Abstract: A system that includes a threat management server configured to store a device log identifying device information for endpoint devices that have passed authentication. The threat management server is configured to determine that first device information for an endpoint device obtained from a switch and second device information for the endpoint device from the device log file do not match, and, in response, block the endpoint device from accessing a network. The switch is operably coupled to the threat management server and configured to collect the first device information for the endpoint device and send it to the threat management engine.

Abstract: A system includes a switch that includes a plurality of ports and a threat management server coupled to the switch. The threat management server includes a memory and a threat management engine. The memory stores a port exemption log identifying ports on the switch configured to bypass authentication, and device information for endpoint devices connected to the ports on the switch configured to bypass authentication. The threat management engine is configured to receive an exemption request requesting an authentication exemption for a first port, add the first port to the port exemption log, and send an exemption command to the switch identifying the first port. The exemption command triggers the switch to bypass authentication for the first port.

Abstract: A system includes a switch that includes a plurality of ports and a threat management server coupled to the switch. The threat management server includes a memory and a threat management engine. The memory stores a port exemption log identifying ports on the switch configured to bypass authentication, and device information for endpoint devices connected to the ports on the switch configured to bypass authentication. The threat management engine is configured to receive an exemption request requesting an authentication exemption for a first port, add the first port to the port exemption log, and send an exemption command to the switch identifying the first port. The exemption command triggers the switch to bypass authentication for the first port.

Abstract: A system that includes a threat management server configured to store a device log identifying device information for endpoint devices that have passed authentication. The threat management server is configured to determine that first device information for an endpoint device obtained from a switch and second device information for the endpoint device from the device log file do not match, and, in response, block the endpoint device from accessing a network. The switch is operably coupled to the threat management server and configured to collect the first device information for the endpoint device and send it to the threat management engine.

Abstract: A system that includes a threat management server configured to store a port exemption log that identifies ports on a switch configured to bypass authentication and endpoint devices connected the ports configured to bypass authentication. The threat management server interrogates a switch for switch information identifying ports on the switch configured to bypass authentication and endpoint devices connected the ports configured to bypass authentication. The threat management server compares the switch information to the information in the port exemption log. The threat management server identifies a port based on differences between the received switch information and the port exemption log and enables port authentication for the identified port in response to identifying the differences.

Abstract: A system that includes a threat management server configured to store a device log identifying device information for endpoint devices that have passed authentication. The threat management server is configured to identify an endpoint device from the device log file and to identify a switch connected the endpoint device. The threat management server is further configured to send a device information request to the switch requesting device information for the endpoint device. The threat management server is configured to compare the received information to the information in the device log file. The threat management server is configured to block the endpoint device from accessing a communications network in response to determining the received device information does not match the information in the device log file.

Abstract: A system that includes a threat management server configured to store a device log identifying location information for endpoint devices that have passed authentication. The threat management server is configured to identify an endpoint device from the device log file and to identify a switch connected the endpoint device. The threat management server is further configured to send a location information request to the switch requesting location information for the endpoint device. The threat management server is configured to compare the received information to the information in the device log file. The threat management server is configured to block the endpoint device from accessing a communications network in response to determining the received location information does not match the information in the device log file.

Abstract: A system that includes a threat management server configured to store a port exemption log that identifies ports on a switch configured to bypass authentication and endpoint devices connected the ports configured to bypass authentication. The threat management server interrogates a switch for switch information identifying ports on the switch configured to bypass authentication and endpoint devices connected the ports configured to bypass authentication. The threat management server compares the switch information to the information in the port exemption log. The threat management server identifies a port based on differences between the received switch information and the port exemption log and enables port authentication for the identified port in response to identifying the differences.

Abstract: A system that includes a threat management server configured to store a device log identifying device information for endpoint devices that have passed authentication. The threat management server is configured to identify an endpoint device from the device log file and to identify a switch connected the endpoint device. The threat management server is further configured to send a device information request to the switch requesting device information for the endpoint device. The threat management server is configured to compare the received information to the information in the device log file. The threat management server is configured to block the endpoint device from accessing a communications network in response to determining the received device information does not match the information in the device log file.

Abstract: A system that includes a threat management server configured to store a device log identifying location information for endpoint devices that have passed authentication. The threat management server is configured to identify an endpoint device from the device log file and to identify a switch connected the endpoint device. The threat management server is further configured to send a location information request to the switch requesting location information for the endpoint device. The threat management server is configured to compare the received information to the information in the device log file. The threat management server is configured to block the endpoint device from accessing a communications network in response to determining the received location information does not match the information in the device log file.