摘要 |
A wireless local area network system allows policy enforcement execution to be split between an access port and a centralized wireless controller. The policy may be of various types, including, but not limited to, a firewall policy, a QoS policy, a traffic shaping policy, and a bandwidth-management policy. On the AP, for all the traffic that is to be bridged or forwarded to specified ports, the policy table on the AP is checked. If it matches the policy table entry, then the specified action is taken. For all the traffic that gets forwarded to the controller by the AP, the match is checked with the policy table at the controller. If a match is detected, then the appropriate action specified by the policy is taken. |