Abstract: A method for designating vegetation as potential impact vegetation includes identifying data relating to target vegetation from a dataset and determining a reach distance of the target vegetation. The reach distance includes a distance from a point on a ground to a point of the target vegetation that is farthest from the point on the ground. The method also includes comparing the reach distance of the target vegetation with a closest distance between the point on the ground and a structure to produce a compared reach distance value and determining a health indicator value for the target vegetation. The method further includes comparing the health indicator value of the target vegetation to a health indicator threshold value and designating the target vegetation as having a potential to impact the structure based on the compared reach distance value and the comparison of the health indicator to the health indicator threshold.

Abstract: A method is disclosed for determining the authentication capabilities of a supplicant before initiating an authentication conversation with a client, for example, using Extensible Authentication Protocol (EAP). In one aspect, the method provides for sending, to a supplicant that is requesting access to a computer network subject to authentication of a user of the supplicant, a list of first authentication methods that are supported by an authentication server; receiving, from the supplicant, a counter-list of second authentication methods that are supported by the supplicant; determining how many second authentication methods in the counter-list match the first authentication methods; and performing an authentication policy action based on how many of the second authentication methods match the first authentication methods. Policy actions can include blocking access, re-directing to sources of acceptable authentication methods, granting one of several levels of network access, etc.

Abstract: A method and apparatus are provided to acquire direct thermal measurements, for example, from a LiDAR collecting vehicle or air vessel, of an overhead electrical conductor substantially simultaneous with collection of 3-dimensional location data of the conductor, and utilize temperature information derived from the direct thermal measurements in line modeling, line rating, thermal line analysis, clearance analysis, and/or vegetation management.

Abstract: A method for estimating vegetation growth relative to an object of interest is disclosed. A target vegetation is identified from a second sensing dataset. A corresponding target vegetation is identified in a first sensing dataset, the first sensing dataset collected at a time before the second sensing dataset. A first statistic is attributed to the corresponding target vegetation based on a distance of one or more points of the corresponding target vegetation in the first sensing dataset relative to the object of interest. A second statistic is attributed to the target vegetation based on a distance of one or more points of the target vegetation in the second sensing dataset relative to the object of interest. An encroachment rate is determined from a comparison of the first statistic and the second statistic.

Abstract: A method for locating a stem of a target tree is disclosed. The target tree is identified from a sensing dataset. At least one slice is created from the sensing dataset. The at least one slice includes at least a portion of the target tree. A tree stem location of the target tree is determined from the at least one slice. A system for locating a stem of a target tree is also disclosed. The system has a processor configured to implement the described method. The system also has a data input coupled to the processor and configured to provide the processor with the sensing dataset. The system further has a user interface coupled to either the processor or the data input.

Abstract: A method for designating vegetation as potential impact vegetation includes identifying data relating to target vegetation from a dataset and determining a reach distance of the target vegetation. The reach distance includes a distance from a point on a ground to a point of the target vegetation that is farthest from the point on the ground. The method also includes comparing the reach distance of the target vegetation with a closest distance between the point on the ground and a structure to produce a compared reach distance value and determining a health indicator value for the target vegetation. The method further includes comparing the health indicator value of the target vegetation to a health indicator threshold value and designating the target vegetation as having a potential to impact the structure based on the compared reach distance value and the comparison of the health indicator to the health indicator threshold.

Abstract: A method and apparatus are provided to acquire direct thermal measurements, for example, from a LiDAR collecting vehicle or air vessel, of an overhead electrical conductor substantially simultaneous with collection of 3-dimensional location data of the conductor, and utilize temperature information derived from the direct thermal measurements in line modeling, line rating, thermal line analysis, clearance analysis, and/or vegetation management.

Abstract: The invention relates to a method for requesting access to services across a computer network, preferably although not exclusively to a network in which access is controlled by a AAA server. Instead of defining on the AAA server all possible network devices that may require or provide access, along with the respective services they may need, in the present invention the network devices submit access request messages which include information both identifying the device and also specifying explicitly which services are needed. On receipt of such requests, the AAA server uses its internal policies to confirm or deny access, to select appropriate services from those requested, and to instruct the provisioning of those services. The invention provides additional granularity in authentication/authorization, and also significantly reduces the amount of work required to set up and maintain the AAA server.

Abstract: A method for locating a stem of a target tree is disclosed. The target tree is identified from a sensing dataset. At least one slice is created from the sensing dataset. The at least one slice includes at least a portion of the target tree. A tree stem location of the target tree is determined from the at least one slice. A system for locating a stem of a target tree is also disclosed. The system has a processor configured to implement the described method. The system also has a data input coupled to the processor and configured to provide the processor with the sensing dataset. The system further has a user interface coupled to either the processor or the data input.

