Patents by Inventor Anoop Kumaran Nair
Anoop Kumaran Nair has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 11792193Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.Type: GrantFiled: November 10, 2021Date of Patent: October 17, 2023Assignee: Hewlett Packard Enterprise Development LPInventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Bhagya Prasad Nittur, Antoni Milton
-
Patent number: 11418515Abstract: Methods and systems for specifying and enforcing network policies are provided. One method for configuring a network that includes a plurality of heterogeneous network access devices includes creating a network enforcement profile based on at least one enforcement policy, and determining a network access device group of the plurality of heterogeneous network access devices that are capable of managing the enforcement profile. The method further includes providing vendor-specific configuration parameters for at least one network access device of the network access device group so as to cause the network to manage the network enforcement profile, and applying the vendor-specific configuration parameters to the at least one network access device.Type: GrantFiled: June 3, 2019Date of Patent: August 16, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Pattabhi Attaluri, Venkatesh Ramachandran, Bhagya Prasad Nittur, Antoni Milton
-
Publication number: 20220070168Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.Type: ApplicationFiled: November 10, 2021Publication date: March 3, 2022Inventors: Rajesh Kumar GANAPATHY ACHARI, Anoop Kumaran NAIR, Venkatesh RAMACHANDRAN, Pattabhi ATTALURI, Bhagya Prasad NITTUR, Antoni MILTON
-
Patent number: 11228618Abstract: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.Type: GrantFiled: August 1, 2019Date of Patent: January 18, 2022Assignee: Hewlett Packard Enterprise Development LPInventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Rajarao Bhagya Prasad Nittur, Antoni Milton
-
Patent number: 11212292Abstract: Systems and methods are provided for chaining network access control authorization processes. A method includes executing a first authorization process to generate a first authorization result for a user according to first authorization data obtained from a first authorization source corresponding to the first authorization process; executing a second authorization process to generate a second authorization result for the user according to second authorization data obtained from a second authorization source corresponding to the second authorization process and the first authorization data obtained by the first authorization process; and authorizing the user to access a network resource according to the first authorization result generated by the first authorization process and the second authorization result generated by the second authorization process.Type: GrantFiled: July 1, 2019Date of Patent: December 28, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Bhagya Prasad Nittur, Anoop Kumaran Nair, Antoni Milton
-
Patent number: 11201864Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.Type: GrantFiled: June 3, 2019Date of Patent: December 14, 2021Assignee: Hewlett Packard Enterprise Development LPInventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Bhagya Prasad Nittur, Antoni Milton
-
Publication number: 20210037059Abstract: A process, system, and non-transient computer readable medium that provides device automation support for the dynamic activation, authentication, and accounting of network access and network access devices while enabling seamless multi-vendor support for change of authorization through multiple network protocols. The process, system, and non-transient computer readable media also provides security threat remediation that can be automated at the device, network access, traffic inspection, and/or threat protection level by taking action on a device by triggering actions in a bidirectional manner.Type: ApplicationFiled: August 1, 2019Publication date: February 4, 2021Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Bhagya Prasad NR, Antoni Milton
-
Publication number: 20210006564Abstract: Systems and methods are provided for chaining network access control authorization processes. A method includes executing a first authorization process to generate a first authorization result for a user according to first authorization data obtained from a first authorization source corresponding to the first authorization process; executing a second authorization process to generate a second authorization result for the user according to second authorization data obtained from a second authorization source corresponding to the second authorization process and the first authorization data obtained by the first authorization process; and authorizing the user to access a network resource according to the first authorization result generated by the first authorization process and the second authorization result generated by the second authorization process.Type: ApplicationFiled: July 1, 2019Publication date: January 7, 2021Inventors: Bhagya Prasad Nittur, Anoop Kumaran Nair, Antoni Milton
-
Publication number: 20200382497Abstract: Methods and systems for providing vendor agnostic captive portal authentication in a network that includes a plurality of network access devices are provided. For instance, one method includes receiving a redirect request for a communication between a first user-terminal and a first network access device, the redirect request including at least one of a vendor-specific item of information of the first network access device and an Internet Protocol (IP) address of the first network access device. The method further includes comparing the at least one of the vendor-specific item of information of the first network access device and the IP address of the first network access device against each of a plurality of entries of a network access device database, and providing the first user-terminal access to a captive portal page in response to an appropriate match.Type: ApplicationFiled: June 3, 2019Publication date: December 3, 2020Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Pattabhi Attaluri, Bhagya Prasad Nittur, Antoni Milton
