In one implementation, a device may identify an active browser extension and browser attributes of a browser from which performance metrics are collected. The device may generate a testing configuration for the active browser extension based on the browser attributes. The device may test an impact of the active browser extension on the performance metrics utilizing the testing configuration in a testing environment. The device may provide an indication of the impact of the active browser extension on the performance metrics for display via a user interface.
Disclosed are systems, apparatuses, methods, and computer-readable media for balancing replicated frames in a replication network. A method includes: receiving, at a redundancy receiver, first frames from a first path and second frames from a second path, determining a network performance imbalance between a redundancy edge device to the redundancy receiver based on receiving the first frames and the second frames, and in response to determining a threshold of memory will be exceeded based on the delay between the first frames and the second frames, providing an indication to slow frames transmitted along the second path. In some aspects, a path mismatch device is configured to track replication frames and determine network performance imbalance. For example, the path mismatch device can identify one network is slower than another, and may provide remediation to balance network performance that maintains the integrity of the replication network.
In one embodiment, an example method for using an embedded neural codec for low latency speech enhancement and automatic speech recognition in hearables includes receiving, at a hearable device, an auditory signal and encoding, at the hearable device, the auditory signal into a compressed vector representation of the auditory signal. The method further includes decoding, at the hearable device using a speech enhancement decoder, the compressed vector representation of the auditory signal into denoised speech outputting, from the hearable device, the denoised speech, and transmitting, from the hearable device, an unprocessed vector representation of the auditory signal to a processing device to cause the processing device to decode, using a speech recognition decoder, the compressed vector representation of the auditory signal.
An example method may include receiving first configuration data associated with a network device, the first configuration data comprising a Yet Another Next Generation (YANG) payload; determining a first subset of the YANG payload that is associated with a first network configuration database; determining a first database transaction, wherein the first database transaction represents one or more database updates to the first network configuration database that is determined based on a first state of the network device and one or more configuration requirements represented by the first subset; discarding the first database transaction; determining second configuration data based on the first database transaction, the second configuration data comprising a command line representation (CLI) of the YANG payload; and providing the second configuration data to a system, the system configured to display the command line representation to a user.
Devices, systems, methods, and processes for enabling path monitoring in multi-path networks are described herein. Load balancing of packets is often performed based on outer encapsulating headers and inner packet headers. However, inner packet headers of probe and data packets can be different. Thus, the probe packet can traverse a different path as compared to the data packet, causing inconsistent hashing. To address this, a device is provided with a routing logic that encapsulates a packet, having a packet header, with an outer header. The outer header has a control bit, source and destination address fields, and a flow label field. When a value of the control bit is set to a predetermined value, load balancing is performed exclusively based on the outer header, exempting a utilization of the packet header. Therefore, load balancing for probe and data packets performed exclusively based on the outer header is consistent.
A method, computer system, and computer program product are provided for dynamic user personalization using large language models. A conversation history is obtained comprising a plurality of messages associated with a user’s activity in a messaging system. The conversation history and a request to identify interests of the user, based on the conversation history, are provided to a large language model. A natural language output is received from the large language model comprising one or more identified interests of the user. A text sample, the natural language output, and a request to summarize the text sample based on the natural language output are provided to the large language model. A summary of the text sample that is personalized based on the one or more identified interests of the user is received from the large language model.
Techniques are provided herein for optimizing path selection for use in load balancing operations. The techniques may comprise receiving a data packet directed to a receiving edge device and selecting a path (e.g., an IPSEC tunnel) to be used to transmit the data packet. The set of paths may be selected based on service level agreement requirements for the data packet. The techniques may further comprise appending, to the data packet, metadata including an indication of the selected path and a current time, and transmitting the data packet to the receiving edge device over the selected path, wherein the receiving edge device is caused to generate information about the selected path based on the metadata. The techniques may further comprise receiving, from the receiving edge device, the information about the selected path, and updating path data stored in local memory based on that information.
