CN102137109A - 一种访问控制方法、接入设备及系统 - Google Patents
一种访问控制方法、接入设备及系统 Download PDFInfo
- Publication number
- CN102137109A CN102137109A CN2011100659195A CN201110065919A CN102137109A CN 102137109 A CN102137109 A CN 102137109A CN 2011100659195 A CN2011100659195 A CN 2011100659195A CN 201110065919 A CN201110065919 A CN 201110065919A CN 102137109 A CN102137109 A CN 102137109A
- Authority
- CN
- China
- Prior art keywords
- mac address
- binding relationship
- port
- binding
- address
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Granted
Links
- 238000000034 method Methods 0.000 title claims abstract description 50
- 230000004044 response Effects 0.000 claims description 18
- 230000008569 process Effects 0.000 description 10
- 238000012217 deletion Methods 0.000 description 9
- 230000037430 deletion Effects 0.000 description 9
- 238000012360 testing method Methods 0.000 description 9
- 238000004891 communication Methods 0.000 description 6
- 238000001514 detection method Methods 0.000 description 6
- 101100244969 Arabidopsis thaliana PRL1 gene Proteins 0.000 description 4
- 102100039558 Galectin-3 Human genes 0.000 description 4
- 101100454448 Homo sapiens LGALS3 gene Proteins 0.000 description 4
- 101150051246 MAC2 gene Proteins 0.000 description 4
- 230000006870 function Effects 0.000 description 4
- 238000013508 migration Methods 0.000 description 3
- 230000005012 migration Effects 0.000 description 3
- 230000008859 change Effects 0.000 description 2
- 239000012467 final product Substances 0.000 description 2
- 230000000977 initiatory effect Effects 0.000 description 2
- 238000013507 mapping Methods 0.000 description 2
- 238000013461 design Methods 0.000 description 1
- 238000010586 diagram Methods 0.000 description 1
- 238000005516 engineering process Methods 0.000 description 1
- 239000000203 mixture Substances 0.000 description 1
- 238000012986 modification Methods 0.000 description 1
- 230000004048 modification Effects 0.000 description 1
- 238000012544 monitoring process Methods 0.000 description 1
- 238000004806 packaging method and process Methods 0.000 description 1
- 238000004321 preservation Methods 0.000 description 1
Images
Classifications
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/14—Network architectures or network communication protocols for network security for detecting or protecting against malicious traffic
- H04L63/1441—Countermeasures against malicious traffic
- H04L63/1466—Active attacks involving interception, injection, modification, spoofing of data unit addresses, e.g. hijacking, packet injection or TCP sequence number attacks
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/09—Mapping addresses
- H04L61/10—Mapping addresses of different types
- H04L61/103—Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L61/00—Network arrangements, protocols or services for addressing or naming
- H04L61/50—Address allocation
- H04L61/5007—Internet protocol [IP] addresses
