Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.

Abstract: Methods, systems and computer readable media for rogue access point detection are described.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing automatic access point registration. In some implementations, a method includes receiving an indication of automatic device onboarding activation. The method further includes receiving a selection of one or more reference devices. The method further includes determining one or more detectable devices of the one or more candidate devices to be onboarded that are detectable by at least one of the one or more reference devices. The method further includes obtaining one or more automatic configuration parameters from one or more of the reference devices. The method further includes configuring one or more of the detectable devices to be onboarded with the one or more automatic configuration parameters.

Abstract: Methods, systems, and computer readable media for providing and managing security rules and policies are described. In some implementations, a method may include receiving, at a crowdsourcing security policy server, a security policy from a first user account, and providing a crowdsourced security policy user interface including a section corresponding to the security policy configured to make the security policy available for use by other user accounts. The method may also include receiving from one or more of the other user accounts, a security policy rating corresponding to the security policy, and receiving, from one or more of the other user accounts, a user account rating corresponding to the first user account.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing automatic access point registration. In some implementations, a method includes receiving an indication of automatic device onboarding activation. The method further includes receiving a selection of one or more reference devices. The method further includes determining one or more detectable devices of the one or more candidate devices to be onboarded that are detectable by at least one of the one or more reference devices. The method further includes obtaining one or more automatic configuration parameters from one or more of the reference devices. The method further includes configuring one or more of the detectable devices to be onboarded with the one or more automatic configuration parameters.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing automatic access point registration. In some implementations, a method includes receiving an indication of automatic device on-boarding activation. The method further includes receiving a selection of one or includes identification more reference devices. The method further includes determining one or more detectable devices of the one or more candidate devices to be onboarded that are detectable by at least one of the one or more reference devices. The method further includes obtaining one or more automatic configuration parameters from one or more of the reference devices. The method further includes configuring one or more of the detectable devices to be onboarded with the one or more automatic configuration parameters.

Abstract: Methods, systems and computer readable media for rogue access point detection are described.

Abstract: Methods, systems and computer readable media for rogue access point detection are described.

Abstract: Methods, systems, and computer readable media for providing and managing security rules and policies are described. In some implementations, a method may include receiving, at a crowdsourcing security policy server, a security policy from a first user account, and providing a crowdsourced security policy user interface including a section corresponding to the security policy configured to make the security policy available for use by other user accounts. The method may also include receiving from one or more of the other user accounts, a security policy rating corresponding to the security policy, and receiving, from one or more of the other user accounts, a user account rating corresponding to the first user account.

Abstract: Methods, systems, and computer readable media for providing and managing security rules and policies are described. In some implementations, a method may include receiving network information corresponding to a first network, and programmatically analyzing the network information. The method may also include programmatically determining one or more security policies from a library of security policies, the programmatically determining based on a result of programmatically analyzing the network information. The method may further include providing a recommendation to a user, wherein the recommendation includes at least one of the one or more security policies.

Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.

Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.

Abstract: Methods, systems and computer readable media for rogue device detection are described. The method may include automatically generating one or more dummy network identifiers associated with a wireless network, advertising the one or more dummy network identifiers, and identifying a device as a suspect device based on receiving a connection attempt to at least one of the one or more dummy network identifiers by the device. The method can also include allocating a virtual local area network within the wireless network to process traffic associated with the at least one of the one or more dummy network identifiers, and monitoring network traffic of the suspect device on the virtual local area network. The method can further include, if the monitored network traffic meets an abnormality threshold, determining that the suspect device is a rogue device, and performing an action to protect the wireless network from the rogue device.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing threat index based wireless local area networks (WLAN) security and quality of service. In one implementation, a method includes receiving a request from a client device connected to a network via a network link. The method further includes determining a threat index value for the client device. The method further includes determining one or more security policies associated with one or more respective network resources, where each security policy applies one or more rules for allocating one of the network resources. The method further includes determining allocation of one or more of the network resources to the client device based on the one or more security policies and the threat index value.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing automatic access point registration. In some implementations, a method includes receiving an indication of automatic device on-boarding activation. The method further includes receiving a selection of one or includes identification more reference devices. The method further includes determining one or more detectable devices of the one or more candidate devices to be onboarded that are detectable by at least one of the one or more reference devices. The method further includes obtaining one or more automatic configuration parameters from one or more of the reference devices. The method further includes configuring one or more of the detectable devices to be onboarded with the one or more automatic configuration parameters.

Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.

Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing threat index based wireless local area networks (WLAN) security and quality of service. In one implementation, a method includes receiving a request from a client device connected to a network via a network link. The method further includes determining a threat index value for the client device. The method further includes determining one or more security policies associated with one or more respective network resources, where each security policy applies one or more rules for allocating one of the network resources. The method further includes determining allocation of one or more of the network resources to the client device based on the one or more security policies and the threat index value.

Abstract: Implementations generally relate methods, systems, and computer readable media for providing threat index based wireless local area networks (WLAN) security and quality of service. In one implementation, a method includes receiving a request from a client device connected to a network via a network link. The method further includes determining a threat index value for the client device. The method further includes determining one or more security policies associated with one or more respective network resources, where each security policy applies one or more rules for allocating one of the network resources. The method further includes determining allocation of one or more of the network resources to the client device based on the one or more security policies and the threat index value.

Abstract: A method includes establishing a wireless link between a wireless interface of an endpoint and a WAP; exchanging, through the wireless link, network traffic associated with execution of an application at the endpoint; executing, at the endpoint, a security routine to monitor a security status of the endpoint; establishing, through the wireless link, a secure channel that shares the wireless link with the network traffic of the application, the secure channel to extend from the security routine to a supervisor through the wireless link and the WAP; conveying, from the security routine and through the secure channel, an indication of the security status; receiving, at the security routine and through the secure channel, a command to change a setting of the wireless interface associated with a characteristic of the wireless link; and accessing, from the security routine, the wireless interface to effect the change in response to receiving the command.