Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data. The wireless access point system includes a communication interface configured to report a report of a detected event type. At least a portion of the report is correlated to analyze a performance of a wireless network.

Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data. A communication interface configured to report a report of a detected event type. At least a portion of the report is correlated to analyze a performance of a wireless network.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data.

Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data. The wireless access point system includes a communication interface configured to report a report of a detected event type. At least a portion of the report is correlated to analyze a performance of a wireless network.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A first set of access rules is received from an access configuration service. The first set of access rules specifies addresses of devices authorized for a first user. A second set of access rules is received from the access configuration service. The second set of the access rules specifies addresses of devices authorized for a second user. At a wireless access point, a network packet associated with the first user is received. The first set of access rules is applied to filter the network packet.

Abstract: A wireless access point system includes a processor configured to tap event data and process the event data using a plurality of event filters. Each event filter of the plurality of event filters applies event criteria to detect one or more types of events. The wireless access point system includes a memory configured to store the tapped event data. The wireless access point system includes a communication interface configured to report a report of a detected event type, wherein At least a portion of the report is correlated to analyze a performance of a wireless network.

Abstract: Methods and systems are provided for improving a firewall implemented at a WLAN infrastructure device (WID). The WID includes a stateful firewall that implements firewall rules based on an ESSID of the WID to specify whether traffic is allowed to or from the ESSID. For example, in one implementation of such a firewall rule, packets that are required to be sent out on all wired ports can be blocked from being flooded out on WLANs (e.g., the packet is allowed to pass only to the wired ports). A method and system are provided for preventing a malicious wireless client device (WCD) that is transmitting undesirable traffic from using RF resources by deauthenticating the malicious WCD to remove it from the WLAN and blacklisting it to prevent it from rejoining the WLAN for a time period. Method and systems are also provided for either “on-demand” and/or predicatively communicating state information regarding an existing firewall session.

Abstract: The present disclosure provides systems and methods improving Transmission Control Protocol (TCP) network congestion avoidance in wireless networks. Specifically, the present disclosure decouples wired and wireless TCP connections at a wireless access point, thin access point, wireless switch, etc. The wired TCP session is terminated on the wireless access device and a wireless TCP session is automatically started for the last hop to a mobile unit. Advantageously, the wireless TCP session may utilize a congestion avoidance algorithm optimized for wireless network. Furthermore, wireless local area network (WLAN) information may be tied to the TCP stack for improved performed, e.g. an IEEE 802.11 Acknowledgement (ACK) may be considered as equivalent to a TCP ACK from the mobile unit. By splitting a TCP downstream connection into two—wireless and wired, high-jitter, high-loss wireless hops may be hidden from the remote host's TCP socket.

Abstract: A method and apparatus of establishing a connection between a wireless device and a second device includes maintaining a state of the connection between the wireless device and the second device, and receiving an indication that a wireless link to the wireless device has been lost or may be lost. In response to the receiving the indication that the wireless link to the wireless device has been lost or may be lost, the state of the connection is transitioned from a first state to a second state.

Abstract: Methods and systems are provided for improving a firewall implemented at a WLAN infrastructure device (WID). The WID includes a stateful firewall that implements firewall rules based on an ESSID of the WID to specify whether traffic is allowed to or from the ESSID. For example, in one implementation of such a firewall rule, packets that are required to be sent out on all wired ports can be blocked from being flooded out on WLANs (e.g., the packet is allowed to pass only to the wired ports). A method and system are provided for preventing a malicious wireless client device (WCD) that is transmitting undesirable traffic from using RF resources by deauthenticating the malicious WCD to remove it from the WLAN and blacklisting it to prevent it from rejoining the WLAN for a time period. Method and systems are also provided for either “on-demand” and/or predicatively communicating state information regarding an existing firewall session.