that a value for a WiFi network connectivity metric for a WiFi connection between a client device and a WiFi network meets a particular criteria. Responsive to determining that the value meets the particular criteria, the disclosed system initiates a data collection process for collecting data associated with one or more devices while the WiFi network connectivity metric meets the particular criteria. The determining operation may be performed by a network device in response to receiving a request from a user of the client device. Also, the disclosed system stores the data collected while the WiFi network connectivity metric meets the particular criteria. | 08-06-2015 |
20150221193 | Intrusion Detection and Video Surveillance Activation and Processing - The present disclosure discloses a system and method for detection network intrusion and activating a video surveillance system based on the network intrusion detection and processing video data accordingly. A network intrusion event caused by a particular device is detected. Responsive to responsive to detecting the network intrusion event, a current physical location of the particular device is estimated. Based on the current physical location, one or more predicted locations of the particular device are estimated. A video stream comprising images of the estimated one or more predicted locations of the particular device. | 08-06-2015 |
20150220233 | AUTOMATIC GENERATION OF FORMS FOR DEVICE CONFIGURATION - The present disclosure discloses a method and network device for automatic generation of forms for device configurations. Specifically, a network device receives a static configuration document from a user. The network device waits for a content creator to parse through the configuration document and tag various dynamic fields with supported dynamic content tags. The network device can then extract the dynamic variables from the processed document and generate forms to present to the user for the requested information. Next, the network device generates static configuration file(s) corresponding to one or more devices for the user based on the user input values. | 08-06-2015 |
20150219742 | METHOD FOR IMPROVING LOCATION ACCURACY IN MULTI-CHANNEL WIRELESS NETWORKS - The present disclosure discloses a method and network device for improving location accuracy in multi-channel wireless networks. Specifically, to coordinate with other Access Points (APs) and improve location accuracy of client devices, each access point can (a) obtain a schedule of another neighboring AP; (b) switch to the operating channel of the neighboring AP at a scheduled time for communication exchanges between the neighboring AP and the client device, (c) listen to the communication exchanges between the neighboring AP and the client device; (d) collecting signal samples, e.g., signal strength associated with messages originated from the client device; and (e) send the report to the location engine to allow the location engine collect more signal samples associated with the client device, thereby more accurately determine the location of the client device; etc. | 08-06-2015 |
20150219466 | SELECTION OF A ROUTE BASED ON PRIOR USER BEHAVIOR OR COMMERCIAL INTERESTS - A non-transitory computer readable medium comprises instructions which cause performance of receiving a request from a user for directions to a destination, determining, based on historical user data, a commercial interest of the user, selecting a route based at least on a location related to the commercial interest being on the route, and directing the user to the destination according to the route. | 08-06-2015 |
20150219458 | NAVIGATING TO A MOVING TARGET - A non-transitory computer readable medium with instructions which cause performance of: determining a location of a first client device corresponding to a first user and a location of a second client device corresponding to a second user, displaying directions to the second location, determining that the second client device has moved to a third location, and displaying updated directions to the third location. | 08-06-2015 |
20150215025 | SYSTEM AND METHODS FOR ADAPTIVE PER-USER MULTIPATH CONTROL FOR SPATIAL MULTIPLEXING GAIN IN MIMO SYSTEMS - Disclosed herein is a system, apparatus, and method for adaptive per-user multipath control for spatial multiplexing gain in MIMO systems. Transmission parameters relating to Cyclic Shifts and/or Radio Frequency (RF) antenna beams are modified and tested to find optimal transmission parameters that enable better exploitation of multipath RF propagation and therefore better spatial multiplexing gain. | 07-30-2015 |
20150188620 | SYSTEM, APPARATUS AND METHOD FOR INTEGRATED WIRELESS LINK MANAGEMENT FOR A MULTI-POLARIZED ANTENNA SYSTEM - According to one embodiment of the disclosure, a non-transitory computer-readable medium comprising instructions which, when executed by one or more hardware processors, causes performance of operations. One of these operations comprises transmitting, from a first device to a second device, a first plurality of frames using a first polarization configuration for a first antenna corresponding to the first device. Based on feedback information associated with the first plurality of frames, a second polarization configuration, which is different than the first polarization configuration, is selected for transmitting a second plurality of frames. Thereafter, the second plurality of frames is transmitted from the first device to the second device using the second polarization configuration for the first antenna. | 07-02-2015 |
20150156648 | ANALYZING A PARTICULAR WIRELESS SIGNAL BASED ON CHARACTERISTICS OF OTHER WIRELESS SIGNALS - The present disclosure discloses a system and method for classifying Wi-Fi signals from Fourier transform samples. Generally, classifying Wi-Fi signals from Fourier transform samples includes: collecting and dividing Fourier transform samples into frequency blocks; determining the bandwidth for the Fourier transform sample; and determining whether the Fourier transform sample corresponds to a narrowband signal. Further, if a determination is made that the Fourier transform sample does not correspond to a narrowband signal, channel utilization is calculated based on a determination that the FFT sample corresponds to a Wi-Fi signal. If it is determined that the Fourier transform sample corresponds to a narrowband signal, then a determination is made that the FFT sample corresponds to a Wi-Fi signal based on certain criteria. The certain criteria may include one or more of a slope value, a number of sub-peak bins, an analysis of adjacent channels, characteristic matching, or other criteria. | 06-04-2015 |
20150156645 | DYNAMICALLY MODIFYING SCANNING METHODS AND/OR CONFIGURATIONS - Adapting scanning of frequency channels of different or varying widths to collect wideband spectrum data is disclosed. Scanning methods and/or configurations are modified based upon the type and signal strength of the interferers present or expected in the spectrum. The system includes: selecting a portion for scanning, wherein the portion includes contiguous and non-contiguous segments, partitioning the selected portion into a first plurality of channels, where at least two of the plurality of channels have different widths, each of the first plurality of channels including contiguous or non-contiguous segments; during a first scan of the selected portion, scanning the selected portion of the radio frequency spectrum at least by scanning a first channel with a first width and scanning a second channel with a second width that is different than the first width; and based on the first scan, collecting data representing the selected portion of the radio frequency spectrum. | 06-04-2015 |
20150156643 | CLASSIFYING WIRELESS SIGNALS - The present disclosure discloses a system and method for. classifying Wi-Fi signals from Fourier transform samples. Generally, classifying Wi-Fi signals from Fourier transform samples includes: collecting and dividing Fourier transform samples into frequency blocks; determining the bandwidth for the Fourier transform sample; and determining whether the Fourier transform sample corresponds to a narrowband signal. Further, if a determination is made that the Fourier transform sample does not correspond to a narrowband signal, channel utilization is calculated based on a determination that the FFT sample corresponds to a Wi-Fi signal. If it is determined that the Fourier transform sample corresponds to a narrowband signal, then a determination is made that the FFT sample corresponds to a Wi-Fi signal based on certain criteria. The certain criteria may include one or more of a slope value, a number of sub-peak bins, an analysis of adjacent channels, characteristic matching, or other criteria. | 06-04-2015 |
20150133063 | METHOD AND SYSTEM FOR USING A MINIMUM SENSITIVITY THRESHOLD FOR RECEIVING WIRELESS SIGNALS - A method includes computing a minimum sensitivity threshold value for a particular wireless device, configuring the particular wireless device to receive wireless signals with a signal strength higher than the minimum sensitivity threshold value, distributing the minimum sensitivity threshold value to other wireless devices, and configuring the other wireless devices based on the minimum sensitivity threshold value for the particular wireless device. | 05-14-2015 |
20150131467 | SPECTRUM-AWARE RF MANAGEMENT AND AUTOMATIC CONVERSION OF ACCESS POINTS TO SPECTRUM MONITORS AND HYBRID MODE ACCESS POINTS - Methods of operating devices on a wireless network as access points (AP) or spectrum monitors (SM). An adaptive radio management (ARM) process operating on the digital network senses network conditions based on data from APs and SMs on the network, and in response to conditions changes devices from AP operation to SM operation, and from SM operation back to AP operation. A method for providing wideband spectrum analysis functions on a radio operating as an AP on a channel proving client connectivity services. A method for scanning off-channel for shorter durations between transmissions to collect spectral data and a method for explicitly quieting IEEE 802.11 transmissions on a channel to collect spectral data. | 05-14-2015 |
