| Enterasys Networks, Inc. Patent applications |
| Patent application number | Title | Published |
|---|
| 20110072286 | POWER CONTROLLED NETWORK DEVICES FOR SECURITY AND POWER CONSERVATION - The present invention provides method and systems for activating or deactivating network devices by managing the power of the network device. By controlling the power for network devices, the size and coverage of the network can be adjusted to meet the needs for the current usage. This can be particularly advantageous in wireless networks where multiple wireless access points may be provided to provide coverage during peak usage but present the additional security concern of the network being accessible to unauthorized users. Being able to power down unneeded wireless access points during off-peak usage allows for the minimization of such potential security concerns. | 03-24-2011 |
| 20100268933 | METHOD FOR NETWORK TRAFFIC MIRRORING WITH DATA PRIVACY - Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the minor destination point. | 10-21-2010 |
| 20100182934 | DISTRIBUTED CONNECTION-ORIENTED SERVICES FOR SWITCHED COMMUNICATION NETWORKS - Method and apparatus providing connection-oriented services for packet switched data communications networks. Directory services include distributed discovery of MAC addresses and protocol alias addresses. Topology services include a link state topology exchange among switches, which provides each switch with a complete topology graph of the network. This enables an access switch receiving a data packet to determine a complete path from a source end system to a destination end system. Another service includes resolution of broadcast frames to unicast frames, in order to reduce the amount of broadcast traffic. Policy restrictions may be applied prior to connection setup. Path determination services enable multiple paths from a source to a destination. Connection management includes source routed mapping of connections on the desired path. A distributed call rerouting service is provided wherein if a link on an active path fails, each switch receives a topology change notification and unmaps any connection involving the failed link. A broadcast/unknown service provides restricted flooding of nonresolvable packets. Furthermore, connection-oriented switching is provided based on the source and destination MAC addresses as a connection identifier. Still further, resolution of networks outside the switch domain is enabled by access switches listening for network and server route advertisements and maintaining best routes to said networks and servers. The best route metrics may be combined with best path metrics to determine a path from a first access switch to an egress switch connected to the external network. | 07-22-2010 |
| 20100177778 | DISTRIBUTED CONNECTION-ORIENTED SERVICES FOR SWITCHED COMMUNICATION NETWORKS - Method and apparatus providing connection-oriented services for packet switched data communications networks. Directory services include distributed discovery of MAC addresses and protocol alias addresses. Topology services include a link state topology exchange among switches, which provides each switch with a complete topology graph of the network. This enables an access switch receiving a data packet to determine a complete path from a source end system to a destination end system. Another service includes resolution of broadcast frames to unicast frames, in order to reduce the amount of broadcast traffic. Policy restrictions may be applied prior to connection setup. Path determination services enable multiple paths from a source to a destination. Connection management includes source routed mapping of connections on the desired path. A distributed call rerouting service is provided wherein if a link on an active path fails, each switch receives a topology change notification and unmaps any connection involving the failed link. A broadcast/unknown service provides restricted flooding of nonresolvable packets. Furthermore, connection-oriented switching is provided based on the source and destination MAC addresses as a connection identifier. Still further, resolution of networks outside the switch domain is enabled by access switches listening for network and server route advertisements and maintaining best routes to said networks and servers. The best route metrics may be combined with best path metrics to determine a path from a first access switch to an egress switch connected to the external network. | 07-15-2010 |
| 20090316704 | APPARATUS AND METHOD FOR A VIRTUAL HIERARCHIAL LOCAL AREA NETWORK - A method and apparatus are provided for creating a virtual hierarchical local area network. The method and apparatus provide a hierarchical framing technique that allows a network architecture to realize a local area network hierarchy within the network. In this manner, a first local area network hierarchy is defined by communication in a first frame format between a first set of network devices and a second set of network devices. A second local area network hierarchy is defined by communication in a second frame format between members of the second set of network devices. The second frame format includes the fields of a frame in the first frame format that is used to communicate between the first set of communication devices and the second set of communication devices. | 12-24-2009 |
| 20090187968 | SYSTEM AND METHOD FOR DYNAMIC NETWORK POLICY MANAGEMENT - A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning. | 07-23-2009 |
| 20090141732 | METHODS AND APPARATUS FOR DIFFERENTIATED SERVICES OVER A PACKET-BASED NETWORK - Methods and apparatus for the provision of differentiated services in a packet-based network may be provided in a communications device such as a switch or router having input ports and output ports. Each output port is associated with a set of configurable queues that store incoming data packets from one or more input ports. A scheduling mechanism retrieves data packets from individual queues in accord with a specified configuration, providing both pure priority and proportionate de-queuing to achieve a guaranteed QoS over a connectionless network. | 06-04-2009 |
| 20080219276 | METHODS AND APPARATUS FOR AUTOMATED EDGE DEVICE CONFIGURATION IN A HETEROGENEOUS NETWORK - A PE device learns the address of a local CE device by monitoring the control messages, such as address resolution messages, originating from those local devices. In one embodiment, automated configuration of the PE devices participating in a Layer 2 VPN is facilitated by permitting a PE device to share the addresses for its locally-attached CE devices with the remote PE devices in the VPN. A PE device may share the addresses of the remote CE devices with the local CE devices by initiating its own control message or responding to an control message issued by one of its local CE devices. This latter mechanism in effect hides the distributed, heterogeneous nature of the network from a local CE device. | 09-11-2008 |