Provided herein are techniques to facilitate joining an End-to-End Encrypted (E2EE) online conference by a conference client using cached credentials. In one example, a method may include storing, by a conference client of a first user, a cached list of user credentials for one or more other users for previous online conferences in which the first user has participated. For a particular online conference to which the first user seeks to join, the method may further include determining whether particular user credentials for particular users participating in the particular online conference are not included in the cached list of user credential. Based on determining that at least one particular user credential is not included in the cached list of user credentials, the method may include obtaining the at least one particular user credential to enable the first user, via the conference client, to join the particular online conference.
Methods for streaming pageload telemetry data as open telemetry data in a push-based approach are provided. Specifically, methods involve obtaining, from a monitoring agent, telemetry data associated with one or more network communications provided to a web-based service and generating web performance telemetry data from the telemetry data by injecting one or more attributes about at least one of the monitoring agent or the one or more network communications. The one or more attributes are obtained separately from the telemetry data. The methods further involve streaming the web performance telemetry data to one or more observability services.
This disclosure describes techniques for load balancing user queries for artificial intelligence (AI) processing. A user query may be received that is initially destined to be processed by an AI computing resource. The user query may be pre-processed to identify metadata associated with the user query (e.g., attributes, features, characteristics, etc. associated with a user prompt and/or input file of the user query). The metadata may be used to determine processing requirements associated with the user query. The processing requirements may be used to determine whether such processing is to be performed by a non-AI computing resource instead of an AI computing resource. The user query may be load-balanced accordingly, and subsequent output provided to a user in response to the user query.
A method to control audio in a videoconference. The method includes operating a videoconference session with a videoconference endpoint that is configured to pick up audio via (i) a plurality of beams associated with a microphone array and (ii) at least one external microphone, determining a position of a talking participant in the videoconference session, and in response to the position of the talking participant being further away from the videoconference endpoint than a position of the at least one external microphone, reducing a gain for a selected beam of the plurality of beams in favor of a gain for the at least one external microphone.
G06T 7/70 - Determining position or orientation of objects or cameras
H04R 1/40 - Arrangements for obtaining desired frequency or directional characteristics for obtaining desired directional characteristic only by combining a number of identical transducers
12.
PROVABLE REMOTE ATTESTATION OF COMPUTING ASSETS USING SBOMS
A method, computer system, and computer program product are provided for generating and analyzing remotely attested SBOMs. Instructions are provided to cause a plurality of network devices in a network to each generate a software bill of materials (SBOM), wherein each network device self-attests the SBOM that describes that network device. The SBOM is obtained from each of the plurality of network devices. Each SBOM is analyzed to identify a particular software configuration in the network. A vulnerability is identified in the network based on the particular software configuration.
An embodiment provides a secure chain of key management servers (KMS) for distribution of keys via point-to-point quantum key distribution (QKD) links. A protocol initializes a link between nodes with enclaves hosting key management servers (KMS) and performs chain attestation to validate all nodes in the chain. Once validated, a QKD protocol can run as usual with certainty that keys are stored securely.
Techniques for introducing Open Telemetry (OTEL) into the operating system (OS) level of network devices are described. A method for performing OTEL network device management may include receiving, by a network device, a first packet. The method may also include identifying, by the network device, that the first packet contains information indicating an active OTEL trace, wherein the OS of the network device is configured for OTEL. The method may also include generating, by the network device, an OTEL trace span associated with the network device. The method may also include generating, by the network device, a second packet that includes the OTEL trace span associated with the network device. Finally, the method may include transmitting, by the network device and via OTEL line protocol (OTLP) the second packet to an OTEL collector.
A method, computer system, and computer program product are provided for a multi-route virtual private network. A virtual private network (VPN) concentrator generates network performance data indicating network conditions between the VPN concentrator and a server. The VPN concentrator receives additional network performance data indicating network conditions between at least one additional VPN concentrator and the server. The network performance data and the additional network performance data are provided to a client. In response to the client analyzing the network performance data and the additional network performance data to determine that a VPN connection to the server via the VPN concentrator satisfies one or more policy criteria, the VPN connection is established between the server and the client via the VPN concentrator.
