Abstract: In network access controlled networks, it is desirable to prevent access to the network by any non-authenticated entities. Access control may be established through a trusted agent that, in some embodiments, may be implemented with a management co-processor. In some cases, active management technology may establish a connection while a host is inactive. Then, after the host becomes active, the host can attempt to use the management co-processor connection without obtaining the necessary authentications. This may be prevented, in some embodiments, by scanning for an active host and, if such an active host is found, blocking the host from using a layer 2 authentication channel unless the host is properly authenticated and has a proper Internet Protocol address.

Abstract: In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.

Abstract: In an embodiment, a method is provided. The method of this embodiment provides detecting failure of a first device on a system to authenticate the system through a controlled port from which a service is requested; and using a second device on the system to authenticate the system through the controlled port, the second device sharing a link with the first device.

Abstract: In network access controlled networks, it is desirable to prevent access to the network by any non-authenticated entities. Access control may be established through a trusted agent that, in some embodiments, may be implemented with a management co-processor. In some cases, active management technology may establish a connection while a host is inactive. Then, after the host becomes active, the host can attempt to use the management co-processor connection without obtaining the necessary authentications. This may be prevented, in some embodiments, by scanning for an active host and, if such an active host is found, blocking the host from using a layer 2 authentication channel unless the host is properly authenticated and has a proper Internet Protocol address.

Abstract: In network access control networks, it may be difficult to provide certain remote accesses such as remote boot or remote storage access. An available network connection established through chipset firmware (e.g. active management technology (AMT)) may be utilized to establish a connection and to enable the remote access. Then as soon the completion of the activity is detected, such as remote booting, then the connection may be immediately terminated to prevent access by improper agents.

Abstract: In an embodiment, a method is provided. The method of this embodiment provides detecting failure of a first device on a system to authenticate the system through a controlled port from which a service is requested; and using a second device on the system to authenticate the system through the controlled port, the second device sharing a link with the first device.

Abstract: A method for transmitting load balancing in mixed speed environments such as physical interface speed changes and client flow speed changes is disclosed. Components such as an association module, a flow redirector, a channel assignment module, and a balancing timer are employed. The association module is a data structure that contains an association between client connections and a network interface. The flow redirector redirects transmitted network packets to the network interfaces based on the data, which is provided by the load balancing association. The channel assignment module is advised when such association data does not exist. The channel assignment module creates the association between the client connection- and the network interface, which is stored in the load balancing association. The decisions that this module makes affect the actual balancing between the network interfaces. The balancing timer computes throughput for client flows and re-associates client flows to the network interfaces.

Abstract: A method for transmitting load balancing in mixed speed environments such as physical interface speed changes and client flow speed changes is disclosed. Components such as an association module, a flow redirector, a channel assignment module, and a balancing timer are employed. The association module is a data structure that contains an association between client connections and a network interface. The flow redirector redirects transmitted network packets to the network interfaces based on the data, which is provided by the load balancing association. The channel assignment module is advised when such association data does not exist. The channel assignment module creates the association between the client connection- and the network interface, which is stored in the load balancing association. The decisions that this module makes affect the actual balancing between the network interfaces. The balancing timer computes throughput for client flows and re-associates client flows to the network interfaces.