- H04L61/5014—Internet protocol [IP] addresses using dynamic host configuration protocol [DHCP] or bootstrap protocol [BOOTP]
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/02—Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
- H04L63/0227—Filtering policies
- H04L63/0236—Filtering by address, protocol, port number or service, e.g. IP-address or URL
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to devices or network resources
- H04L63/101—Access control lists [ACL]
Landscapes
- Engineering & Computer Science (AREA)
- Computer Networks & Wireless Communication (AREA)
- Signal Processing (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- Computing Systems (AREA)
- General Engineering & Computer Science (AREA)
- Small-Scale Networks (AREA)
- Data Exchanges In Wide-Area Networks (AREA)
Abstract
Description
Claims (9)
Priority Applications (3)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110065919.5A CN102137109B (zh) | 2011-03-18 | 2011-03-18 | 一种访问控制方法、接入设备及系统 |
EP12761353.7A EP2677716A4 (en) | 2011-03-18 | 2012-03-16 | ACCESS CONTROL METHOD, ACCESS DEVICE AND SYSTEM |
PCT/CN2012/072457 WO2012126335A1 (zh) | 2011-03-18 | 2012-03-16 | 一种访问控制方法、接入设备及系统 |
Applications Claiming Priority (1)
Application Number | Priority Date | Filing Date | Title |
---|---|---|---|
CN201110065919.5A CN102137109B (zh) | 2011-03-18 | 2011-03-18 | 一种访问控制方法、接入设备及系统 |
Publications (2)
Publication Number | Publication Date |
---|---|
CN102137109A true CN102137109A (zh) | 2011-07-27 |
CN102137109B CN102137109B (zh) | 2013-08-28 |
Family
ID=44296764
Family Applications (1)
Application Number | Title | Priority Date | Filing Date |
---|---|---|---|
CN201110065919.5A Expired - Fee Related CN102137109B (zh) | 2011-03-18 | 2011-03-18 | 一种访问控制方法、接入设备及系统 |
Country Status (3)
Country | Link |
---|---|
EP (1) | EP2677716A4 (zh) |
CN (1) | CN102137109B (zh) |
WO (1) | WO2012126335A1 (zh) |
Cited By (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012126335A1 (zh) * | 2011-03-18 | 2012-09-27 | 华为技术有限公司 | 一种访问控制方法、接入设备及系统 |
CN103078813A (zh) * | 2013-01-04 | 2013-05-01 | 西安交大捷普网络科技有限公司 | 基于snmp协议的终端安全接入的控制方法 |
CN105743670A (zh) * | 2014-12-09 | 2016-07-06 | 华为技术有限公司 | 访问控制方法、系统和接入点 |
CN104333552B (zh) * | 2014-11-04 | 2017-11-24 | 福建星网锐捷网络有限公司 | 一种认证确定方法及接入设备 |
CN109347816A (zh) * | 2018-10-10 | 2019-02-15 | 上海易杵行智能科技有限公司 | 一种用于端口与接入设备的绑定方法及系统 |
Families Citing this family (2)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
US10630700B2 (en) | 2016-10-28 | 2020-04-21 | Hewlett Packard Enterprise Development Lp | Probe counter state for neighbor discovery |
US11258757B2 (en) | 2019-02-28 | 2022-02-22 | Vmware, Inc. | Management of blacklists and duplicate addresses in software defined networks |
Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004025926A1 (en) * | 2002-09-16 | 2004-03-25 | Cisco Technology, Inc. | Method and apparatus for preventing spoofing of network addresses |
CN101179583A (zh) * | 2007-12-17 | 2008-05-14 | 杭州华三通信技术有限公司 | 一种防止用户假冒上网的方法及设备 |
CN101610206A (zh) * | 2008-06-17 | 2009-12-23 | 华为技术有限公司 | 一种绑定/解绑定的处理方法、系统和装置 |