The present technology automates the process of collecting and using data from IoT devices to improve IoT security and management while limiting the manual entry requirements of conventional IoT platforms. The technology receives data from IoT devices and determines behavioral characterizations of the IoT devices based on the data. The technology then uses a generative model to create a file representative of the behavioral characterizations of the IoT device, and uses that file to represent new IoT devices with similar attributes to those represented by the file. In doing so, the technology can improve security by, for example, creating a MUD file representative of a new IoT device with no associated MUD file. The technology can also create a file representative of the IoT device to improve onboarding of an IoT device in, for example, an IoT operations dashboard.
Disclosed are systems, apparatuses, methods, and computer-readable media for preventing supervision frame injection attacks in replication networks. A method includes: identifying, by a network device, a trusted network device in a replication network; providing credentials to the trusted network device to validate an identity of the network device; based on authentication of the credential at the trusted network device, receiving security information from the trusted network device that is encrypted with a public key of the network device; and transmitting an onboarding supervision frame encrypted with or signed by the security information, wherein a management device of the replication network updates a trusted peer information based on the onboarding supervision frame.
A method of creating a connection between a controller and plurality of edge devices may include reading, by a data plane development kit (DPDK) of the controller, a plurality of packets having a common destination port from the plurality of edge devices, and demuxing, by the DPDK, a number of frames of the plurality of packets based on a hash of the plurality of packets, the hash altering the common destination port of the plurality of packets with a corresponding number of sham destination ports. The method may also include, with a TUNTAP interface, injecting the plurality of packets into a network kernel, and with the network kernel, delivering the plurality of packets to a respective one of a plurality of daemon instances.
Techniques for automatically integrating SD-WAN constructs to security policies are described. The techniques may include defining, by a security cloud provider, a security policy for an entity, the entity represented by a VPN security policy label and the security policy absent source and destination CIDR IP addresses. The security cloud provider notifies an SD-WAN controller of the security policy. The SD-WAN controller maps the VPN security policy label to an IP address pool and a VPN ID. The SD-WAN controller generates an enhanced security policy by automatically adding source and destination CIDR IP addresses to the security policy. The SD-WAN controller deploys the enhanced security policy to an SD-WAN branch router and generates a VPN segment between the SD-WAN branch router and the security cloud provider to establish a common secure internet gateway tunnel for the IP address pool.
In one embodiment, an apparatus includes a first plate having a first plurality of fins integrally formed thereon and a second plate having a second plurality of fins integrally formed therein. The first plurality of fins is arranged to have a first fin density, and the second plurality of fins is arranged to have a second fin density. When the first plate and the second plate are assembled together, the first plurality of fins and the second plurality of fins are interleaved to form a first fin array, the first fin array having a third fin density.
Techniques for federated distributed security analytics using a swarm node framework to provide a scalable way to improve efficiency and accuracy of determining and remediating security threats, while reducing computational complexity and resource usage of a system. A system may comprise node(s) executing a first engine and a second engine. The first engine may operate in a data plane and receive event data associated with security events, perform a specialized type of function, and generate two classes of output(s): (1) transformed event data output to other first engine(s) of other node(s) and (2) security signal(s) output to the second engine. The second engine may be configured to operate in a control plane. The second engine may receive input(s), including the security signal(s) and determine action(s) to perform with regard to security event(s). The second engine may output instruction(s) to other node(s) and/or derived security signal(s) to other second engine(s).
Techniques are provided for verifying Access Points (APs) using crowd sourcing. In one example, a STA establishes a first non-verified connection, based on security material, with a source AP in a wireless infrastructure. A target AP in a wireless infrastructure obtains an indication that the STA is attempting to establish a second non-verified connection with the target AP. In response, the target AP establishes the second non-verified connection based on the security material.
Methods, apparatuses, and systems provide cooling equipment, such as fans, that may operate according to a selected profile of a plurality of operational profiles. An authentication process may be performed with respect to the fan and/or with respect to an operational control to verify the operations of the fan. A system is provided that includes one or more electronic modules configured to perform one or more operations and at least one fan configured to cool the one or more electronic modules by operating at a predetermined speed based on an operational profile. The system further includes a controller configured to securely communicate with the at least one fan to control the at least one fan to select the operational profile from a plurality of operational profiles.
