Patent application number | Description | Published |
20100316050 | APPLYING ADAPTIVE THRESHOLDS TO MULTCAST STREAMS WITHIN COMPUTER NETWORKS - In general, techniques are described for applying adaptive thresholds to multicast streams within computer networks. For example, an access node may implement the techniques to facilitate efficient delivery of multicast streams. The access node comprises an interface that couples to a subscriber network having a subscriber device. The access node also includes a control unit that determines a multicast stream count reflecting current delivery of multicast streams to the subscriber network and a threshold value based on historical multicast stream counts delivered to the subscriber. The interface receives a message requesting to join a multicast group in accordance with a multicast management protocol. In response to this message, the control unit determines a projected stream count based on the above current multicast count. The control unit then compares the projected stream count to the threshold value, and admits the subscriber device to the multicast group based on the comparison. | 12-16-2010 |
20110029645 | SECURE DHCP PROCESSING FOR LAYER TWO ACCESS NETWORKS - In general, this disclosure describes network security techniques that may accommodate legitimate movement of a subscriber device while preventing MAC collisions that may result from configuration errors or MAC spoofing attempts. MAC spoofing may result in packets directed to one subscriber device being sent instead to another subscriber device. By modifying an access node or a Dynamic Host Configuration Protocol (DHCP) server to allow only authorized subscriber devices on the access network, layer two collisions (“MAC collisions”) may be prevented. | 02-03-2011 |
20110030032 | SECURE DHCP PROCESSING FOR LAYER TWO ACCESS NETWORKS - In general, this disclosure describes network security techniques that may accommodate legitimate movement of a subscriber device while preventing MAC collisions that may result from configuration errors or MAC spoofing attempts. MAC spoofing may result in packets directed to one subscriber device being sent instead to another subscriber device. By modifying an access node or a Dynamic Host Configuration Protocol (DHCP) server to allow only authorized subscriber devices on the access network, layer two collisions (“MAC collisions”) may be prevented. | 02-03-2011 |
20110080915 | AUTOMATED VLAN ASSIGNMENT TO DOMAIN IN RING NETWORK - In general, the disclosure describes network techniques that may automatically assign virtual local area networks (VLANs) to domains in a ring network. In one example, a method includes receiving, by a control node in a ring network, a plurality of data units transmitted by a plurality of transport nodes on the ring network, each data unit comprising profile information, and automatically assigning a VLAN to one of a plurality of domains established on the ring network based on the profile information. | 04-07-2011 |
20110167268 | NETWORK DEVICE AUTHENTICATION - In general, this disclosure relates to maintaining security between an optical network terminal (ONT) and an optical network aggregation device in an Active Ethernet network. An optical network aggregation device includes one or more optical Ethernet switches that can be adaptively configured to support authentication of one or more ONTs. For example, the optical network aggregation device may include a controller with an authentication unit for managing ONT authentication and an optical Ethernet interface for transmitting and receiving data over the optical network. The authentication unit may exchange authentication request messages via the optical Ethernet interface with an ONT and grant the ONT access to the provider network based on the exchange, thereby preventing rogue devices from gaining access to the provider network. | 07-07-2011 |
20110167269 | NETWORK DEVICE AUTHENTICATION - In general, this disclosure relates to maintaining security between an optical network terminal (ONT) and an optical network aggregation device in an Active Ethernet network. An optical network aggregation device includes one or more optical Ethernet switches that can be adaptively configured to support authentication of one or more ONTs. For example, the optical network aggregation device may include a controller with an authentication unit for managing ONT authentication and an optical Ethernet interface for transmitting and receiving data over the optical network. The authentication unit may exchange authentication request messages via the optical Ethernet interface with an ONT and grant the ONT access to the provider network based on the exchange, thereby preventing rogue devices from gaining access to the provider network. | 07-07-2011 |
20120131097 | ISOLATION VLAN FOR LAYER TWO ACCESS NETWORKS - In general, techniques are described for providing an isolation virtual local area network (VLAN) for layer two access networks. A server comprising an interface and a control unit may implement the techniques. The interface receives a message that initiates a request for a layer three (L3) network address for use by a client device via an isolation virtual local area network (VLAN) that supports transmitting data from a network device to the server, where the network device is intermediately positioned between the client device and the server. The message includes a layer two (L2) address associated with the client device. The control unit determines whether to allow the client device to access the network and assigns the L3 network address to the client device based on the determination. | 05-24-2012 |
20150063107 | SYSTEM AND METHOD FOR AUTOMATED QUALITY OF SERVICE CONFIGURATION THROUGH THE ACCESS NETWORK - A system comprises a plurality of access nodes configured to provide one or more services to customer equipment; and a plurality of transport elements coupled together to form a network. Each transport element is configured to receive data packets committed to the network by one or more of the other transport elements and to commit data packets to the network, each data packet assigned to one of a plurality of traffic classes. Each respective transport element is further configured to shape a first set of traffic comprising data packets received from another transport element based on the respective traffic class of each data packet and to shape a second set of traffic comprising data packets to be committed to the network by the respective transport element based on the respective traffic class of each data packet, the first set of traffic shaped separately from the second set of traffic. Each respective transport element is further configured to shape the shaped first set of traffic together with the shaped second set of traffic based on respective weights associated with the first set of traffic and the second set of traffic. | 03-05-2015 |
20150067117 | SYSTEM AND METHOD FOR ADVERTISEMENT OF SLA ATTRIBUTES OF A SERVICE AND THE TEST CAPABILITY OF THE ENDPOINT DEVICE - A system comprises a first endpoint device; and a second endpoint device coupled to the first endpoint device over a service provider network. The first endpoint device is configured to insert a Service Level Agreement (SLA) Type Length Value (TLV) element into a Protocol Data unit (PDU) to form an enhanced PDU, the first endpoint device further configured to transmit the enhanced PDU to the second endpoint device. The SLA TLV element includes fields for at least one of service configuration information and test capability information of the first endpoint device. | 03-05-2015 |
20150083795 | SYSTEM AND METHOD FOR SERVICING A DEVICE HAVING A MATRIX BARCODE - A method of servicing a target device having a matrix barcode comprises analyzing data from a scan of the matrix barcode on the target device to obtain device identification information encoded in the matrix barcode; obtaining secondary information related to the target device; associating the device identification information with the secondary information; and transmitting the device identification information and secondary information over a network to a back office system. | 03-26-2015 |