Determining security of local area network
US-2024372862-A1 · Nov 7, 2024 · US
System and method for cloning a Wi-Fi access point
US9491623B2 · US · B2
| Field | Value |
|---|---|
| Publication number | US-9491623-B2 |
| Application number | US-201514712414-A |
| Country | US |
| Kind code | B2 |
| Filing date | May 14, 2015 |
| Priority date | Sep 30, 2011 |
| Publication date | Nov 8, 2016 |
| Grant date | Nov 8, 2016 |
How to read this patent
A practical reading order for non-experts. Skip the full description unless you need deep technical detail.
- Title
What the patent document calls the invention.
- Abstract
A short plain-language summary of the technical disclosure.
- Assignees and inventors
Who owns or filed the patent and who is credited as inventor.
- Key dates
Filing, priority, publication, and grant dates set the timeline.
- First independent claim
The legal scope of protection — read this for what is actually claimed.
- CPC / IPC classifications
Technology tags used to group this patent with similar filings.
- Citations and related patents
Prior art links and similar publications in this corpus.
Abstract
Official abstract text for this publication.
Systems and methods for cloning a Wi-Fi access point. A determination is made by a network monitoring device to transition communications between a Wi-Fi device and a first access point (AP) to a second AP. The SSID and the security configuration information, and, optionally, network address translation (NAT) information of the first access point are acquired and provided to a second AP. The second AP instantiates the SSID and the security configuration information and, optionally, the NAT information. The networking monitoring device directs the first AP to cease using the SSID and the security configuration information and, optionally, the NAT information in response to receipt of confirmation that the second AP has instantiated the SSID and the security configuration information and, optionally, the NAT information of the first AP.
First claim
Opening claim text (preview).
What is claimed is: 1. A virtual access point (VAP), comprising: a processor configured with processor-executable instructions to perform operations comprising: receiving a probe message from a Wi-Fi device, wherein the probe message comprises an SSID and a MAC address of the Wi-Fi device; determining whether the Wi-Fi device is known to the VAP from the SSID and the MAC address of the Wi-Fi device; establishing a communication link to a network monitoring device in response to determining that the Wi-Fi device is known to the VAP; determining via the communication link whether the Wi-Fi device is associated with a second VAP using the SSID, the MAC address of the Wi-Fi device and a security configuration of the second VAP; providing metrics of the VAP to the network monitoring device when the Wi-Fi device is associated with the second VAP in response to determining that the Wi-Fi device is associated with the second VAP; receiving from the network monitoring device security configuration information of the second VAP via the communication link; instantiating the SSID and the security configuration information of the second VAP; and establishing communication with the Wi-Fi device using the using the SSID, the MAC address of the Wi-Fi device, and the security configuration information of the second VAP. 2. The VAP of claim 1 , wherein the processor is configured with processor-executable instructions to perform operations such that establishing a communication link to a network monitoring device in response to determining that the Wi-Fi device is known to the VAP comprises establishing a virtual private network (VPN) tunnel to a home gateway of the Wi-Fi device. 3. The VAP of claim 1 , wherein the processor is configured with processor-executable instructions to perform operations further comprising: entering an idle ready state in response to determining that the Wi-Fi device is associated with the second VAP. 4. The VAP of claim 3 , wherein the processor is configured with processor-executable instructions to perform operations such that receiving from the network monitoring device security configuration information of the second VAP via the communication link comprises receiving an instruction from the network monitoring device to instantiate the SSID and the security configuration information of the second VAP. 5. The VAP of claim 4 , wherein the processor is configured with processor-executable instructions to perform operations such that instantiating the SSID and the security configuration information of the second VAP comprises instantiating the SSID and the security configuration information of the second VAP in response to the instruction from the network monitoring device. 