CN101834870A (zh) * | 2010-05-13 | 2010-09-15 | 中兴通讯股份有限公司 | 一种防止mac地址欺骗攻击的方法和装置 |
CN101883090A (zh) * | 2010-04-29 | 2010-11-10 | 北京星网锐捷网络技术有限公司 | 一种客户端的接入方法、设备及系统 |
Family Cites Families (3)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
CN101453447A (zh) * | 2007-12-03 | 2009-06-10 | 华为技术有限公司 | 动态主机配置协议dhcp用户老化的方法及接入设备 |
CN101800741B (zh) * | 2010-01-25 | 2014-08-20 | 中兴通讯股份有限公司 | 一种防止非法媒体访问控制地址迁移的装置及方法 |
CN102137109B (zh) * | 2011-03-18 | 2013-08-28 | 华为技术有限公司 | 一种访问控制方法、接入设备及系统 |
-
2011
- 2011-03-18 CN CN201110065919.5A patent/CN102137109B/zh not_active Expired - Fee Related
-
2012
- 2012-03-16 EP EP12761353.7A patent/EP2677716A4/en not_active Withdrawn
- 2012-03-16 WO PCT/CN2012/072457 patent/WO2012126335A1/zh active Application Filing
Patent Citations (5)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2004025926A1 (en) * | 2002-09-16 | 2004-03-25 | Cisco Technology, Inc. | Method and apparatus for preventing spoofing of network addresses |
CN101179583A (zh) * | 2007-12-17 | 2008-05-14 | 杭州华三通信技术有限公司 | 一种防止用户假冒上网的方法及设备 |
CN101610206A (zh) * | 2008-06-17 | 2009-12-23 | 华为技术有限公司 | 一种绑定/解绑定的处理方法、系统和装置 |
CN101883090A (zh) * | 2010-04-29 | 2010-11-10 | 北京星网锐捷网络技术有限公司 | 一种客户端的接入方法、设备及系统 |
CN101834870A (zh) * | 2010-05-13 | 2010-09-15 | 中兴通讯股份有限公司 | 一种防止mac地址欺骗攻击的方法和装置 |
Cited By (7)
Publication number | Priority date | Publication date | Assignee | Title |
---|---|---|---|---|
WO2012126335A1 (zh) * | 2011-03-18 | 2012-09-27 | 华为技术有限公司 | 一种访问控制方法、接入设备及系统 |
CN103078813A (zh) * | 2013-01-04 | 2013-05-01 | 西安交大捷普网络科技有限公司 | 基于snmp协议的终端安全接入的控制方法 |
CN104333552B (zh) * | 2014-11-04 | 2017-11-24 | 福建星网锐捷网络有限公司 | 一种认证确定方法及接入设备 |
CN105743670A (zh) * | 2014-12-09 | 2016-07-06 | 华为技术有限公司 | 访问控制方法、系统和接入点 |
CN105743670B (zh) * | 2014-12-09 | 2019-02-05 | 华为技术有限公司 | 访问控制方法、系统和接入点 |
US10289504B2 (en) | 2014-12-09 | 2019-05-14 | Huawei Technologies Co., Ltd. | Access control method and system, and access point |
CN109347816A (zh) * | 2018-10-10 | 2019-02-15 | 上海易杵行智能科技有限公司 | 一种用于端口与接入设备的绑定方法及系统 |
Also Published As
Publication number | Publication date |
---|---|
WO2012126335A1 (zh) | 2012-09-27 |
EP2677716A4 (en) | 2014-02-26 |
EP2677716A1 (en) | 2013-12-25 |
CN102137109B (zh) | 2013-08-28 |
Similar Documents
Publication | Publication Date | Title |
---|---|---|
CN102137109B (zh) | 一种访问控制方法、接入设备及系统 | |
US8875233B2 (en) | Isolation VLAN for layer two access networks | |
EP3310025B1 (en) | User migration | |
EP2364543B1 (en) | Broadband network access | |
CN101764734B (zh) | IPv6环境下提高邻居发现安全性的方法及宽带接入设备 | |
US8862705B2 (en) | Secure DHCP processing for layer two access networks | |
CN101562807B (zh) | 移动虚拟专用网通信的方法、装置及系统 | |
CN100563149C (zh) | 一种dhcp监听方法及其装置 | |
US8699515B2 (en) | Limiting of network device resources responsive to IPv6 originating entity identification | |
US20090175197A1 (en) | Method and system for detection of nat devices in a network | |
CN101741702A (zh) | 实现arp请求广播限制的方法和装置 | |