20150121500 | USING APPLICATION LEVEL AUTHENTICATION FOR NETWORK LOGIN - In general, in one aspect, embodiments relate to receiving, by a system comprising one or more network devices, a first client authentication information comprising a first indication that a first client device was successfully authenticated by a first authentication server based on credentials provided by the first client device, and forwarding, by the system, the first client authentication information to a second authentication server without determining that the client device was already successfully authenticated by the first authentication server based on the credentials provided by the first client device. The operations further include receiving, by the system from the second authentication server, a second indication that the first client device was successfully authenticated, and based on the second indication received by the system from the second authentication server, granting, by the system, network access to the first client device. | 04-30-2015 |
20150121481 | APPLICATION AUTHENTICATION USING NETWORK AUTHENTICATION INFORMATION - In general, in one aspect, embodiments relate to receiving, by a system of one or more network devices from a client device, a request to access one or more applications, determining, by the system, that the client device has already been authenticated to access a network, and based on determining that the client device has already been authenticated to access the network, causing authenticating of the client device for accessing the one or more applications. | 04-30-2015 |
20150121465 | LOCATION BASED ACCESS - A non-transitory computer readable medium for location based access includes instructions which, when executed by one or more devices, causes performance of operations including identifying a physical location of a client device, determining that the physical location of the client device meets a criterion for allowing access through an entryway, identifying a permission level associated with the client device, determining that the permission level associated with the client device meets a criterion for allowing access through the entryway, and, responsive at least to determining that the criterion have been met, allowing access through the entryway. | 04-30-2015 |
20150120951 | METHOD AND SYSTEM FOR CONTROLLING ACCESS TO SHARED DEVICES - A non-transitory computer readable medium includes computer readable program code including instructions for subsequent to a client device associating with an access point, receiving a request for a set of allowed shared devices, removing, by the access point and to obtain the set of allowed shared devices, a shared device from a set of shared devices based on a client device user of the client device failing to have a permission required by a device sharing policy of the shared device, and transmitting the set of allowed shared devices to the client device. | 04-30-2015 |
20150120930 | PROVISIONING ACCESS POINT BANDWIDTH BASED ON PREDETERMINED EVENTS - The present disclosure discloses a method and network device for provisioning access point bandwidth based on predetermined events. The disclosed system identifies a pattern for one or more devices over a period of time, the pattern indicating that the one or more devices (a) connect to a particular access point at a particular time of day, or (b) are located near the particular access point at the particular time of day. Prior or approximately the particular time, the disclosed system facilitates at least one client device associated with the particular access point to associate with a second and different access point. The disclosed system then provides, by the particular access point to the one or more devices, access to network resources. | 04-30-2015 |
20150120911 | METHOD AND SYSTEM FOR NETWORK SERVICE HEALTH CHECK AND LOAD BALANCING - A non-transitory computer readable medium includes instructions which, when executed by one or more network devices, causes performance of operations. The operations include sending, to shared devices, one or more status queries regarding one or more device conditions for each of the shared devices, obtaining responses to the one or more status queries from each of the plurality of shared devices, the responses including the one or more device conditions for each of the shared devices, filtering the shared devices based on the one or more device conditions to obtain a subset of the shared devices, identifying the subset of the shared devices as a set of available shared devices, and transmitting information identifying the set of available shared devices to a client device. | 04-30-2015 |
20150120910 | METHOD FOR DYNAMIC LOAD BALANCING IN CAMPUS DEPLOYMENTS - A method is described for dynamically assigning tasks to entities of different types within a network system based on preferences to perform the tasks on particular entities and/or network/device conditions. This ability to dynamically assign processing of tasks between disparate devices in a network system provides a more efficient network configuration and utilization of resources while not compromising throughput, overall network security, and/or network flexibility. | 04-30-2015 |
20150120864 | NETWORK DEVICE WORKLOAD BALANCING - A method and computer readable medium for network device workload balancing, including: selecting a particular network device for storing client information associated with a client device; subsequent to the client device disassociating with a first network device, receiving, by the particular network device from the first network device, the client information; and responsive to the client device associating with a second network device: transmitting, by the particular network device, the client information to the second network device, where the client device does not associate with the particular network device between associating with the first network device and the second network device. | 04-30-2015 |
20150120799 | CONTROLLER OFFLOADING - A non-transitory computer readable medium storing instructions which, when executed by one or more hardware processors, causes performance of operations including: performing, by a controller, one or more processing actions for data corresponding to a particular session associated with a client device; identifying one or more characteristics corresponding to the particular session; based on the one or more characteristics corresponding to the particular session: selecting a network device, other than the controller, to perform the one or more processing actions for the data corresponding to the particular session; causing the network device to perform the one or more processing actions, for the data corresponding to the particular session, instead of the controller. | 04-30-2015 |
20150119035 | SYSTEM, APPARATUS AND METHOD FOR MANAGING NETWORK DEVICE CONNECTIVITY ON HETEROGENOUS NETWORKS - According to one embodiment of the disclosure, a network device is described that includes at least one hardware processor and is configured to perform a number of operations. Some of these operations include receiving information associated with a level of connectivity by a client device to a first network, and receiving information associated with a level of connectivity by the client device to a second network. Based on the level of connectivity with the first network and the level of connectivity with the second network, the second network is selecting for the client device to access one or more resources, and thereafter, causing the client device to connect to the second network. | 04-30-2015 |
20150117420 | Communicating with a Distribution System via an Uplink Access Point - The present disclosure discloses a system and method for communicating with a distribution system via an uplink access point. The system includes a processor and a memory storing instructions that, when executed, cause the system to: receive, at a first network device, an original packet from a client device; identify a source MAC address of the original packet as a MAC address of the client device; identify an IP address of the original packet as an IP address of the client device; generate a modified packet from the original packet by changing the source MAC address from the MAC address of the client device to a MAC address of the first network device; preserve the IP address in the modified packet to be the IP address of the client device; and forward the modified packet from the first network device to a second network device. | 04-30-2015 |
20150117325 | ADAPTIVE METHODS FOR OPTIMIZING SOUNDING AND CHANNEL FEEDBACK OVERHEAD IN SU-MIMO AND MU-MIMO BEAMFORMING - Disclosed herein is a system, apparatus, and method for optimizing sounding and feedback overhead in a wireless digital network utilizing a beamforming technique by adaptively changing the frequency of sounding transmissions. The exemplary method comprises: transmitting a first plurality of sounding frames based on a first sounding interval, wherein the first sounding interval is a first period of time between transmissions of two sounding frames in the first plurality of sounding frames; receiving a plurality of feedback frames comprising information associated with the first plurality of sounding frames; based on the plurality of feedback frames: selecting a second sounding interval, different than the first sounding interval, for transmitting a second plurality of sounding frames; and transmitting the second plurality of sounding frames based on the second sounding interval, wherein the second sounding interval is a second period of time between transmissions of two sounding frames in the second plurality of sounding frames. | 04-30-2015 |
20150117324 | METHOD FOR RF MANAGEMENT, FREQUENCY REUSE AND INCREASING OVERALL SYSTEM CAPACITY USING NETWORK-DEVICE-TO-NETWORK-DEVICE CHANNEL ESTIMATION AND STANDARD BEAMFORMING TECHNIQUES - Disclosed is a system, apparatus, and method for RF management using network-device-to-network-device channel estimation and standard beamforming techniques. The exemplary method comprises: obtaining a first information corresponding to a first device that is a target device for transmitting at least one of a plurality of wireless signals by a network device; obtaining a second information corresponding to a second device that is to be avoided by propagation of any wireless signals transmitted by the network device; computing a radiation pattern for transmitting the plurality of wireless signals based at least on the first information associated with the first device and the second information associated with the second device; and transmitting the plurality of wireless signals based on the radiation pattern. | 04-30-2015 |