6. The VAP of claim 1 , wherein the processor is configured with processor-executable instructions to perform operations such that instantiating the SSID and the security configuration information of the second VAP comprises instantiating one or more of a MAC address of the second VAP and a state of the second VAP. 7. The VAP of claim 1 , wherein the processor is configured with processor-executable instructions to perform operations such that instantiating the SSID and the security configuration information of the second VAP comprises communicating to the network monitoring device that the SSID and the security configuration information of the second VAP are instantiated at the VAP. 8. A method for transitioning communication of a Wi-Fi device in a network, comprising receiving, at a first virtual access point (VAP), a probe message from a Wi-Fi device, wherein the probe message comprises an SSID and a MAC address of the Wi-Fi device; determining, at the first VAP, whether the Wi-Fi device is known to the first VAP from the SSID and the MAC address of the Wi-Fi device; establishing a communication link between the first VAP and a network monitoring device in response to determining that the Wi-Fi device is known to the first VAP; determining via the communication link whether the Wi-Fi device is associated with a second VAP using the SSID, the MAC address of the Wi-Fi device and a security configuration of the second VAP; providing metrics of the first VAP to the network monitoring device when the Wi-Fi device is associated with the second VAP in response to determining that the Wi-Fi device is associated with the second VAP; receiving, at the first VAP from the network monitoring device, security configuration information of the second VAP via the communication link; instantiating, at the first VAP, the SSID and the security configuration information of the second VAP; and establishing communication between the first VAP and the Wi-Fi device using the using the SSID, the MAC address of the Wi-Fi device, and the security configuration information of the second VAP. 9. The method of claim 8 , wherein establishing a communication link between the first VAP and a network monitoring device in response to determining that the Wi-Fi device is known to the first VAP comprises establishing a virtual private network (VPN) tunnel to a home gateway of the Wi-Fi device. 10. The method of claim 8 , further comprising: entering an idle ready state in response to determining that the Wi-Fi device is associated with the second VAP. 11. The method of claim 10 , wherein receiving, at the first VAP from the network monitoring device, security configuration information of the second VAP via the communication link comprises receiving, at the first VAP from the network monitoring device, an instruction to instantiate the SSID and the security configuration information of the second VAP. 12. The method of claim 11 , wherein instantiating, at the first VAP, the SSID and the security configuration information of the second VAP comprises instantiating, at the first VAP, the SSID and the security configuration information of the second VAP in response to the instruction from the network monitoring device. 13. The method of claim 8 , wherein instantiating, at the first VAP, the SSID and the security configuration information of the second VAP comprises instantiating, at the first VAP, one or more of a MAC address of the second VAP and a state of the second VAP. 14. The method of claim 8 , wherein instantiating, at the first VAP, the SSID and the security configuration information of the second VAP comprises communicating to the network monitoring device that the SSID and the security configuration information of the second VAP are instantiated at the first VAP.
Assignees
Inventors
Classifications
- H04L63/0272Primary
Virtual private networks · CPC title
Access security · CPC title
for managing network security; network security policies in general (filtering policies H04L63/0227) · CPC title
based on the identity of the terminal or configuration, e.g. MAC address, hardware or software configuration or device fingerprint · CPC title
- H04W12/06Primary
Authentication · CPC title
Patent family
Related publications grouped by family.
External sources
Frequently asked questions
Answers are generated from the same data shown on this page.
- What does patent US9491623B2 cover?
- Systems and methods for cloning a Wi-Fi access point. A determination is made by a network monitoring device to transition communications between a Wi-Fi device and a first access point (AP) to a second AP. The SSID and the security configuration information, and, optionally, network address translation (NAT) information of the first access point are acquired and provided to a second AP. The se…
- Who is the assignee on this patent?
- Time Warner Cable Entpr Llc
- What technology area does this patent fall under?
- Primary CPC classification H04L63/0272. Mapped technology areas include Electricity.
- When was this patent published?
- Publication date Tue Nov 08 2016 00:00:00 GMT+0000 (Coordinated Universal Time) (B2). Legal status and post-grant events are not shown on this page.
- What related patents are in patentsdb?
- We list 8 related publications on this page (citations in our corpus or others sharing the same primary CPC).