Abstract: The invention relates to a computer-implemented system and method for efficiently configuring the security rules for application firewalls in a cloud-based infrastructure, the cloud-based infrastructure containing at least one of a virtual machine comprising an application, a Domain Name System (DNS) Agent, and a firewall. The method may comprise requesting, by the application, network address information via a DNS server for a fully qualified domain name (FQDN); intercepting, by the DNS Agent, data packets containing the DNS Server query response; decoding, by the DNS Agent, the DNS query response, and identifying the network address information; and updating a security rule of the firewall, by the DNS Agent, based on the decoded network address information. The method may be implemented to update the security rules of application firewalls across an organization's cloud-based infrastructure.

Abstract: The invention relates to a computer-implemented system and method for efficiently configuring the security rules for application firewalls in a cloud-based infrastructure, the cloud-based infrastructure containing at least one of a virtual machine comprising an application, a Domain Name System (DNS) Agent, and a firewall. The method may comprise requesting, by the application, network address information via a DNS server for a fully qualified domain name (FQDN); intercepting, by the DNS Agent, data packets containing the DNS Server query response; decoding, by the DNS Agent, the DNS query response, and identifying the network address information; and updating a security rule of the firewall, by the DNS Agent, based on the decoded network address information. The method may be implemented to update the security rules of application firewalls across an organization's cloud-based infrastructure.

Abstract: A system may include a client device to connect to a network and a network device communicatively coupled to the client device. The network device may determine that the client device has been authenticated to the network via a captive portal page. The network device may further create a ticket corresponding to the client device. Possession of the ticket by the client device may indicate authentication of the client device to the network. The network device may then transmit the ticket to the client device for storage on the client device. The stored ticket may enable the client device to remain authenticated to the network after a period of inactivity.

Abstract: A system may include a client device to connect to a network and a network device communicatively coupled to the client device. The network device may determine that the client device has been authenticated to the network via a captive portal page. The network device may further create a ticket corresponding to the client device. Possession of the ticket by the client device may indicate authentication of the client device to the network. The network device may then transmit the ticket to the client device for storage on the client device. The stored ticket may enable the client device to remain authenticated to the network after a period of inactivity.

Abstract: A non-transitory computer readable medium includes instructions which, when executed by one or more network devices, causes performance of operations. The operations include sending, to shared devices, one or more status queries regarding one or more device conditions for each of the shared devices, obtaining responses to the one or more status queries from each of the plurality of shared devices, the responses including the one or more device conditions for each of the shared devices, filtering the shared devices based on the one or more device conditions to obtain a subset of the shared devices, identifying the subset of the shared devices as a set of available shared devices, and transmitting information identifying the set of available shared devices to a client device.

Abstract: A non-transitory computer readable medium includes computer readable program code including instructions for subsequent to a client device associating with an access point, receiving a request for a set of allowed shared devices, removing, by the access point and to obtain the set of allowed shared devices, a shared device from a set of shared devices based on a client device user of the client device failing to have a permission required by a device sharing policy of the shared device, and transmitting the set of allowed shared devices to the client device.

Abstract: The present disclosure discloses a method and network device for providing location approximation and discovery of wired servers in a network. Specifically, a network device can store information indicating that a first client device, with a first set of one or more characteristics, selected a particular shared device from a plurality of shared devices of a first type. The network device then receives, from a second client device, a request for a shared device of the first type. Subsequently, the network device determines that the second client device is associated with the same first set of characteristics as the first client device that selected the particular shared device. Responsive to such determination, the network device presents the particular shared device as an option for selection by the second client device.

Abstract: The present disclosure discloses a method and network device for providing location approximation and discovery of wired servers in a network. Specifically, a network device can store information indicating that a first client device, with a first set of one or more characteristics, selected a particular shared device from a plurality of shared devices of a first type. The network device then receives, from a second client device, a request for a shared device of the first type. Subsequently, the network device determines that the second client device is associated with the same first set of characteristics as the first client device that selected the particular shared device. Responsive to such determination, the network device presents the particular shared device as an option for selection by the second client device.

Abstract: A non-transitory computer readable medium includes computer readable program code including instructions for subsequent to a client device associating with an access point, receiving a request for a set of allowed shared devices, removing, by the access point and to obtain the set of allowed shared devices, a shared device from a set of shared devices based on a client device user of the client device failing to have a permission required by a device sharing policy of the shared device, and transmitting the set of allowed shared devices to the client device.

Abstract: A non-transitory computer readable medium includes instructions which, when executed by one or more network devices, causes performance of operations. The operations include sending, to shared devices, one or more status queries regarding one or more device conditions for each of the shared devices, obtaining responses to the one or more status queries from each of the plurality of shared devices, the responses including the one or more device conditions for each of the shared devices, filtering the shared devices based on the one or more device conditions to obtain a subset of the shared devices, identifying the subset of the shared devices as a set of available shared devices, and transmitting information identifying the set of available shared devices to a client device.