20150117322 | Policy-Based Control Mechanism For Wireless Network Physical Layer Resources - Embodiments of the present disclosure relate to physical layer resource utilization in wireless local area networks. In particular, the present disclosure relates to a policy-based control mechanism for wireless network physical layer resources such as transmit beamforming. Specifically, the disclosed system receives a set of network policy criteria, and information associated with each of a plurality of client devices connected to a network device. The disclosed system then selects a subset of client devices in a wireless network based on the set of network policy criteria and information associated with each of the plurality of client devices. Furthermore, the disclosed system provides the subset of client devices for using one or more of wireless network physical layer resources. Here, the wireless network physical layer resources are limited to a threshold number of client devices. Moreover, the number of client devices in the subset does not exceed the threshold number. | 04-30-2015 |
20150117235 | Enhanced Dynamic Multicast Optimization - The present disclosure discloses a system and method for enhanced dynamic multicast optimization based on network condition measurement. The system includes a processor and a memory storing instructions that, when executed, cause the system to: measure a network condition for a multicast group using one or more metrics; determine whether to convert all stations in the multicast group to unicast based on the network condition; and responsive to determining not to convert the all stations in the multicast group to unicast, determine, based on the network condition, a sub set of the multicast group for converting the subset of the multicast group to unicast, wherein the subset includes less than all stations in the multicast group. | 04-30-2015 |
20150117234 | Monitoring Link Quality Between Network Devices - The present disclosure discloses a system and method for monitoring link quality between internetworking devices. The system includes a processor and a memory storing instructions that, when executed, cause the system to: generate, at a first internetworking device, a marker-request packet that includes a current marker ID; send, from the first internetworking device, the marker-request packet to a second internetworking device; receive, at the first internetworking device, a marker-reply packet that responds to the marker-request packet from the second internetworking device, the marker-reply packet including the current marker ID and a previous marker ID; and determine, at the first network device, a link quality between the first internetworking device and the second internetworking device based at least in part on the marker-reply packet. | 04-30-2015 |
20150117215 | DYNAMIC OPTIMIZATION OF ADVERTISEMENT PACKETS - In general, in one aspect, embodiments relate to a non-transitory computer readable medium comprising instructions that, when executed by a processor, perform a method. The method includes receiving, by a controller, a first plurality of multicast advertisement packets from a first networking device on an external network, wherein the plurality of multicast advertisement packets are received at a first frequency, storing, by the controller, one of the first plurality of multicast advertisement packets in an advertisement packet repository, and transmitting, by the controller, information in the one of the plurality of advertisement packets on an internal network at a second frequency, wherein the second frequency is less frequent than the first frequency. | 04-30-2015 |
20150117180 | SYSTEM, APPARATUS AND METHOD FOR REDUCING FAILOVER TIME THROUGH REDUNDANCY USING VIRTUAL ACCESS POINTS - According to one embodiment of the disclosure, a non-transitory computer readable medium is described for an network device, where the medium comprising instructions which, when executed by one or more hardware processors, cause performance of a number of operations. These operations include configuring a first network device to provide network access to a client device using a first Basic Service Set Identification (BSSID) and determining that the first network device is not responsive. Based on determining that the first network device is not responsive, the one or more hardware processors further configure a second network device to provide the network access to the client device using the same first BSSID that was previously used by the first network device without the client device disassociating with the first BSSID. | 04-30-2015 |
20150113277 | Provisioning Devices For Secure Wireless Local Area Networks - Before establishing a connection between a first and a second devices, the first device determines whether a third device is a trusted or untrusted device. If it is a trusted device, the first device receives from the third device a public key and information indicating the public key of the second device; and, uses the public key by combining its own private key and the public key of the second device to generate a shared secret, and using the shared secret to communicate to the second device. Otherwise, the first device refrains from communications with the third device. Also, the second device combines its private key with the public key of the first device received from the trusted third device to generate the same shared secret, and uses the shared secret to provision the first device to access a secured wireless network provided by the second device. | 04-23-2015 |
20150109924 | SELECTIVE SERVICE BASED VIRTUAL LOCAL AREA NETWORK FLOODING - The present disclosure discloses a method and network device for selective service based virtual local area network (VLAN) flooding. The disclosed system receives a packet originated from a device received on a first VLAN, and flood one or more copies of the packet to a second and different VLAN if the packet is received on an access port. Furthermore, the system will flood copies of the packet to the first and same VLAN if the packet is received on a trunk port. The device originating the packet is a member of the first VLAN but not a member of the second VLAN. | 04-23-2015 |
20150085734 | METHOD AND SYSTEM FOR ROAMED CLIENT DEVICE HANDLING - A non-transitory computer readable medium that includes instructions which, when executed by one or more hardware processors, causes performance of operations. The operations include receiving, at a first network device in a first network, a multicast message comprising data to be transmitted at least to two or more client devices that have roamed from the first network to a same second network, determining that at least one client device has roamed from the first network to the second network, and responsive at least to the determining operation, forwarding, by the first network device to a second network device in the second network, a single copy of the data for distribution to each of the two or more client devices. | 03-26-2015 |
20150081867 | OBTAINING A MAC ADDRESS FROM AN EXTERNAL SOURCE - A non-transitory computer readable medium storing instructions which, when executed on one or more processors, cause performance of operations. The operations include: receiving a first message from a device; determining, in response to the first message, a media access control (MAC) address of the device; and transmitting, in response to the first message, a second message comprising the MAC address to the device. | 03-19-2015 |
20150067172 | METHOD AND SYSTEM FOR DYNAMICALLY PRIORITIZING USER CONNECTIONS ON NETWORK - The present disclosure discloses a method and network device for dynamically prioritizing user connections on network. The disclosed system identifies a priority class associated with a client device prior to an initial connection from the client device to a network, and reserves access to a network resource for the client device based on the priority class prior to the initial connection. Specifically, the system evaluates a total capacity of the network resource and an anticipated usage of the network resource by the client device associated with the priority level. Then, the system will reject requests for accessing the network resource received from other client devices prior to the client device associated with the priority level accesses the network resource. | 03-05-2015 |
20150038188 | Task Processing and Resource Sharing in a Distributed Wireless System - The present disclosure discloses a system and method for task processing and resource sharing in a distributed wireless system. The system includes a processor and a memory storing instructions that, when executed, cause the system to: identify a plurality of nodes in a distributed wireless system, each node of the plurality of nodes associated with a radio frequency neighborhood, the radio frequency neighborhood of one node including one or more other nodes that hear beacons from the one node; assign a task to the plurality of nodes; split the task into a plurality of subtasks; assign the plurality of subtasks to the plurality of nodes; receive a plurality of subtask processing results from the plurality of nodes; and combine the plurality of subtask processing results to generate a task processing result for the task. | 02-05-2015 |
20150036488 | DYNAMIC GROUPING AND CONFIGURATION OF ACCESS POINTS - A method is described for moving one or more access points between neighboring enterprise networks such that one or more threshold requirements of the networks are met. By reconfiguring access points to move between enterprise networks, the method provides a highly flexible network system that utilizes environmental and/or operational data to dynamically meet the needs of associated client devices and consumers. | 02-05-2015 |
20140369337 | SYSTEM AND METHOD FOR ADAPTIVE CHANNEL SCANNING WITHIN A WIRELESS NETWORK - An access point device that is adapted to a wireless network and a wired network is disclosed. The access point includes a transceiver to receive wireless frames from a plurality of wireless devices of the wireless network, respectively, and at least one component to process information extracted from the wireless frames and to control channel scanning based upon at least one of an amount of wireless device traffic and a type of call. | 12-18-2014 |
