Abstract: The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.

Abstract: Techniques for enhancing security in networking environments, whereby a cryptographic node negotiates a set of security parameters (a “security association”) with an end node, on behalf of a routing node (an “edge router”), and then securely distributes the negotiated security parameters to the edge router and/or to other edge routers in the network. The disclosed negotiation techniques allow the end node to physically move during the negotiation, yet still establish the security association, and the secure distribution enables the end node to move seamlessly through the network yet continue communicating securely. The disclosed techniques may also be used advantageously in other environments, such as clustered server environments, and allow an end node to communicate with multiple routing or server nodes for a variety of reasons (for example, during a hot-swap to a different server during fail-over or as a result of load balancing).

Abstract: The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.

Abstract: The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.

Abstract: Techniques for enhancing security in networking environments, whereby a cryptographic node negotiates a set of security parameters (a “security association”) with an end node, on behalf of a routing node (an “edge router”), and then securely distributes the negotiated security parameters to the edge router and/or to other edge routers in the network. The disclosed negotiation techniques allow the end node to physically move during the negotiation, yet still establish the security association, and the secure distribution enables the end node to move seamlessly through the network yet continue communicating securely. The disclosed techniques may also be used advantageously in other environments, such as clustered server environments, and allow an end node to communicate with multiple routing or server nodes for a variety of reasons (for example, during a hot-swap to a different server during fail-over or as a result of load balancing).

Abstract: The present invention provides methods, systems, and computer program instructions for providing location-independent packet routing and secure access in a wireless networking environment (such as that encountered within a building), enabling client devices to travel seamlessly within the environment. Each client device uses a constant address. An address translation process that is transparent to the client and server is automatically performed as the device roams through the environment, enabling efficient client migration from one supporting access point to another. The secure access techniques provide user-centric authentication and allow policy-driven packet filtering, while taking advantage of encryption capabilities that are built in to the hardware at each endpoint.