A request for information from a participant of a plurality of participants in a communication session is identified. In response to the request for information, it is determined that an uncertainty level among the plurality of participants is above a threshold level. A search is performed for the information based on identifying that the uncertainty level is above the threshold level, and one or more search results associated with the information is displayed to the plurality of participants.
G06F 16/683 - Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content
G06F 16/783 - Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content
H04L 12/18 - Arrangements for providing special services to substations for broadcast or conference
25.
EVENT DETECTION AND PROBLEM DOMAIN IDENTIFICATION USING USER-CONFIGURED NETWORK MEASUREMENTS
In one implementation, a device obtains test results from a plurality of performance monitoring tests performed in a computer network. The device identifies a set of components of the computer network as potential causes of the test results. The device determines that a particular component from among the set of components caused the test results based on its health metrics. The device raises an alert indicative of the particular component having caused the test results.
H04L 41/0631 - Management of faults, events, alarms or notifications using root cause analysisManagement of faults, events, alarms or notifications using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
H04L 43/045 - Processing captured monitoring data, e.g. for logfile generation for graphical visualisation of monitoring data
Methods for allowing a user or a client web service to control or adjust use limit of an access token instead of relying on provider based time limits are provided. Specifically, methods involve obtaining an access request for a web-based service. The access request includes at least one usage condition for accessing the web-based service. The methods further involve generating an access token having a time-to-live value in response to the access request. The access token further includes the at least one usage condition that specifies a use limit for the access token. The methods further involve providing the access token for accessing the web-based service.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
Devices, systems, methods, and processes for enabling path monitoring in multi-path networks are described herein. Load balancing of packets is often performed based on outer encapsulating headers and inner packet headers. However, inner packet headers of probe and data packets can be different. Thus, the probe packet can traverse a different path as compared to the data packet, causing inconsistent hashing. To address this, a device is provided with a routing logic that encapsulates a packet, having a packet header, with an outer header. The outer header has a control bit, source and destination address fields, and a flow label field. When a value of the control bit is set to a predetermined value, load balancing is performed exclusively based on the outer header, exempting a utilization of the packet header. Therefore, load balancing for probe and data packets performed exclusively based on the outer header is consistent.
The techniques described herein identify the use of L4S within a network and enable a network controller to dynamically and proactively manage L4S capable devices and non-L4S capable devices. A traffic analyzer may identify client-endpoint pairs and/or the use of a congestion marker and notify the network controller. The network controller may identify pathways between pairs, capabilities of the network devices in the pathway. The network controller may monitor queues of the L4S capable devices, identify congestion points, and proactively adjust the structure of the queues of one or more of the network devices and/or perform traffic engineering to prevent and/or reduce congestion in the network.
Techniques are described for providing a natural language network security policy assistant for allowing a network administrator to implement network security policies using natural language security policy requests. A natural language request can be received by a user and can be translated using Artificial Intelligence into one or more security policy clauses. If the natural language security policy request leads to ambiguities with regard to intended security policies, one or more clarifying questions can be generated as natural language questions and sent to the user for clarification. One or more security policies can be implemented based on the one or more security policy clauses generated in response to the natural language security policy request and/or the natural language response to the clarifying questions.
Techniques described herein can detect and disable loops involving fabric overlay networks. A loop can occur when a fabric overlay network is coupled with two or more external data link layer switches, and the fabric overlay network and the data link layer switches are configured to forward network packets in multiple redundant traverses of the fabric overlay network and the data link layer switches. In response to detecting a loop, the loop can be disabled by modifying at least one fabric edge component of the fabric overlay network. The fabric edge component can be reconfigured to block network packets communicated between the fabric edge component and at least one of the data link layer switches.
H04L 41/122 - Discovery or management of network topologies of virtualised topologies e.g. software-defined networks [SDN] or network function virtualisation [NFV]
H04L 45/64 - Routing or path finding of packets in data switching networks using an overlay routing layer
Disclosed are systems, apparatuses, methods, and computer-readable media for machine learning-based clock generation. An example method includes collecting measurements from a plurality of sensors within a network device obtaining clock drift information from a machine learning (ML) model based on the measurements from the plurality of sensors and a clock signal of the network device, wherein the ML model is trained to determine a clock drift with reference to a reference clock, generating a clock correction signal to correcting the clock signal using the clock drift information, wherein the clock signal is synchronized to the reference clock based on the clock correction signal, and communicating with an external network device based on the clock signal.
