Bank of America Corporation
Untrusted network device identification and removal for access control and information security

Abstract:

A system that includes a switch, a network authentication server (NAS), and a threat management server. The NAS sends a device identifier for an endpoint device to the threat management server in response to the endpoint device connecting to a port on the switch. The threat management server identifies the endpoint device for removal in response to receiving the device identifier. The threat management server determines the number of times the endpoint device has failed authentication exceeds a first threshold value within a first time period. The threat management server blocks the endpoint device from accessing the network via the port on the switch in response to identifying the endpoint device for removal.