Abstract: The present invention provides method and systems for dynamically mirroring network traffic. The mirroring of network traffic may comprise data that may be considered of particular interest. The network traffic may be mirrored by a mirror service portal from a mirror sender, referred to as a mirror source, to a mirror receiver, referred to as a mirror destination, locally or remotely over various network segments, such as private and public networks and the Internet. The network traffic may be mirrored to locations not involved in the network communications being mirrored. The present invention provides various techniques for dynamically mirroring data contained in the network traffic from a mirror source to a mirror destination.

Abstract: The subject matter described herein includes methods, systems, and computer readable media for advanced distribution in a link aggregation group (LAG). In some examples, a packet forwarding device includes physical ports for sending and receiving network traffic. The packet forwarding device includes one or more packet processors configured to perform LAG distribution by distributing incoming packets across active links of a first LAG formed between the packet forwarding device and one or more network devices. The incoming packets are in route to a destination device in communication with one of the network devices. The packet processors are configured, in an advanced distribution mode, to transmit a first packet of the plurality of incoming packets for the first LAG over a selected active link selected from a subset of the plurality of active links for the first LAG.

Abstract: The present invention provides method and systems for activating or deactivating network devices by managing the power of the network device. By controlling the power for network devices, the size and coverage of the network can be adjusted to meet the needs for the current usage. This can be particularly advantageous in wireless networks where multiple wireless access points may be provided to provide coverage during peak usage but present the additional security concern of the network being accessible to unauthorized users. Being able to power down unneeded wireless access points during off-peak usage allows for the minimization of such potential security concerns.

Abstract: The subject matter described herein includes methods, systems, and computer readable media for advanced distribution in a link aggregation group (LAG). In some examples, a packet forwarding device includes physical ports for sending and receiving network traffic. The packet forwarding device includes one or more packet processors configured to perform LAG distribution by distributing incoming packets across active links of a first LAG formed between the packet forwarding device and one or more network devices. The incoming packets are in route to a destination device in communication with one of the network devices. The packet processors are configured, in an advanced distribution mode, to transmit a first packet of the plurality of incoming packets for the first LAG over a selected active link selected from a subset of the plurality of active links for the first LAG.

Abstract: The present invention provides method and systems for dynamically mirroring network traffic. The mirroring of network traffic may comprise data that may be considered of particular interest. The network traffic may be mirrored by a mirror service portal from a mirror sender, referred to as a mirror source, to a mirror receiver, referred to as a mirror destination, locally or remotely over various network segments, such as private and public networks and the Internet. The network traffic may be mirrored to locations not involved in the network communications being mirrored. The present invention provides various techniques for dynamically mirroring data contained in the network traffic from a mirror source to a mirror destination.

Abstract: A device and a method for dispensing pharmacy/clinic loaded medications are described herein. The device may include multiple chambers, each chamber having stored therein one type of medication. Each chamber may have a cavity located along a rotating drum. Rotation of the drum causes the chamber to dispense the medications according to a defined schedule.

Abstract: A request for network access is received from a client device at a network entry device of a network infrastructure. The network infrastructure determines a physical location of the client device and determines authorization of the client device based on the physical location. The approach can include providing the physical location along with other user credentials to an authorizing device. The method can also include determining a level of service based on the physical location. Communication for the approach can make use of the IEEE 802.1X protocol.

Abstract: The present invention provides method and systems for dynamically mirroring network traffic. The mirroring of network traffic may comprise data that may be considered of particular interest. The network traffic may be mirrored by a mirror service portal from a mirror sender, referred to as a mirror source, to a mirror receiver, referred to as a mirror destination, locally or remotely over various network segments, such as private and public networks and the Internet. The network traffic may be mirrored to locations not involved in the network communications being mirrored. The present invention provides various techniques for dynamically mirroring data contained in the network traffic from a mirror source to a mirror destination.

Abstract: The intrusion detection function monitors for and reports detected intrusion signatures. The dynamic intrusion signatures function determines whether reported intrusion signatures exist in a library of signatures associated with a particular intrusion detection function. If the reported signature does not exist in the library, the library is updated. Detected intrusion signatures are reported to similarly enabled devices for library analysis and updating, if necessary. The related method includes the steps of monitoring for intrusion signatures or other triggering events, analyzing the events and updating IDS signature libraries as necessary.

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.