A multi-phase inductor package that includes at least one set or cluster of inductors between a first plate and a second plate. The inductors in the at least one cluster are positioned in an intra-cluster arrangement such that a mutual magnetic flux density between the inductors in the at least one cluster is substantially equal. This arrangement may be extended to a plurality of clusters of inductors in an arrangement such that a mutual magnetic flux density between adjacent clusters of the plurality of clusters is substantially equal.
In one embodiment, a method includes associating, to classifiers assigned to a plurality of groups of devices of a network to identify device commonality that is distinct for each group of the plurality of groups, historical confidence scores with which a task remediates an alert event. When a first device of the devices reports the alert event, the method includes identifying each classifier to which the first device belongs and each historical confidence score for each classifier. At least one risk score associated with the task is generated using at least the each historical confidence score, and the at least one risk score is provided to a system. The method also includes obtaining an indication of whether the task is to be executed on the first device from the system.
Systems and methods are described to determine relationships between one or more components of an isolated execution environment system based on data obtained from a data intake and query system. Based on the determined relationships, an interactive visualization is generated that indicates the hierarchical relationship of the components. In some cases, to illustrate the relationship between components of the isolated execution environment system, the visualization can include one or more display objects displayed in a subordinate or superior relationship to other display objects. In certain cases, based on an interaction with a display object, the system can generate a query and/or display additional information and/or visualizations based on the results of the query.
G06F 3/04817 - Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance using icons
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
G06F 16/26 - Visual data miningBrowsing structured data
35.
STREAMLINED ROUTING TO HOST SERVERS IN CONTAINER NETWORKING ENVIRONMENTS
This disclosure describes techniques and mechanisms to enable streamlined and simplified connectivity to host servers in data centers that utilize automated containerized networking. The techniques may be used individually or together to provide a fully automated, plug-and-play experience for the advertisement and discovery of IPv6 prefixes, simplify IPv6 routing to host servers, and provide reachability, visibility, and liveness detection. The techniques may eliminate the need for a BGP stack. The techniques may include extending a link layer discovery protocol stack running on a server to support adding a new TLV to LLDP probes sent to a top of rack router. The new TLV may advertise identifier(s) of the server (e.g., SRv6 Locator, IPv6 prefix(es), IPv4 prefix(es), etc.). The ToR may learn the identifier(s) of the server and may redistribute the server’s reachability using routing protocol(s) of the network.
The techniques described herein enable a network controller to create multi-faceted policies. The network controller may comprise a VEX processing engine that captures VEX data and generates vulnerability insights, a retrieval augmented generation (RAG) component that can be utilized to generate context data based on the VEX data, vulnerability insights, and data captured by the network controller. The network controller may implement or input the context data to a model, which outputs customized synthetic test(s). The network controller identify, generate, or modify network policies and/or network control policies based on the output from executing the synthetic tests.
A method to obtain network performance measurements without having to deploy a reflector device in a network. The method involves generating at a first device, a first frame according to a feature of a networking protocol, wherein the first frame is generated by inserting timestamp information indicating a departure time of the first frame into each of a first field and a second field of a header of the first frame. The first device sends the first frame to a network entity in a network. The first frame is configured to cause the network entity to send, in reply to the first frame, a second frame according to the feature of the networking protocol. The second frame includes timestamp information in either a first field or a second field of a header of the second frame. The first device receives the second frame and derives a network performance metric.
In one implementation, a switch tray for a fabric rack includes internal connectors configured to communicatively couple the switch tray to processors located within the fabric rack via a cable backplane. The switch tray also includes a plurality of switch application-specific integrated circuits (ASICs) coupled to the internal connectors and configured to switch intra-rack traffic between the processors located within the fabric rack. The switch tray further includes external connectors coupled to the plurality of switch ASICs, whereby the plurality of switch ASICs are further configured to switch inter-rack traffic between the processors located within the fabric rack and external processors located in one or more external fabric racks.
