Fortinet, Inc.
DHCP agent assisted routing and access control

Abstract:

Systems and methods for increasing layer 2 visibility of layer 3 network devices so as to facilitate implementation of device-oriented policy actions by layer 3 network devices are provided. According to one embodiment, unique physical addresses of one or more host devices are retrieved by a dynamic host configuration protocol (DHCP) agent that is operatively coupled with a DHCP server. The physical addresses are mapped to corresponding Internet Protocol (IP) addresses assigned by the DHCP server to the one or more host devices. The mapping is relayed directly or indirectly to a network security device. Network traffic management/security policies are defined within the network security device corresponding to at least one of the unique physical addresses.