20140355491 | SYSTEM AND METHODS FOR ENABLING SIMULTANEOUS TRANSMIT AND RECEIVE IN THE SAME WIFI BAND WITHIN A DEVICE - Disclosed herein, one embodiment of the disclosure is directed to a system, apparatus, and method for enabling simultaneous transmit and receive in the same Wi-Fi band within a device by first obtaining a first information corresponding to a first set of signals to be transmitted wirelessly by a first antenna of a first device and transmitting, by the first antenna of the first device, the first set of signals. Then, a second set of signals comprising: (a) the first set of signals transmitted by the first antenna of the first device and (b) a third set of signals transmitted by a second device different than the first device are received by a second antenna of the first device. Thereafter, a second information representing the second set of signals received by the second antenna of the first device is obtained. Last, based on the first information and the second information, a third information comprising an estimation of the third set of signals without the first set of signals is determined. | 12-04-2014 |
20140348004 | MITIGATING INTERFERENCE IN WIRELESS SYSTEMS - According to one embodiment of the invention, a non-transitory computer readable medium for configuring a noise floor of a network device based on the detection of a non-Wi-Fi signal is described. One embodiment of the non-transitory computer readable medium comprises instructions that detect a non-Wi-Fi signal, determine a noise floor based on at least one attribute of the non-Wi-Fi signal and configure the noise floor of the network device such that the network device receives signals with a signal strength above the noise floor value. | 11-27-2014 |
20140293966 | Determining WLAN Edges - Determining whether a station is at the edge of wireless local area network (WLAN) coverage. In an IEEE 802.11 wireless network comprising one or more access points (APs) which may optionally be connected to one or more controllers, with wireless clients connected to those APs. Station S connected to AP A collects reports such as beacon reports which contains information on all APs station S can hear, including signal strengths. AP A collects a neighbor report which contains information on all APs in its neighborhood including signal strengths. These reports from A and S are observed and compared over time to determine when S is at or is moving to the edge of WLAN coverage. For example, if the only entry in the beacon list for client S is AP A to which it is connected, and the signal strength is decreasing over time, S is at the edge of WLAN coverage and is moving away from the WLAN. The process may be implemented at a controller, at a client, or both. | 10-02-2014 |
20140289338 | INITIATING PEER-TO-PEER TUNNELS - Initiating peer-to-peer tunnels between clients in a mobility domain. Client traffic in a mobility domain normally passes from the initiating client to an access node, and from the access node through a tunnel to a controller, and then through another tunnel from the controller to the destination access node, and the destination client. When initiated by the controller, the access nodes establish a peer-to-peer tunnel for suitable client traffic, bypassing the “slow” tunnels through the controller with a “fast” peer-to-peer tunnel. Traffic through this “fast” tunnel may be initiated once the tunnel is established, or traffic for the “fast” tunnel may be queued up until traffic has completed passing through the “slow” tunnel. | 09-25-2014 |
20140283029 | SYSTEM AND METHOD FOR DETECTION OF ROGUE ROUTERS IN A COMPUTING NETWORK - A method and apparatus for detecting the presence of a rogue router in a computer network is described. The method may include transmitting a router solicitation message. The method may also include receiving a plurality of response messages to the router solicitation message from a first plurality of router devices, wherein the response messages are used to perform an operation other than assigning an internet protocol (IP) address to the device. | 09-18-2014 |
20140282905 | SYSTEM AND METHOD FOR THE AUTOMATED CONTAINMENT OF AN UNAUTHORIZED ACCESS POINT IN A COMPUTING NETWORK - A method and apparatus for automatic containment of unauthorized access points in a computing network is described. The method may include receiving data indicative of at least a device identifier corresponding to an unauthorized access point. The method may also include, in response to locating the received device identifier in a listing of device identifiers that are associated with data transmissions through the network device, identifying a port of a network device as the port to which the unauthorized access point is connected. | 09-18-2014 |
20140281488 | System and Method for Offloading Cryptographic Functions to Support a Large Number of Clients in a Wireless Access Point - The present disclosure discloses a method and network device for offloading cryptographic functions to support a large number of clients. Specifically, a network device receives a packet corresponding to a client device via an interface, and determines whether a first hardware module that performs cryptographic operations on a per-client basis overflows. If first hardware module overflows, the network device retrieves a cryptographic key for the packet, and sends the received packet with the retrieved cryptographic key to a second hardware module that performs cryptographic operations on a per-packet basis to perform one or more cryptographic operations. If not, the network device sends the packet to the first hardware module to perform the one or more cryptographic operations. | 09-18-2014 |
20140280733 | INITIATING PEER-TO-PEER TUNNELS - Initiating peer-to-peer tunnels between clients in a mobility domain. Client traffic in a mobility domain normally passes from the initiating client to an access node, and from the access node through a tunnel to a controller, and then through another tunnel from the controller to the destination access node, and the destination client. When initiated by the controller, the access nodes establish a peer-to-peer tunnel for suitable client traffic, bypassing the “slow” tunnels through the controller with a “fast” peer-to-peer tunnel. Traffic through this “fast” tunnel may be initiated once the tunnel is established, or traffic for the “fast” tunnel may be queued up until traffic has completed passing through the “slow” tunnel. | 09-18-2014 |
20140274112 | METHOD AND SYSTEM FOR DETERMINING A LOCATION OF WIRELESS DEVICE - A system for (a) determining a first direction from a first device toward a second device based on a first set of WiFi® wireless signals received by at least one antenna of the first device from the second device, (b) determining a second direction from a third device toward the second device based on a second set of WiFi® wireless signals received by at least one antenna of the third device from the second device, and (c) based at least on a first location of the first device, the first direction from the first device toward the second device, a second location of the third device, and the second direction from the third device toward the second device: determining a third location of the second device. | 09-18-2014 |
20140274037 | METHOD AND SYSTEM FOR DYNAMIC DETERMINATION OF POTENTIAL ACCESS POINTS FOR PROPAGATING CLIENT INFORMATION - A method includes determining a subset, of a set of access points, that a client device is likely to roam to from a first access point in the set of access points; transmitting to each of the subset of access points, without transmitting to a second access point in the set of access points that is not included in the subset, information associated with the client device; wherein the information associated with the client device is used by the client device or by the third access point during (a) an association process for the client device associating with the third access point or (b) an authentication process for the authentication of the client device by the third access point. | 09-18-2014 |
20140269752 | APPARATUS AND METHOD AGGREGATION AT ONE OR MORE LAYERS - A method for performing aggregation at one or more layers starts with an AP placing at a first layer one or more received frames in a queue at the AP. When a transmit scheduler is ready to transmit an aggregated frame corresponding to the queue, the AP may iteratively select a plurality of frames selected from the one or more received frames, and aggregate at the first layer the plurality of frames into the aggregated frame. The number of frames included in an aggregated frame may be based on at least one of: a dynamically updated rate of transmission associated with a size of the frames, a class of the frames, a transmission opportunity value associated with the class of the frames and a total projected airtime for transmitting the aggregated frame. Other embodiments are also described. | 09-18-2014 |
20140269648 | Distributed Network Layer Mobility for Unified Access Networks - The present disclosure discloses a method and network device providing distributed network layer mobility for unified access networks. The method eliminates the need for a secure tunnel between a home network device and a foreign network device when a client roams from the home network device to the foreign network device. The disclosed network device receives an association request from a client device in a wireless network; identifies a first wireless virtual local area network (VLAN) that the client device is assigned to; and, allows traffic to or from the client device to be transmitted via the network device on the first wireless VLAN, wherein traffic on at least a second wireless VLAN is transmitted via the network device and segregated from the traffic on the first wireless VLAN. | 09-18-2014 |
20140269370 | Dynamic Beamforming Configuration Based on Network Conditions - A method includes steering client devices to access points that potentially increase capacity of communications using beamformed transmissions. In particular, this includes determining the best access points for beamforming to a particular client or a group of clients in the network for an improved throughput performance in the deployment or a subset of access points. | 09-18-2014 |
20140269285 | APPARATUS, SYSTEM AND METHOD FOR LOAD BALANCING TRAFFIC TO AN ACCESS POINT ACROSS MULTIPLE PHYSICAL PORTS - A method for load balancing traffic from controller to destination access point (AP) via switch across multiple physical ports starts with controller receiving a packet from a source client device that is destined for destination client device associated with destination AP. The controller may select, based on an identifier associated with source or destination client device, a first or a second controller IP address. Controller may encapsulate the packet to generate an encapsulated packet including an outer header that includes the selected controller IP address. Controller may transmit the encapsulated packet to the switch that may distribute traffic to destination AP across multiple physical ports based on the selected controller IP address. Controller may also select a destination port based on destination client device of a packet and may encapsulate the packet using CAPWAP to generate an encapsulated packet including the destination port in a header of the encapsulated packet. | 09-18-2014 |