-
Publication number: 20200382516Abstract: Methods and systems for specifying and enforcing network policies are provided. One method for configuring a network that includes a plurality of heterogeneous network access devices includes creating a network enforcement profile based on at least one enforcement policy, and determining a network access device group of the plurality of heterogeneous network access devices that are capable of managing the enforcement profile. The method further includes providing vendor-specific configuration parameters for at least one network access device of the network access device group so as to cause the network to manage the network enforcement profile, and applying the vendor-specific configuration parameters to the at least one network access device.Type: ApplicationFiled: June 3, 2019Publication date: December 3, 2020Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Pattabhi Attaluri, Venkatesh Ramachandran, Bhagya Prasad Nittur, Antoni Milton
-
Patent number: 10805163Abstract: An example non-transitory memory resource including instructions executable by the processing resource to monitor device information for a plurality of devices, wherein the plurality of devices comprise at least one device of an unknown device type, identify behavior attributes for the plurality of devices based on the monitored device information, cluster the plurality of devices into groups based on the behavior attributes, identify a device type for the plurality of devices based on the group of the plurality of devices; and present identifiers for each of the plurality of devices, based on the device type of the plurality of devices.Type: GrantFiled: August 21, 2018Date of Patent: October 13, 2020Assignee: Hewlett Packard Enterprise Development LPInventors: Sebastien Tandel, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair
-
Patent number: 10581827Abstract: In general, in one aspect, embodiments relate to receiving, by a system comprising one or more network devices, a first client authentication information comprising a first indication that a first client device was successfully authenticated by a first authentication server based on credentials provided by the first client device, and forwarding, by the system, the first client authentication information to a second authentication server without determining that the client device was already successfully authenticated by the first authentication server based on the credentials provided by the first client device. The operations further include receiving, by the system from the second authentication server, a second indication that the first client device was successfully authenticated, and based on the second indication received by the system from the second authentication server, granting, by the system, network access to the first client device.Type: GrantFiled: January 29, 2019Date of Patent: March 3, 2020Assignee: HEWLETT PACKARD ENTERPRISE DEVELOPMENT LPInventors: Venkatraju Tumkur Venkatanaranappa, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Santhosh Cheeniyil
-
Publication number: 20200067777Abstract: An example non-transitory memory resource including instructions executable by the processing resource to monitor device information for a plurality of devices, wherein the plurality of devices comprise at least one device of an unknown device type, identify behavior attributes for the plurality of devices based on the monitored device information, cluster the plurality of devices into groups based on the behavior attributes, identify a device type for the plurality of devices based on the group of the plurality of devices; and present identifiers for each of the plurality of devices, based on the device type of the plurality of devices.Type: ApplicationFiled: August 21, 2018Publication date: February 27, 2020Inventors: Sebastien Tandel, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair
-
Publication number: 20190173871Abstract: In general, in one aspect, embodiments relate to receiving, by a system comprising one or more network devices, a first client authentication information comprising a first indication that a first client device was successfully authenticated by a first authentication server based on credentials provided by the first client device, and forwarding, by the system, the first client authentication information to a second authentication server without determining that the client device was already successfully authenticated by the first authentication server based on the credentials provided by the first client device. The operations further include receiving, by the system from the second authentication server, a second indication that the first client device was successfully authenticated, and based on the second indication received by the system from the second authentication server, granting, by the system, network access to the first client device.Type: ApplicationFiled: January 29, 2019Publication date: June 6, 2019Inventors: Venkatraju Tumkur Venkatanaranappa, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Santhosh Cheeniyil
-
