Method and system for network access control

Assignee

• ALAXALA NETWORKS CORPORATION · JP

Inventors

• Shinsuke Suzuki · Tokyo, JP
• Takeshi Shibata · Tokyo, JP
• Hidemitsu Higuchi · Yokohama, JP
• Takao Miyabe · Tokyo, JP

Key dates

Classification

• Technology area (CPC H)Electricity
• CPC primaryH04L63/145
• WIPO fieldDigital communication
• WIPO sectorElectrical engineering

Abstract

Prior art quarantine networks were implemented by two methods, the IEEE802.1x method and the DHCP method, but these methods both have different problems. The problem with the IEEE802.1x method is that it is difficult to make the transition from an existing management framework. The problem with the DHCP method is that it is difficult to prevent attacks on the network itself, and to repeat client quarantine. The present invention implements client login authentication and client security status quarantine independently, and controls layer-2 connectivity based on the respective results. This permits quarantine using an existing management framework, as well as enhancing network protection by layer-2 connection control and permitting repeat quarantine of the client using the same IP address. Moreover, by incorporating other layer-2 connectivity control mechanisms, flexible layer-2 connectivity control outside the quarantine network can also be implemented.