20140269280 | Channel Width Configuration Based on Network Conditions - A method includes determining an optimized channel width between client devices and access points based on network conditions in a wireless network. In particular, the channel widths may be optimized to reduce airtime usage on access points and eliminate a high density condition while the client devices are steered to access points that provide the greatest channel capacity gains based on signal-to-noise-ratios for each spatial stream in a beamformed transmission. | 09-18-2014 |
20140258478 | Distributed Functionality Across Multiple Network Devices - According to one embodiment, a method comprises an operation of identifying a plurality of network devices, and detecting a presence of firewall processing functionality in a subset of the network devices. At least one of the network devices not in the firewall subset is configured to forward packets to a network device of the subset for firewall processing. | 09-11-2014 |
20140254464 | DETERMINATION OF MULTICAST AND CODING RATE - According to one embodiment of the invention, wireless spectrum and battery power conservation is achieved through an adaptable multicast group communication scheme. This involves a method for controlling the multicast transmission rate based on a first operation of receiving information from a multicast receiving device that is a member of a multicast group. Based on this information and potentially other information from other member devices, the modulation and coding rate for the multicast group is altered. | 09-11-2014 |
20140254362 | BALANCING LOAD ACROSS RADIO FREQUENCY CHANNELS - The present disclosure discloses a network device and method for advertising channel load. The disclosed network device aggregates a number of clients that are associated with the network device on a specific wireless communication channel, and advertises the aggregated number to a client on the specific wireless communication channel. Further, the network device can receive aggregated load information on the specific wireless communication channel from another management network device, and further aggregates the load information across multiple wireless networks operating on the same wireless communication channel and coupled to different management network devices. | 09-11-2014 |
20140247943 | Secure Configuration of a Headless Networking Device - The secure configuration of a headless networking device is described. A label associated with the headless networking device is scanned and a public key is determined. scanning a label associated with a networking device. A configuration process is initiated for the networking device using the public key associated with the networking device that was determined based on the scanned label. | 09-04-2014 |
20140237543 | METHOD AND APPARATUS FOR POLICY-BASED NETWORK ACCESS CONTROL WITH ARBITRARY NETWORK ACCESS CONTROL FRAMEWORKS - A method and apparatus for integrating various network access control frameworks under the control of a single policy decision point (PDP). The apparatus supports pluggable protocol terminators to interface to any number of access protocols or backend support services. The apparatus contains Trust and Identity Mediators to mediate between the protocol terminators and a canonical policy subsystem, translating attributes between framework representations, and a canonical representation using extensible data-driven dictionaries. | 08-21-2014 |
20140211716 | SIGNAL STRENGTH AWARE BAND STEERING - A system or method that receives a current request from a client, and responds to the current request based on signal strength associated with a previous request. If the current request is received on a non-preferred communication band, and a previous request was received on a preferred communication band within a pre-determined time, the system determines whether the signal strength associated with the previous request is weaker than a pre-determined threshold signal strength level for the preferred communication band. If so, the system responds to the current request. Otherwise, the system ignores the current request. If no recent request on the preferred communication band is received, and the signal strength associated with the current request is weaker than a pre-determined threshold signal strength level for the non-preferred communication band, the system responds to the current request on the non-preferred communication band. Otherwise, the system ignores the current request. | 07-31-2014 |
20140204763 | Method and System for Routing Data - A method includes identifying internal links or forwarding elements within other network devices. The method further includes selecting a route for forwarding a packet through the other network devices based, at least in part, on link costs associated with the internal links within the other network devices. | 07-24-2014 |
20140192634 | System and Method for Network Failover and Network Selection with Multi-Mode Modem in Remote Access Points - The present disclosure discloses a method and network device for network failover and/or network selection with a multi-mode modem in remote access points. A RAP initially is set to allow the modem's firmware to select an ISP-preferred available network. Then, the RAP collects network selection attributes, including RSSI, for the selected network, derives a NSC value based on the attributes, and determines whether the derived NSC value is within an expected range. If so, the device establishes a secure tunnel connection through the modem on the modem-selected network. Otherwise, the RAP commands the modem connect to an alternative network, and derives the NSC value for the alternative network selected by the RAP. If the NSC value for the alternative network is within an expected range, the RAP establishes a secure connection on the alternative network. On rebootstrap, the RAP repeats the above operations until a stable network is selected. | 07-10-2014 |
20140185485 | WIRELESS LINK MONITORING AND ACTIVE TROUBLESHOOTING - According to one embodiment of the invention, a method comprises transmitting a Layer 2 (L2) frame from a first wireless device. Upon receipt of a frame in response to the L2 frame, the first wireless device uses information conveyed in the frame to modify its functionality. | 07-03-2014 |
20140173700 | SYSTEM AND METHOD FOR APPLICATION USAGE CONTROLS THROUGH POLICY ENFORCEMENT - A method includes a particular user application, without operating system kernel access, performing the operations of: identifying a set of applications that a user has permission to access, receiving a request to a access a particular application of the set of applications, and causing execution of the particular application. | 06-19-2014 |
20140169432 | INTERFERENCE CLASSIFICATION WITH MINIMAL OR INCOMPLETE INFORMATION - Interference classification with minimal or incomplete information. Receivers in access points and in other network devices on a wireless digital network may be switched to a spectrum monitor mode in which they provide amplitude-versus-frequency information for a chosen part of the spectrum. This may be performed by performing a FFT or similar transform on the signals from the receiver. Receivers are calibrated with known interference sources in controlled environments to determine peaks, pulse frequency, bandwidth, and other identifying parameters of the interference source in best and worst case conditions. These calibrated values are used for matching interference signatures. Calibration is also performed using partial signatures collected over a short period in the order of microseconds. These partial signals may be used to detect interferers while scanning. | 06-19-2014 |
20140157376 | SYSTEM AND METHOD FOR MAINTAINING CAPTIVE PORTAL USER AUTHENTICATION - The present disclosure discloses a method and network device for maintaining captive portal user authentication. Specifically, the disclosed system determines an association status between a client and an access point in a wireless network, as well as whether to remove an entry corresponding to the client from a network layer (L3) cache based on the association status. If it is determined that the entry is to be removed, the disclosed system removes the entry corresponding to the client from the network layer (L3) cache. Note that, the association status can be determined based on one or more of an indication by a station management process at the network device, and a detection of radio link activities. | 06-05-2014 |
20140156604 | Method and System for Maintaining Derived Data Sets - A first data set is derived from a second data set. The first data set is stored in a database of derived data sets. The second data set is updated without updating the first data set, such that the first data set and the second data are inconsistent. The first data set is deleted or updated during batch processing of the database of the derived data sets. | 06-05-2014 |
20140153428 | Method and System for Aggregating Wifi Signal Data and Non-Wifi Signal Data - Methods of aggregating spectrum data captured from a narrowband radio to form a spectrum covering a much wider frequency band. Frequency data, such as FFT spectrum data captured from a narrowband receiver such as an IEEE 802.11 Wi-Fi receiver are combined to display representative real-time FFT, average FFT, and FFT duty cycle data of a wideband spectrum. Data is captured from narrow band radios such as access points, station monitors, or client devices on a wireless network. A wideband spectrum may be aggregated from data captured from one or from multiple devices. Data may be stored for later analysis and display. | 06-05-2014 |
20140146677 | DYNAMIC DETERMINATION OF TRANSMISSION PARAMETERS BASED ON PACKET PRIORITY AND NETWORK CONDITIONS - According to one embodiment, a non-transitory computer readable medium is described that comprises instructions which, when executed by one or more hardware processors, cause dynamic determination of one or more transmission parameters for transmitting a particular network packet of a plurality of network packets. The transmission parameters are determined based on (a) a classification associated with the particular network packet and (b) one or more current conditions. Subsequent to this determination, the particular network packet is transmitted using the one or more transmission parameters. | 05-29-2014 |