Techniques described herein can apply a game framework for dynamic spectrum allocation. A local spectrum management controller (SMC) associated with a geographic area can receive multiple spectrum requests from multiple network controllers in the geographic area. The SMC can allocate spectrum resources among the multiple network controllers by assigning a respective value to each respective spectrum request, wherein the respective value is adjusted based on a respective historic spectrum use efficiency of a respective network controller. The multiple spectrum requests can then be processed according to a spectrum allocation game which uses respective values to determine multiple spectrum allocations to the multiple network controllers.
In one implementation, a device converts tokens in payloads for processing by an artificial intelligence model over time into vector embeddings. The device tracks, using the vector embeddings, a feature significance for each of a set of model features used by the artificial intelligence model to process the payloads. The device identifies a particular feature in the set of model features whose feature significance has dropped below a threshold. The device redeploys the artificial intelligence model with a reduced feature set that excludes the particular feature.
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
The present disclosure provides techniques for reducing power consumption in wireless devices. A wireless device with one or more receiver chains receives signals from a plurality of client devices. The wireless device estimates a link budget for the plurality of client devices, where the link budget indicates a quality of the signals received from the plurality of client devices. The wireless device adjusts an amplifier bypass threshold for the one or more receiver chains based on the link budget.
Disclosed are systems, apparatuses, methods, and computer-readable media for layer 2 out-of-order frame detection in replication networks. A method includes: receiving a first frame at a network device from a redundancy device and including a first sequence number, wherein the network device is connected to the redundancy device via a first link and a second link for transmitting duplicate frames; storing the first sequence number based on the first frame corresponding to an expected order of frames; receiving a second frame at the network device from the redundancy device including a second sequence number; determining that the second frame does not correspond to the expected order of frames based on the second sequence number and the first sequence number; and pausing transmission of frames to a destination network device in response to determining the second frame does not correspond to the expected order of frames.
Provided herein are techniques to facilitate minimizing context for LLM function calling operations. In one example, a method may include obtaining, by an interface system, a user conversation input; providing, to an LLM, for each of one or more interactions between the interface system and the LLM: a description of the interface system; the user conversation input; a list of function groups that describes types of functions that the interface system is capable of performing; and a list of private functions that are callable by the LLM, based on the user conversation input, to receive function context from the interface system or to cause function operations to be performed by the interface system; and providing one or more user conversation outputs based on at least one of the one or more interactions by the interface system with the LLM.
Techniques for measuring performance between two networks are described. A first link redundancy entity (LRE) transmits a first instance of a packet to a second LRE via a first network and a second instances of the packet to the second LRE via a second network. The first instance of the packet and the second instance of the packet have a timestamp indicating a time when the first LRE transmitted the packets. The second LRE records a first arrival time for the first instance of the packet and a second arrival time for the second instance of the packet. The second LRE determines a first latency for the first instance of the packet and a second latency for the second instance of the packet. Based at least in part of the first latency and the second latency, the second LRE determines a performance difference between the first and second networks.
Techniques and mechanisms for fine-tuning a language model to be optimized for a network device to which the language model is deployed. A controller for a network may maintain an inventory of network devices in a network, and obtain device information for the network devices. The controller may analyze the device information to determine a device type or role for the network devices. The controller may then select a pre-trained model that is optimal or well-suited for a device type of a particular network device, and perform a distillation function of the language model. Once the language model has been distilled, the controller may augment the language model with locally relevant information such that the language model is contextually relevant for the network device. After fine-tuning the language model, the controller pre-positions the language model on the device so network administrators and other users can access it when necessary.
An approach to track a location of a mobile device is provided. A method includes, from a cellular network element, sending a first query to a mobile device requesting position determining capabilities of the mobile device, in response to the first query, receiving, from the mobile device, information sufficient to contact a controller element of a positioning service for the mobile device, from the cellular network element, sending a second query to the controller element of the positioning service for data representative of coordinates of fixed assets used for the positioning service, and in response to the second query, receiving from the controller element the data representative of the coordinates of fixed assets used for the positioning service.