Abstract: A lost contact policy response system and related method for adjusting the operation of one or more network infrastructure devices upon detection of a loss of contact with a policy server function. The response system includes a policy enforcement function (“PEF”), a policy manager function, and either or both of policy set(s) and policy enforcement rule (“PER”) set(s). The PEF implements stored or generated PER set(s). The policy manager function includes a monitoring function and an analysis function. The monitoring function monitors for continuing connectivity or signal exchange contact with a network policy server function. The analysis function selects a designated policy, policy set, PER or PER set, and instructs the PEF to implement the selected policy, PER or set. The policy and/or PER sets may be pre-installed, updated, re-installed, revised, or otherwise changed when and as desired. The related method includes corresponding steps for implementing the operations of the functions described.

Abstract: The present invention provides method and systems for activating or deactivating network devices by managing the power of the network device. By controlling the power for network devices, the size and coverage of the network can be adjusted to meet the needs for the current usage. This can be particularly advantageous in wireless networks where multiple wireless access points may be provided to provide coverage during peak usage but present the additional security concern of the network being accessible to unauthorized users. Being able to power down unneeded wireless access points during off-peak usage allows for the minimization of such potential security concerns.

Abstract: A method of determining a physical location of a device connected to a data network infrastructure including a plurality of connection points at different physical locations, the method including establishing a connection with the data network infrastructure via a cable-based transmission medium, wherein a communication signal passes via the cable-based transmission medium including at least one of the plurality of connection points. A connection point identifier is determined based, at least in part, upon the at least one of the plurality of connection points. A signal characteristic of the communication signal passing via the cable-based transmission medium between the device and the data network infrastructure through the at least one of the plurality of connection points is measured.

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the minor destination point.

Abstract: In one embodiment of a method and apparatus for protecting data, voice, and video networks from individuals with malicious intent, a real network or network device has a vicarious simulated counterpart that may take the place of the real device or network upon appropriate triggering. The simulated counterpart behaves like the real device, but records the suspect transactions. The integrity of the real network or device is therefore continuously maintained because the suspect is isolated from the real network and the suspect transactions are not passed on to the actual device or network. The recorded transactions may then be analyzed for purposes of exposing the perpetrator, discovering perpetrator behavior patterns, and identifying device or network security weaknesses.

Abstract: The present invention provides method and systems for activating or deactivating network devices by managing the power of the network device. By controlling the power for network devices, the size and coverage of the network can be adjusted to meet the needs for the current usage. This can be particularly advantageous in wireless networks where multiple wireless access points may be provided to provide coverage during peak usage but present the additional security concern of the network being accessible to unauthorized users. Being able to power down unneeded wireless access points during off-peak usage allows for the minimization of such potential security concerns.

Abstract: A system and method that provides dynamic network policy management. The system enables a network administrator to regulate usage of network services upon initiation of and throughout network sessions. The system employs a method of identifying selectable characteristics of attached functions to establish static and dynamic policies, which policies may be amended before, during and after any session throughout the network based on the monitored detection of any of a number of specified triggering events or activities. Particular policies associated with a particular identified attached function in prior sessions may be cached or saved and employed in subsequent sessions to provide network usage permissions more rapidly in such subsequent sessions. The cached or saved policy information may also be used to identify network usage, control, and security. The system and method of the present invention provides static and dynamic policy allocation for network usage provisioning.

Abstract: A system that associates physical locations with network-linked devices in a network to which such devices are connected. This system employs a variety of techniques for establishing device location. The system configuration can vary and can include any type of data network, including LANs, MANs, Wide Area Networks (WANs), Personal Area Networks (PANs), and Home Networks. The system provides location information for particular devices to the network devices and management, and may be used in any of a variety of ways to improve configuration accuracy, control, and security. The location information may also be used to control or secure a device itself.

Abstract: A method for location discovery in a data network includes receiving, at a first device, connection information from a neighboring network device and determining a physical location of the first device based on the connection information. The method can include receiving, at the first device, the physical location transmitted from the neighboring network device. The method can further include associating a level of trust with the physical location based on the neighboring network device. The first device be one of a variety of devices, such as a router, a switch, a network entry device, a firewall device, or a gateway.

Abstract: Systems and methods are provided for preserving the privacy of data contained in mirrored network traffic. The mirrored network traffic may comprise data that may be considered confidential, privileged, private, or otherwise sensitive data. For example, the data payload of a frame of mirrored network traffic may include private Voice over IP (VoIP) communications between users on one or more networks. The present invention provides various techniques for securing the privacy of data contained in the mirrored network traffic. Using the techniques of the present invention, network traffic comprising confidential, privileged, private, or otherwise sensitive data may be mirrored in such a manner as to provide for the privacy of such data over at least a portion if not all of the mirrored communications between the mirror source point and the mirror destination point.