Abstract: The present invention proposes a method and network element which allows increasing, in different aspects, communications network protection in a single network element. This element will have the ability to manage and provide the mechanisms needed for communications, user and device protection without having to cooperate with end systems (i.e., in a transparent manner for said systems). The present invention proposes a new physical and logical architecture for said network element with various databases and verification and learning mechanisms, offering protection, management and automation abilities much greater than the systems existing today.

Abstract: A method, system and network element are disclosed which allows securing, customizing and generally improving network equipment (device) configuration and DHCP network address identification, assignment and distribution mechanism, such that network address and parameter configuration, assignment and distribution in a communications network is performed in a more optimum and secure manner. The DHCP protocol is improved using policies based on roles (profiles) directly linked to the physical identification of the device (for example, to its MAC address).

Abstract: The present invention proposes a method and network element which allows improving, in different aspects, existing user authentication mechanisms in a communications network (for example, the 802.1x network), using a single network element. To that end, the element managing communications network access (for example, a router) will have a new physical and logical architecture (with various databases and verification and learning mechanisms) expanding the ability of said element, such that said element incorporates an authentication system to manage and provide the mechanisms needed for protecting communications, offering protection, management and automation abilities much greater than the systems existing today.