Abstract: A method for estimating vegetation growth relative to an object of interest is disclosed. A target vegetation is identified from a second sensing dataset. A corresponding target vegetation is identified in a first sensing dataset, the first sensing dataset collected at a time before the second sensing dataset. A first statistic is attributed to the corresponding target vegetation based on a distance of one or more points of the corresponding target vegetation in the first sensing dataset relative to the object of interest. A second statistic is attributed to the target vegetation based on a distance of one or more points of the target vegetation in the second sensing dataset relative to the object of interest. An encroachment rate is determined from a comparison of the first statistic and the second statistic.

Abstract: A method and apparatus for load balancing within a computer system makes use of client MAC addresses, reduced modulo N, to direct client requests to a particular server within a server farm. The method is particularly applicable to load balancing applied to AAA servers. In the preferred embodiments, the method can handle failovers and fail-back with few or no aborted authentications.

Abstract: According to one embodiment of the invention, a session list identifying communication sessions relating to supplicants that access a computer network through an access device is created and stored at an authentication server. Then, an event is received from an anti-virus system announcing an updated anti-virus policy. User input is received that requests performing posture validation for all the supplicants. Next, in response to the information received, a time value for starting the posture validation for a particular supplicant identified in the session list. Finally, in response to the information received, a request to perform posture validation is generated and sent to the access device, wherein the request includes supplicant identifying information, the time value, and instructions that instructs the access device to initiate the posture validation for that supplicant only after the time value has expired. The steps are repeated for all supplicants in the session list.

Abstract: Creating and storing troubleshooting information for providing access control information to a network device involves receiving a provisioning of control lists, and associations of the ACLs to users of the device. During authenticating a user login, a name of a first ACL is provided to the device, selected from among the ACLs based on the associations. A request is received from the device for a first ACL that is associated with a user of the device. The request includes the name of the ACL. The first ACL is sent to the network device in response to the request. Embodiments may use RADIUS for communicating ACLs from an authentication server to a firewall. A de-fragmentation approach enables downloading ACLs that exceed the maximum RADIUS packet size. Using an ACL renaming approach the firewall updates its cache when a user subsequently logs in and the corresponding ACL has changed.

Abstract: A method is disclosed for determining the authentication capabilities of a supplicant before initiating an authentication conversation with a client, for example, using Extensible Authentication Protocol (EAP). In one aspect, the method provides for sending, to a supplicant that is requesting access to a computer network subject to authentication of a user of the supplicant, a list of first authentication methods that are supported by an authentication server; receiving, from the supplicant, a counter-list of second authentication methods that are supported by the supplicant; determining how many second authentication methods in the counter-list match the first authentication methods; and performing an authentication policy action based on how many of the second authentication methods match the first authentication methods. Policy actions can include blocking access, re-directing to sources of acceptable authentication methods, granting one of several levels of network access, etc.

Abstract: A method is disclosed for determining the authentication capabilities of a supplicant before initiating an authentication conversation with a client, for example, using Extensible Authentication Protocol (EAP). In one aspect, the method provides for sending, to a supplicant that is requesting access to a computer network subject to authentication of a user of the supplicant, a list of first authentication methods that are supported by an authentication server; receiving, from the supplicant, a counter-list of second authentication methods that are supported by the supplicant; determining how many second authentication methods in the counter-list match the first authentication methods; and performing an authentication policy action based on how many of the second authentication methods match the first authentication methods. Policy actions can include blocking access, re-directing to sources of acceptable authentication methods, granting one of several levels of network access, etc.

Abstract: A method is disclosed for determining the authentication capabilities of a supplicant before initiating an authentication conversation with a client, for example, using Extensible Authentication Protocol (EAP). In one aspect, the method provides for sending, to a supplicant that is requesting access to a computer network subject to authentication of a user of the supplicant, a list of first authentication methods that are supported by an authentication server; receiving, from the supplicant, a counter-list of second authentication methods that are supported by the supplicant; determining how many second authentication methods in the counter-list match the first authentication methods; and performing an authentication policy action based on how many of the second authentication methods match the first authentication methods. Policy actions can include blocking access, re-directing to sources of acceptable authentication methods, granting one of several levels of network access, etc.

Abstract: A method is disclosed for performing on-demand posture validation for all of multiple clients or supplicants of an authentication system, comprising creating and storing a session list identifying communication sessions relating to supplicants that access a computer network through an access device; receiving input requesting performing posture validation for all the supplicants; determining a time value for starting the posture validation for a particular supplicant identified in the session list; generating and sending to the access device, a request to perform posture validation, wherein the request comprises supplicant identifying information and the time value and instructs the access device to initiate the posture validation for that supplicant only after the time value has expired; and repeating the steps of determining, generating and sending for all supplicants in the session list.