KR101358775B1 (ko) | 사용자 액세스 방법, 시스템, 및 액세스 서버, 액세스 장치 | |
CN102404293A (zh) | 一种双栈用户管理方法及宽带接入服务器 | |
CN102571729A (zh) | Ipv6网络接入认证方法、装置及系统 | |
KR20130005973A (ko) | 네트워크 보안시스템 및 네트워크 보안방법 | |
CN104601743A (zh) | 基于以太的IP转发IPoE双栈用户接入控制方法和设备 | |
CN103987098B (zh) | Ipv4网络与ipv6网络间的切换方法和系统 | |
CN102281263B (zh) | 一种建立iSCSI会话的方法和iSCSI发起方 | |
CN101783819A (zh) | 一种利用IPv6过渡协议支持对等网络地址转换的系统及方法 | |
CN101184039A (zh) | 一种以太网负载均衡的方法 | |
CN102158866B (zh) | 应用于wlan中的验证方法和装置 | |
CN103856571B (zh) | 一种自适应网路连接方法和系统 | |
US20130022048A1 (en) | Method and network node for use in link level communication in a data communications network | |
KR101382527B1 (ko) | 에이알피 포이즈닝 방지를 위한 네트워크 보안방법 및 보안시스템 | |
WO2012111833A1 (ja) | 通信システム、ルータ、スイッチングハブ、および通信方法 |
Legal Events
Date | Code | Title | Description |
---|---|---|---|
C06 | Publication | ||
PB01 | Publication | ||
C10 | Entry into substantive examination | ||
SE01 | Entry into force of request for substantive examination | ||
C14 | Grant of patent or utility model | ||
GR01 | Patent grant | ||
ASS | Succession or assignment of patent right |
Owner name: NANTONG BEICHENG TECHNOLOGY ENTREPRENEURIAL MANAGE Free format text: FORMER OWNER: HUIZHOU ZHITAI ENTERPRISE MANAGEMENT CO., LTD. Effective date: 20141128 Owner name: HUIZHOU ZHITAI ENTERPRISE MANAGEMENT CO., LTD. Free format text: FORMER OWNER: HUAWEI TECHNOLOGY CO., LTD. Effective date: 20141128 |
|
C41 | Transfer of patent application or patent right or utility model | ||
COR | Change of bibliographic data |
Free format text: CORRECT: ADDRESS; FROM: 518129 SHENZHEN, GUANGDONG PROVINCE TO: 516003 HUIZHOU, GUANGDONG PROVINCE Free format text: CORRECT: ADDRESS; FROM: 516003 HUIZHOU, GUANGDONG PROVINCE TO: 226000 NANTONG, JIANGSU PROVINCE |
|
TR01 | Transfer of patent right |
Effective date of registration: 20141128 Address after: 226000 Jiangsu province Nantong City Outer Ring Road No. 639 Patentee after: NANTONG BEICHENG SCIENCE & TECHNOLOGY ENTREPRENEURIAL MANAGEMENT Co.,Ltd. Address before: 516003 Huizhou City, Guangdong Province Patentee before: HUIZHOU ZHITAI ENTERPRISE MANAGEMENT CO.,LTD. Effective date of registration: 20141128 Address after: 516003 Huizhou City, Guangdong Province Patentee after: HUIZHOU ZHITAI ENTERPRISE MANAGEMENT CO.,LTD. Address before: 518129 Bantian HUAWEI headquarters office building, Longgang District, Guangdong, Shenzhen Patentee before: HUAWEI TECHNOLOGIES Co.,Ltd. |
|
TR01 | Transfer of patent right | ||
TR01 | Transfer of patent right |
Effective date of registration: 20170710 Address after: 226000, Jiangsu City, Nantong province Gangzha Tang Street City Industrial Park Patentee after: JIANGSU JINTONGYUAN INDUSTRIAL Co.,Ltd. Address before: 226000 Jiangsu province Nantong City Outer Ring Road No. 639 Patentee before: NANTONG BEICHENG SCIENCE & TECHNOLOGY ENTREPRENEURIAL MANAGEMENT Co.,Ltd. |
|
CF01 | Termination of patent right due to non-payment of annual fee |
Granted publication date: 20130828 |
|
CF01 | Termination of patent right due to non-payment of annual fee |