The present technology monitors the behavior and security profile of an IoT device and determines the changes that need to be made to the MUD file of the IoT device based on the data gathered during the monitoring. The technology then creates a new MUD file using a generative model (such as a large language model (LLM)) and compares the new MUD file with the original MUD file. Thereafter, the technology can communicate with the IoT device manufacturer to provide the new MUD file and explain the reasons why it is advantageous over the original MUD file. The new MUD file can then be deployed by the manufacturer to resolve security and efficiency issues with ease.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
48.
NETWORK SEGMENTATION IN MULTI-SITE COMPUTER NETWORKS
This disclosure describes techniques for enabling multiple subnets across multiple fabric sites and associated with multiple network segments (e.g., virtual networks (VNs)) to communicate with each other using a shared network infrastructure, such as a service provider network. In some cases, the techniques described herein include using a common transit VN (e.g., a common transit VN with or without a common firewall) in the shared network infrastructure as well as border devices that enable switching traffic between the common transit VNs and segment VNs (e.g., subscriber VNs) for data transmission to and/or from the common transit VN. In some cases, a border device maintains two types of mapping entries (e.g., map-caches): transit mapping entries and local mapping entries. A transit and a local mapping entry may be configured to represent (e.g., installed to program) forwarding information for packets received on a transit VN and on a segment VN, respectively.
This disclosure describes techniques and mechanisms to enable streamlined and simplified connectivity to host servers in data centers that utilize automated containerized networking. The techniques may be used individually or together to provide a fully automated, plug-and-play experience for the advertisement and discovery of IPv6 prefixes, simplify IPv6 routing to host servers, and provide reachability, visibility, and liveness detection. The techniques may eliminate the need for a BGP stack. The techniques may include extending a link layer discovery protocol stack running on a server to support adding a new TLV to LLDP probes sent to a top of rack router. The new TLV may advertise identifier(s) of the server (e.g., SRv6 Locator, IPv6 prefix(es), IPv4 prefix(es), etc.). The ToR may learn the identifier(s) of the server and may redistribute the server's reachability using routing protocol(s) of the network.
50.
Emitting structured and unstructured fields from an accelerated data model
Embodiments of the present disclosure provide techniques for emitting structured and dynamic fields from an accelerated data model. The method comprises evaluating a query to search a data model, wherein the data model is defined by a set of events and at least one structured field from fields associated with the set of events. Each event comprises a time-stamped portion of raw machine data and is stored in a field searchable data store. A summarization table is associated with the data model and comprises a plurality of entries comprising reference values, wherein a respective summarization table entry comprises: the at least one structured field; a respective field value; and a reference value. The method further comprises accessing the set of events from the field searchable data store using the reference values in the summarization table and annotating the set of events with the at least one structured field and with at least one dynamic field from the fields associated with the set of events, wherein the at least one dynamic field is not defined in the data model.
Display screen or portion thereof having a graphical user interface with an abstracted visualization of an interactive data analysis tool with federated indexes
Techniques are described for using a cloud-based actions service to provide IT and security-related applications with a centralized interface for requesting the performance of a wide range of actions involving third party services and devices. Any application with the ability to send API requests to the actions service can thus request the invocation of actions supported by the service without the need for independent implementations of such actions. Furthermore, the actions service provides a source for a continuously evolving set of actions with only minimal changes needed to applications desiring to use new and updated actions.
A photodiode device includes a base layer having a first intermediately doped region and a heavily doped region, a dielectric layer disposed over the base layer, a light absorptive material disposed in the dielectric layer, a first electrode, a coating layer, and a second electrode disposed in the dielectric layer and in communication with the heavily doped region. The light absorptive material has a top and a bottom surface, in which the bottom surface is in contact with the first intermediately doped region. The first electrode includes a side surface and a bottom surface. The coating layer includes an inner surface surrounding the side surface of the first electrode, an outer surface in communication with the dielectric layer, and an end surface in communication with the top surface of the light absorptive material, in which the end surface of the coating layer include a second intermediately doped region.
H10F 30/223 - Individual radiation-sensitive semiconductor devices in which radiation controls the flow of current through the devices, e.g. photodetectors the devices having potential barriers, e.g. phototransistors the devices being sensitive to infrared, visible or ultraviolet radiation the devices having only one potential barrier, e.g. photodiodes the potential barrier being a PIN barrier
H10F 71/00 - Manufacture or treatment of devices covered by this subclass
55.