20140146676 | METHOD AND SYSTEM FOR PRIORITIZING NETWORK PACKETS - According to one embodiment, a system is described that comprises a network device adapted to receive a media stream that includes a plurality of network packets. The network device of the system processes the media stream, targeted for a client device that is communicatively coupled to the network device, by perform a number of operations. A first operation comprises partitioning the plurality of network packets into a plurality of subsets, each subset in the plurality of subsets corresponding to a media frame in a plurality of frames. Next, a priority level is determined for each particular media frame in the plurality of media frames, where the priority level for each particular media frame is assigned to each of the one or more network packets in the particular frame. Thereafter, network packets are transmitted or dropped based at least on the priority level associated with each network packet in the plurality of network packets. | 05-29-2014 |
20140140275 | System and Method For Advertising The Same Service Set Identifier For Different Basic Service Sets - According to one embodiment of the invention, a method comprises advertising services. The services are provided by different basic service sets, each basic service set having the same service set identifier (SSID). Thereafter, one of the basic service sets is selected. | 05-22-2014 |
20140130118 | APPLICATION BASED POLICY ENFORCEMENT - One embodiment is directed to a system that comprises a network device, including at least a first port, which is configured to analyze information within one or more messages received during a session initiated by another network device. The system is configured to perform operations including determining a total number of sessions for the first port of the network device and determining whether the total number of sessions for the first port exceeds a threshold value. If the total number of sessions for the first port exceeds the threshold value, an application associated with the first port is classified as a peer-to-peer application. Thereafter, a policy may be enforced based on this classification. | 05-08-2014 |
20140123124 | CLOUD-BASED FIRMWARE DISTRIBUTION SERVICE - According to one embodiment of the invention, a method for altering stored firmware within a network device comprises receiving, by a first network device, information to download firmware. This information is provided from the first network device to at least a second network device, which is communicatively coupled to the first network device. The information enables the second network device to access a second version of firmware different than a first version of firmware installed on the second network device. | 05-01-2014 |
20140122674 | ZERO TOUCH PROVISIONING - According to one embodiment, a method comprises automatically uploading device information from a first network device in a first operating state to a second network device in response to an event, such as an initial power up. The second network device is part of the cloud, and thus, providing cloud-based services. Subsequent to the uploading of the device information, the first network device receives information controlling the operation of the first network device based on the device information. | 05-01-2014 |
20140119354 | Home Virtual Local Area Network Identification for Roaming Mobile Clients - The present disclosure discloses a method and network device for home VLAN identification for roaming mobile clients. Specifically, the disclosed method and system detects that the mobile client has roamed away from a first network to a second network, maintains a mapping between a virtual local area network (VLAN) corresponding to the mobile client and a tunnel corresponding to a foreign agent in the second network, and forwards packets to or from the mobile client on the VLAN based on the mapping between the VLAN and the tunnel via which the packets are received. Therefore, the disclosed method and system allows for identification of home VLANs for roaming mobile clients without merging VLAN policy configurations at the home agent and the foreign agent. | 05-01-2014 |
20140082060 | Provisioning Remote Access Points - Provisioning remote access points for use in a telecommunication network. A remote access point contains identity information established during manufacturing; this identity information may be in the nature of a digital certificate. The identity information is stored in the remote access point, and may be stored in a Trusted Platform Module if present. When the remote access node is powered up in unprovisioned state, outside the manufacturing environment, it attempts to establish an internet connection via a first wired interface, and queries a user for information representing the TCP/IP address of its controller via a second wired interface. Once an internet connection is present, and a TCP/IP address has been provided, the remote access point attempts to connect to the controller at that address. Once a connection is established, controller and access point exchange and verify each other's identities. | 03-20-2014 |
20140059218 | SYSTEM, APPARATUS AND METHOD FOR MANAGING CLIENT DEVICES WITHIN A WIRELESS NETWORK - According to one embodiment, a system and computer-readable storage medium for storage of software directed to the management of associations between network devices is described. The computer-readable storage medium comprising instructions which, when executed by at least one hardware processor on a network device, causes performance of operations, comprising: (1) determining a desired operating state for a client device under analysis, the client device being associated with a first network device of a plurality of network devices; (2) detecting if a triggering event has occurred based on a comparison of the desired operating state for the client device under analysis to an actual operating state for the client device under analysis; and (3) in response to detecting that the triggering event has occurred, causing the client device to wirelessly connect to a second network device of the plurality of network devices in lieu of the first network device. | 02-27-2014 |
20140036841 | METHODS, APPARATUSES AND SYSTEMS FACILITATING MANAGEMENT OF AIRSPACE IN WIRELESS COMPUTER NETWORK ENVIRONMENTS - According to one embodiment, a particular network device that comprises at least one hardware processor is described. The network device is configured to perform operations including operating in a first mode by communicating wirelessly with at least one wireless client device to provide the at least one wireless client device access to one or more resources, where the operating in the first mode comprises receiving packets transmitted by the at least one wireless client device and forwarding the packets to the one or more resources. Furthermore, the network device performs operations, including switching from operating in the first mode to operating in a monitoring mode and operating in the monitoring mode by decoding data packets addressed to network devices other than the particular network device. | 02-06-2014 |
20140031067 | LOCATION DETECTION IN WIRELESS COMMUNICATION NETWORKS - Location detection of a mobile device is achieved by initiating an API call at an application program. The API call directs an operating system of the mobile device to initiate a scan of wireless access points within wireless communication range of the mobile device. The scanning performed by the mobile device is detected by the network via one or more of the wireless access points. A location of the mobile device is estimated by the network based on detection of the mobile device via the one or more wireless access points. Location-based services are provided to the mobile device by the network based on the estimated location of the mobile device. The location-based services may be transmitted to the mobile device via a different wireless access point and/or wireless communication protocol than used during scanning and/or detection of the mobile device. | 01-30-2014 |
20140031062 | WIRELESS CLIENT POSITION ESTIMATING SYSTEM AND METHOD - The present invention comprises a system and method for determining an estimated position of a wireless mobile client device operating in a communications environment covered by a wireless local area network. The received signal strength of the wireless mobile client device is measured by one or more access points serving devices in the communications environment. In a preferred embodiment, the error between the received signal strength measured by the access points and the expected received signal strength at a plurality of locations in the communications environment is calculated. The location of the device is determined from the error. | 01-30-2014 |
20130336194 | Synchronization of Mobile Client Multicast - A method includes subsequent to a client associating with a first access node and the client being communicatively coupled with a first controller through the first access node: storing information on one or more of: active broadcast sessions for the client or active multicast sessions for the client. The method further includes subsequent to the client associating with a second access node and the client being communicatively coupled with a second controller through the second access node: the second controller establishing one or more of: the active broadcast sessions for the client or the active multicast sessions for the client using the information. | 12-19-2013 |
20130268660 | Providing and Resolving an IP Address for Swarm-Based Services - According to one embodiment of the disclosure, a non-transitory computer readable medium (CRM) comprising instructions, which when executed by one or more hardware processors, causes performance of operations comprising: listening, by a first digital device in a group of digital devices, for any advertisement for a particular service; responsive to the first digital device not receiving any advertisement for the particular service for a predetermined period of time: transmitting, by the first digital device, a first advertisement for the particular service; and providing, by the first digital device, the particular service. | 10-10-2013 |