Patent number: 10193878Abstract: In general, in one aspect, embodiments relate to receiving, by a system comprising one or more network devices, a first client authentication information comprising a first indication that a first client device was successfully authenticated by a first authentication server based on credentials provided by the first client device, and forwarding, by the system, the first client authentication information to a second authentication server without determining that the client device was already successfully authenticated by the first authentication server based on the credentials provided by the first client device. The operations further include receiving, by the system from the second authentication server, a second indication that the first client device was successfully authenticated, and based on the second indication received by the system from the second authentication server, granting, by the system, network access to the first client device.Type: GrantFiled: October 31, 2013Date of Patent: January 29, 2019Assignee: Hewlett Packard Enterprise Development LPInventors: Venkatraju Tumkur Venkatanaranappa, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Santhosh Cheeniyil
-
Patent number: 9866522Abstract: The present disclosure discloses a method and a network device for controlling DHCP pool exhaustion in dynamic network environments. Specifically, a network device determines that a client device is assigned an Internet Protocol (IP) address by a DHCP server. The network device detects that the client device is disconnected from a network associated with the IP address, for example, by receiving a de-association message from the client device; determining that a session or an entry corresponding to the client device has timed out; determining that the client device has failed to respond to one or more messages transmitted to the client device; determining that the client device has connected to another network different than said network; etc. In response, the network device then generates a DHCP release message on behalf of the client device, and transmits the DHCP release message to the DHCP server.Type: GrantFiled: July 29, 2014Date of Patent: January 9, 2018Assignee: ARUBA NETWORKS, INC.Inventors: Avignan Chatterjee, Rajesh Kumar Ganapathy Achari, Srinivasan Jayarajan, Harsha Nagaraja, Anoop Kumaran Nair, Venkatesh Ramachandran, Isaac Theogaraj, Venkatraju Venkatanaranappa
-
Patent number: 9824193Abstract: The present disclosure discloses a method and network device for using mobile devices with validated user network identity as physical identity proof. Responsive to successfully authenticating a client device for network access, a system generates a network credential for the client device and transmits the network credential to the client device. Further, the system detects that the client device is within a range of a short range wireless device that is associated with a particular physical action. Consequently, the system validates the network credential that the client device possesses. Based on the network credential, the system determines that the client device has permissions for performing the particular physical action, and causes performance of the particular physical action.Type: GrantFiled: July 29, 2014Date of Patent: November 21, 2017Assignee: ARUBA NETWORKS, INC.Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Venkatraju Venkatanaranappa
-
Patent number: 9590972Abstract: In general, in one aspect, embodiments relate to receiving, by a system of one or more network devices from a client device, a request to access one or more applications, determining, by the system, that the client device has already been authenticated to access a network, and based on determining that the client device has already been authenticated to access the network, causing authenticating of the client device for accessing the one or more applications.Type: GrantFiled: October 31, 2013Date of Patent: March 7, 2017Assignee: ARUBA NETWORKS, INC.Inventors: Venkatraju Tumkur Venkatanaranappa, Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Santhosh Cheeniyil
-
Publication number: 20160036770Abstract: The present disclosure discloses a method and a network device for controlling DHCP pool exhaustion in dynamic network environments. Specifically, a network device determines that a client device is assigned an Internet Protocol (IP) address by a DHCP server. The network device detects that the client device is disconnected from a network associated with the IP address, for example, by receiving a de-association message from the client device; determining that a session or an entry corresponding to the client device has timed out; determining that the client device has failed to respond to one or more messages transmitted to the client device; determining that the client device has connected to another network different than said network; etc. In response, the network device then generates a DHCP release message on behalf of the client device, and transmits the DHCP release message to the DHCP server.Type: ApplicationFiled: July 29, 2014Publication date: February 4, 2016Applicant: Aruba Networks, Inc.Inventors: Avignan Chatterjee, Rajesh Kumar Ganapathy Achari, Srinivasan Jayarajan, Harsha Nagaraja, Anoop Kumaran Nair, Venkatesh Ramachandran, Isaac Theogaraj, Venkatraju Venkatanaranappa
-
Publication number: 20160035159Abstract: The present disclosure discloses a method and network device for using mobile devices with validated user network identity as physical identity proof. Responsive to successfully authenticating a client device for network access, a system generates a network credential for the client device and transmits the network credential to the client device. Further, the system detects that the client device is within a range of a short range wireless device that is associated with a particular physical action. Consequently, the system validates the network credential that the client device possesses. Based on the network credential, the system determines that the client device has permissions for performing the particular physical action, and causes performance of the particular physical action.Type: ApplicationFiled: July 29, 2014Publication date: February 4, 2016Applicant: ARUBA NETWORKS, INC.Inventors: Rajesh Kumar Ganapathy Achari, Anoop Kumaran Nair, Venkatesh Ramachandran, Venkatraju Venkatanaranappa