Eureka AIR delivers breakthrough ideas for toughest innovation challenges, trusted by R&D personnel around the world.

Access control system and method for implementing binding MAC/IP of network device

A technology for access control and network equipment, applied in the transmission system, user identity/authority verification, data exchange through path configuration, etc., can solve the problems that the switch cannot be connected to the hub, the maintenance work is large, and it is difficult to implement. , to achieve the effect of solving the problem of equipment access control, occupying less network bandwidth, and less maintenance workload

Active Publication Date: 2006-12-06
CHINA MOBILE COMM CORP TIANJIN
View PDF0 Cites 17 Cited by
  • Summary
  • Abstract
  • Description
  • Claims
  • Application Information

AI Technical Summary

Problems solved by technology

[0004] (1) All access switches or hubs must be replaced with devices with MAC / IP binding functions, which requires a huge investment
[0005] (2) The existing network structure will be changed, and the engineering implementation is complicated
[0006] (3) It is impossible to solve the problem of connecting hubs in series under the switch—if the hubs are connected in series under the access switch, the terminal devices connected under these hubs can bypass the MAC / IP binding function of the switch to access the network or interact with each other. Access—even if some switches support 802.1X MultiHost function, it still cannot solve the problem of mutual access between terminals under the hub
[0007] (4) The maintenance work is huge and cannot be implemented on a large scale—since policies need to be configured separately on all access switches, under the complex network structure of large and medium-sized enterprises, the above method is difficult to implement because it cannot be effectively maintained
[0008] (5) The combination of DHCP and gateway authentication will cause the terminal to obtain some network access rights before authentication
[0009] (6) Users who use gateway authentication must use username and password, which increases the difficulty of use
[0010] (7) Once the authentication system fails, it will directly affect the use of network resources by legitimate users

Method used

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
View more

Image

Smart Image Click on the blue labels to locate them in the text.
Viewing Examples
Smart Image
  • Access control system and method for implementing binding MAC/IP of network device
  • Access control system and method for implementing binding MAC/IP of network device

Examples

Experimental program
Comparison scheme
Effect test

Embodiment Construction

[0045] In order to further understand the content, features and effects of the present invention, the following embodiments are given as examples, and detailed descriptions are as follows with accompanying drawings:

[0046] See figure 1 If an enterprise has three physical locations: the first physical location has a LAN 1, which is connected to the WAN through the switch 1 and router 1 corresponding to the same network segment of LAN 1, and the second physical location also has a LAN 2, which is the same through the corresponding LAN 2. The switch 2 and router 2 of the network segment are connected to the WAN; the third physical location has the LAN 3 and the LAN 4, and the switch 3 corresponding to the same network segment of the LAN 3, the switch 4 and the router 3 corresponding to the same network segment of the LAN 4 are connected to the WAN . The access control device 1 is connected to the switch 1, the access control device 2 is connected to the switch 2, and the access co...

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

PUM

No PUM Login to View More

Abstract

The system includes access control equipment. Through network wire, network port of the access control equipment in the system is connected to port at any vacant network exchange in controlled sub network. Software for managing server and configuring client end in strategy is installed on any PC server or terminal in network. The method includes steps mainly: using broadcast of pseudo ARP response message periodically to inform all hosts in network co cause IP conflict of unauthorized host; meanwhile, using pseudo MAC to refresh ARP buffer of each host in network to prevent communication between authorized host and unauthorized host so as to realize binding MAC / IP addresses. Without need of replacing any existed network equipment, and carrying out any adjustment for structure of network, the invention possesses advantages of saving large funds, easy of implementation, small maintenance work. The invention is applicable to enterprises and institutions of using computer and Ethernet.

Description

Technical field [0001] The invention belongs to the technical field of communication network security, and particularly relates to an access control system and method for realizing MAC / IP binding of network equipment. Background technique [0002] At present, with the development of computers and the Internet, various enterprises and institutions have established local area networks within the enterprise to further realize informatization. However, as the scale of each unit’s local area network continues to expand, how to effectively perform Access control has increasingly become a major security issue faced by enterprises and institutions. Under normal circumstances, a computer can access the internal network of the enterprise as long as it correctly sets the IP address, gateway and other related information and connects the correct network cable. If it cannot be effectively managed and controlled, the security risks and risks caused by this Security accidents will be inevitable...

Claims

the structure of the environmentally friendly knitted fabric provided by the present invention; figure 2 Flow chart of the yarn wrapping machine for environmentally friendly knitted fabrics and storage devices; image 3 Is the parameter map of the yarn covering machine
Login to View More

Application Information

Patent Timeline
no application Login to View More
IPC IPC(8): H04L9/32H04L12/28H04L29/06
Inventor 张学红闫五四阚建杰王真李永春周奕瑾
Owner CHINA MOBILE COMM CORP TIANJIN
Who we serve
  • R&D Engineer
  • R&D Manager
  • IP Professional
Why Eureka
  • Industry Leading Data Capabilities
  • Powerful AI technology
  • Patent DNA Extraction
Social media
Eureka Blog
Learn More
PatSnap group products

Browse by: Latest US Patents, China's latest patents, Technical Efficacy Thesaurus, Application Domain, Technology Topic, Popular Technical Reports.

© 2024 PatSnap. All rights reserved.Legal|Privacy policy|Modern Slavery Act Transparency Statement|Sitemap|About US| Contact US: help@patsnap.com