20130258889 | Determining Distances Between Wireless Devices - A method includes transmitting frames from a first device to a second device, where a first frame is transmitted at a first value for a particular transmission parameter, and where a second frame is transmitted at a second value for the particular transmission parameter that is different than the first value. For each of the transmitted frames, a determination is made if a corresponding Acknowledgement (ACK) frame, as defined by IEEE 802.11 standards, is received by the first device from the second device. Based on the IEEE 802.11 ACK frames received by the first device from the second device, a distance estimate is calculated from the first device to the second device. | 10-03-2013 |
20130215815 | EFFICIENT MULTICAST CONTROL PROCESSING FOR A WIRELESS NETWORK - According to one embodiment of the invention, a method comprises an exchange of messages between an access point and a wireless network switch. One message, a PROXY IGMP JOIN message, is transmitted to the access point for propagation to a multicast router. This is performed so that multicast data associated with the multicast group identified by the PROXY IGMP JOIN message is routed to the access point without any unnecessary involvement by the wireless network switch. | 08-22-2013 |
20130179678 | Stateless Cryptographic Protocol-based Hardware Acceleration - According to one embodiment of the invention, a method comprises an operation of commencing a first phrase and passing control of an authentication handshaking protocol. The first phase is commenced for establishing a secure communication path by a data path processor within a first network device. The first phrase comprises an exchange of data during an authentication handshaking protocol. The passing of control for authentication handshaking protocol by the data path processor to a control path processor is conducted to complete the authentication handshaking protocol. | 07-11-2013 |
20120020344 | WIRELESS MACRO CELL OVERLAY - Overlaying a Wireless Macro Cell architecture on a Micro Cell network. WLAN MAC Address Translation (WMAT) is used to translate BSSIDs from the BSSID used to initialize a radio in an access node and identify communications between the radio in the access node and a controller, and the BSSID used over the air for Macro Cell operation. WMAT is used for transmit operations, translating the BSSID of outgoing packets to the Macro Cell BSSID prior to wireless transmission. On the receive side, packets undergo WMAT and transmission to the controller if the STN MAC address of the sender is in an ACK table associated with the radio, or the packet is one of a predetermined type. The ACK table is managed by transmit operations, and by control commands from the controller. | 01-26-2012 |
20110029771 | Enrollment Agent for Automated Certificate Enrollment - Automated generation of certificates from a Certificate Authority through the use of an Enrollment Agent. Devices needing certificates generate the necessary keys and package public key information with other identifying information about the device and send this information to an Enrollment Agent. The Enrollment Agent takes this information and submits it on behalf of the device to a Certificate Authority, managing the interaction with the Certificate Authority on behalf of the device. The Certificate Authority signs the request, returning a certificate to the Enrollment Agent. The Enrollment Agent packages the certificate along with the other certificates needed to establish a chain of trust and returns these to the device. Certificates may be stored in the device in flash memory. The process is secure as long as the communications path between the devices and the Enrollment Agent is secure; a secure VPN or HTTPS: connection allows the devices and the Enrollment Agent to be in separate locations. | 02-03-2011 |
20100313262 | PROVISIONING REMOTE ACCESS POINTS - Provisioning remote access points for use in a telecommunication network. A remote access point contains identity information established during manufacturing; this identity information may be in the nature of a digital certificate. The identity information is stored in the remote access point, and may be stored in a Trusted Platform Module if present. When the remote access node is powered up in unprovisioned state, outside the manufacturing environment, it attempts to establish an internet connection via a first wired interface, and queries a user for information representing the TCP/IP address of its controller via a second wired interface. Once an internet connection is present, and a TCP/IP address has been provided, the remote access point attempts to connect to the controller at that address. The controller may filter connection requests through a whitelist of approved remote access points. Once a connection is established, controller and access point exchange and verify each other's identities. This may be done through the exchange and verification of digital certificates. Provisioning information is downloaded from controller to remote access point and installed. This may be done via a tunnel such as an encrypted tunnel. Software updates may be applied. The provisioned remote access point is placed in operation. | 12-09-2010 |
20100281180 | Initiating Peer-to-Peer Tunnels - Initiating peer-to-peer tunnels between clients in a mobility domain. Client traffic in a mobility domain normally passes from the initiating client to an access node, and from the access node through a tunnel to a controller, and then through another tunnel from the controller to the destination access node, and the destination client. When initiated by the controller, the access nodes establish a peer-to-peer tunnel for suitable client traffic, bypassing the “slow” tunnels through the controller with a “fast” peer-to-peer tunnel. Traffic through this “fast” tunnel may be initiated once the tunnel is established, or traffic for the “fast” tunnel may be queued up until traffic has completed passing through the “slow” tunnel. This queue and release process may be bidirectional or unidirectional depending on the traffic. Completion of slow tunnel traffic may be sensed in a number of ways. Slow tunnel traffic may be timed out, and queued traffic released after a preset time since the last packet was sent through the slow tunnel. The identity of the last packet sent through the slow tunnel may be retained, and queued traffic released when an acknowledgement for that packet is received. A special packet may be sent through the slow tunnel and queued traffic released when an acknowledgement for that packet is received. | 11-04-2010 |
20100277368 | Multi-Pattern Wireless Frame Transmission - Multi-pattern transmission of wireless frames. A digital device contains a transmitter feeding an electronically steerable antenna system where the radiation pattern produced by the antenna system may be selected. Different antenna radiation patterns are used in transmitting a first portion of a wireless frame and a second portion of a wireless frame in a wireless digital network. In one embodiment, a first portion of a wireless frame is transmitted using a wide radiation pattern while the second portion of the frame is transmitted using a second radiation pattern. Switching among radiation patterns in the electronically steerable antenna system may be accomplished by switching between antenna types, such as an omnidirectional antenna for the wide pattern, and beam-steered or sectorized antennas for the second radiation pattern. Beam-forming and/or phasing approaches may also be used. The first and second portions of the frame may be transmitted at different power levels. For high throughput (HT) frames such as IEEE 802.11n frames, the non-HT preamble and L-Sig are taken as the first portion of the frame, with the HT-Sig, HT-training and HT-data portions of the frame taken as the second portion of the frame, transmitted using a narrower radiation pattern. | 11-04-2010 |
20100275017 | Peer-to-Peer Forwarding for Packet-Switched Traffic - Establishing peer-to-peer tunnels between clients in a mobility domain. In normal operation, clients attached to a network having access nodes connected to a central controller transfer all traffic through the central controller. This traffic is passed using tunnels between the access node and the central controller. Tunnels may be encrypted, and GRE tunnels may be used. A mobility manager operating in the controller tracks access nodes connected to the controller, and clients connected to those access nodes. When the mobility controller recognizes traffic passing between clients in its mobility domain that is eligible for peer-to-peer forwarding, it instructs the access nodes supporting the clients to establish a peer-to-peer tunnel between the nodes, and direct the client traffic through this peer-to-peer tunnel. The peer-to-peer tunnel may be session based, or may be aged. Eligibility of traffic for peer-to-peer tunnels may be controlled by rules, such as limiting peer-to-peer tunnels by source or destination, by port or protocol, and the like. | 10-28-2010 |
20100272103 | Synchronization of Mobile Client Multicast Membership - Synchronization of mobile multicast membership in a wireless network. A controller supports one or more wireless access points, each of which supports wireless clients. A Mobility Manager (MM) in the controller monitors wireless client activity. The controller establishes an IGMP proxy which intercepts IGMP messages from wireless clients and handles the IGMP messages on clients' behalf. When a wireless client wishes to join a multicast, the client's IGMP join message is intercepted by the controller IGMP proxy, and the controller IGMP proxy joins the multicast for the client. The Mobility Manager observes the actions of the IGMP proxy. If a client moves from its home agent (HA) controller to a different foreign agent (FA) controller, the Mobility Manager in the FA controller locates the Mobility Manager in the HA controller and receives information on the client including information on any multicast streams the client is receiving. The Mobility Manager in the FA controller uses this information to have its own IGMP proxy join the required multicast, and send the multicast stream to the client. | 10-28-2010 |
