Fortinet, Inc.
Separating broadcast and multicast wireless traffic in WLANs (wireless local access networks) for quarantine stations

Abstract:

Quarantine stations are steered to a hidden virtual access point for quarantining multicast and broadcast traffic from other traffic on an access point, or other device. The hidden virtual access point can be spawned, with the same configurations as a non-quarantine virtual access point, for on demand traffic containment. The data stream transmitted over Wi-Fi to the quarantine client using a different GTK key generated under virtual access point of hidden SSID for encryption of the multicast or broadcast transmission, and the data packet stream transmitted over wi-fi to the non-quarantine station using different GTK key generated under virtual access point SSID of regular SSID for encryption of the multicast or broadcast transmission.