20100199343 | CLASSIFICATION OF WIRED TRAFFIC BASED ON VLAN - Controlling access and capabilities on wired digital networks. According to the invention, rather than use port-centric controls, multiple virtual local area networks (VLANs) are supported by a wired controller, and these VLANS may be terminated on multiple physical ports. Capabilities are then assigned on a VLAN basis, with default capabilities assigned to the port when no VLAN is used. By defining capabilities on a VLAN basis, as an example no access, trusted access, or untrusted access. Trusted access VLANS are not subject to authentication or firewalling. Untrusted VLANS are subject to authentication and firewalling, which may be configured as required for the VLAN and its authorized users. | 08-05-2010 |
20100026558 | DISTANCE ESTIMATION - Improved distance estimation of a selected transmitter. An improved distance estimate from a target transmitter to a receiver is produced by assessing the target transmitter to determine transmit power, and combining this information with a propagation model, received signal strength, and reference signal strength indications. Target transmit power may be assessed through knowledge of the target device or device class, and/or transmit power reporting features of target wireless networks. The assessment may be made through looking up reported target device characteristics in a database, making inferences based on target device characteristics, or through standards-based diagnostic and/or reporting mechanisms. | 02-04-2010 |
20100023749 | Harvesting Entropy from Trusted Cryptographic Sources - Extending entropy in a random number generation utility. Where a device has access to trusted sources of encrypted data, such as encrypted network traffic, such encrypted network traffic may be sampled and the bits fed into the entropy seeding routines of the random number generation utility. | 01-28-2010 |
20090274129 | DISTRIBUTED LOAD BALANCING IN WIRELESS NETWORKS - Distributed load balancing in wireless digital networks. In a network having a plurality of access nodes with at least one wireless client connected to a first access node, the client is encouraged to move to a different access node by reducing the apparent signal strength of transmissions from the access node to the client. Apparent signal strength can be reduced by reducing transmit power, by using beam forming, antenna switching, or a combination. Other access nodes may send unsolicited frames, such as probe response frames to the client, encouraging the client to move. | 11-05-2009 |
20090268915 | Secure Creation and Management of Device Ownership Keys - Secure creation and management of device ownership keys. TPM ownership keys are generated by cryptographically combining manufacturer information with device specific information. Ownership keys are established in the TPM containing device. The manufacturer retains necessary information to reconstruct the ownership key if needed. | 10-29-2009 |
20090258668 | ENTERPRISE LOCATION DISCOVERY IN DUAL-MODE PHONES - Enterprise location discovery in dual-mode phones. As dual-mode phones move within the enterprise Wi-Fi network, they track which cell tower they are associated with, reporting this information to an enterprise mobility controller. The enterprise mobility controller builds a list of cell tower identifiers which are associated with enterprise Wi-Fi coverage, and makes this list available to subscribing dual-mode phones. Subscribing dual-mode phones can use this list to only scan for Wi-FI availability when they are associated with a cell tower which is on the list. | 10-15-2009 |
20090252097 | BAND STEERING FOR MULTI-BAND WIRELESS CLIENTS - Band steering for multi-band wireless clients. In a wireless digital network having at least one central controller and a plurality of access nodes connected to the central controller, and wherein some of the access nodes support a preferred wireless band and at least one non-preferred wireless band, the central controller identifies wireless client devices capable of multi-band operation, and encourages them to connect to the preferred wireless band. Client devices may be identified as multi-band capable by tracking probe requests. The central controller keeps a list of multi-band capable clients, for example in a database. This information is provided to other central controllers, and to access nodes attached to the central controller. Multi-band capable clients are encouraged to connect on the preferred wireless band for example by having the access nodes not respond to probe requests on the non-preferred wireless bands. Connections made on the non-preferred wireless bands may be moved to the preferred wireless band. | 10-08-2009 |
20090163232 | ENTERPRISE SEAMLESS MOBILITY - Extending dual-mode phones using SMS messages. When operating in cellular mode, SMS messages originated by a mobility controller in the enterprise command features such as indicators on the dual-mode phone. SMS messages are received by an agent in the dual-mode phone. A mobility controller connected to the enterprise SIP PBX and voicemail system receives messages for example indicating voicemail status and sends specially formatted SMS messages to the cellular phone to operate indicators. Similarly, the dual-mode phone issues SMS messages to the enterprise mobility controller to request the enterprise PBX perform features such as call conferencing, call pickup, and call pull. | 06-25-2009 |
20090163229 | Indicators for Dual-Mode Phones - Indicator control for dual-mode phones. While under control of an enterprise Wi-Fi network, indicators on a dual-mode phone can be controlled using SIP messages. When operating in cellular mode, indicators on the dual-mode phone are controlled by SMS messages which are intercepted on arrival. A software agent connected to the enterprise SIP PBX and voicemail system receives messages for example indicating voicemail status which cause the software agent to send specially formatted SMS messages to the cellular phone and operate indicators. | 06-25-2009 |
20090156217 | Delayed ACK in dual-mode call handover - Handover of a call to a dual-mode phone from cellular to Wi-Fi. When handing over a call mediated by a mobility controller to a dual-mode phone and switching the call from a cellular to a Wi-Fi call, the mobility controller initates a Wi-Fi connection to the dual mode phone. When the Wi-Fi connection is established, and with the cellular connection through the mobility controller still in place, the mobility controller starts a timer with a predetermined value and the dual-mode phone initiates release of the cellular connection. When the timer expires, the mobility controller switches the call from the cellular connection to the Wi-Fi connection. | 06-18-2009 |
20090156175 | Single Voicemail For Dual-Mode Phones - Single voicemail for dual-mode phones. Functionality is added to a dual-mode phone such that the dual-mode phone when operating in cellular mode sends a predetermined signal when it answers an incoming call. An enterprise mobility controller, on forwarding a call to the cellular side of a dual-mode phone after failing to complete a Wi-Fi connection, starts a timer. If the mobility controller does not receive the predetermined signal before the timer expires, it assumes that the cellular call has been handed off to the cellular voicemail system, terminates the cellular call, and sends the call to the enterprise voicemail system. | 06-18-2009 |
20090156164 | Single Number Presentation for Dual-Mode Phones - Providing a single number presentation to the party called by a dual-mode phone. The operation of the cellular side of a dual-mode phone is altered such that when the user attempts to place an outgoing call using the cellular phone, the call is redirected to a preprogrammed incoming phone number associated with the enterprise. When the enterprise PBX answers this call, the dual-mode phone transmits the desired number to the enterprise PBX. The enterprise PBX then places the call to the desired number, and in the process transmits the caller-id information assigned to the dual-mode phone. | 06-18-2009 |
20090113535 | Securely Virtualizating Network Services - Services in a network device are added through providing virtual environments. Virtualization allows services based on other platforms or architectures to be run with minimum modification and in a secure manner. Connecting services to the host through a stateful firewall allows dynamic integration, and passes only traffic of interest to the service. Virtualization allows services written for different instruction architectures to be supported. Multiple virtualized environments each supporting a service may be run. | 04-30-2009 |
20090113516 | Setting Policy Based on Access Node Location - Policy setting in an access node remotely located from a controller. A remote access node connects to a controller over a digital network such as the internet. Operating policy is established based on the location of the access node. In one embodiment, the location of the access node is determined through a GPS receiver associated with the node. In a second embodiment, the location of the access node is determined through its public IP address. Location information is used to establish policy at the access node, which may include aspects such as operating parameters, access controls, and availability of services through the controller. | 04-30-2009 |
20090108964 | Ethernet Coupling - Improved coupler for Ethernet over twisted pair. An improved coupler has a first common mode choke for connecting an Ethernet PHY to the primary winding of a transformer. The secondary winding of the transformer connects through a second common mode choke for connection to a twisted pair line. In one embodiment, the first common mode choke, transformer, and second common mode choke are placed in the same package. In a second environment, a plurality of choke-transformer-choke units are placed in the same package. In a third embodiment, the plurality of choke-transformer-choke units may be integrated into a connector. Pairs of the second common mode chokes may share cores. | 04-30-2009 |
20090082034 | WIRELESS CLIENT POSITION ESTIMATING SYSTEM AND METHOD - The present invention comprises a system and method for determining an estimated position of a wireless mobile client device operating in a communications environment covered by a wireless local area network. The received signal strength of the wireless mobile client device is measured by one or more access points serving devices in the communications environment. In a preferred embodiment, the error between the received signal strength measured by the access points and the expected received signal strength at a plurality of locations in the communications environment is calculated. The location of the device is determined from the error. | 03-26-2009 |