Display screen or portion thereof having a graphical user interface with an abstracted visualization of an interactive data analysis tool with cloud support
Display screen or portion thereof having a graphical user interface with an abstracted visualization of an interactive data analysis tool with data lake indexes
Techniques are described for generating visualizations of security framework information (such as, e.g., MITRE ATT&CK® information) displayed in connection with notable events detected by a data intake and query system. Data intake and query systems, SIEM systems, and other applications often provide user interfaces that display detected occurrences of incidents, sometimes referred to as “notable events,” within users' information technology (IT) environments. A data intake and query system is described herein that is capable of identifying notable events, assigning tactic and technique information to notable events (and optionally to associated risk objects), and causing display of tactic and technique visualizations which are intuitive and customizable, provide ready access to relevant documentation, and follow a format with which security analysts are familiar.
G06F 3/0482 - Interaction with lists of selectable items, e.g. menus
G06F 3/04847 - Interaction techniques to control parameter settings, e.g. interaction with sliders or dials
G06F 21/55 - Detecting local intrusion or implementing counter-measures
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
H04L 41/0631 - Management of faults, events, alarms or notifications using root cause analysisManagement of faults, events, alarms or notifications using analysis of correlation between notifications, alarms or events based on decision criteria, e.g. hierarchy, tree or time analysis
The present disclosure provides techniques for TID obfuscation. A network device generates a first transformation matrix comprising a plurality of rows and a plurality of columns, each row corresponding to a real traffic identifier (TID) value, and each column corresponding to an epoch identifier within a sequence of epochs. The network device populates each entry of the first transformation matrix with an over-the-air-TID (OTA-TID) value, where each OTA-TID value is mapped from a respective TID and a respective epoch identifier. The network device transmits the first transformation matrix to a station (STA).
The present disclosure provides techniques for expiry imminence reporting in multi-AP coordination (MAPC). A first AP collects traffic metadata associated with a data flow. The first AP collects an expiry imminence metric for the data flow based on the traffic metadata. The first AP encodes the expiry imminence metric into a coordination message, and transmits the coordination message to a second AP for engaging in access scheduling coordination.
Described herein is a network that shares metrics and the algorithms used to determine the values of metrics. A wireless device includes one or more memories and one or more processors communicatively coupled to the one or more memories. The one or more processors, individually or collectively, perform an operation that includes calculating, using a first algorithm, a first value of a first metric for a wireless medium in a network, adding, to a message, the first value of the first metric, adding, to the message, an indication of the first algorithm used to calculate the first value of the first metric, and transmitting the message to report the first value of the first metric and the first algorithm.
Techniques and apparatus for supporting seamless roaming for enhanced privacy wireless stations are described. An example technique performed by a wireless station includes obtaining, while associated with a first access point (AP) in a first basic service set (BSS) and associated with a first enhanced data privacy (EDP) group supported by the first AP, information associated with one or more EDP groups supported by a second AP in a second BSS. Upon roaming from the first AP in the first BSS to the second AP in the second BSS, a second EDP group of the one or more EDP groups is joined, based at least in part on the information.
Techniques for utilizing a portion of a communication session identifier (e.g., a Session-ID, an SPI, a CID, a DCID, and/or the like) to indicate a target routing device (e.g., a VPN and/or ZTNA termination device) for establishing control plane session(s) and/or data plane session(s) at wire-speed in a networked computing environment. The routing device(s) of a networked computing environment may generate a communication session identifier and send the communication session identifier to the client device, such that subsequent packets send from the client device may be forwarded to the proper routing device indicated by the communication session identifier for establishment of one or more data plane sessions. Additionally, data plane sessions may be established using a Resumed Handshake rather than a full handshake that is typically required, as Session Resumption utilizes the assigned communication session identifier for mapping.
A method of implementing controller-based distributed remote access may include connecting a plurality of edge devices to a controller via a network. The plurality of edge devices may perform hole punching to traverse a network address translation (NAT) gateway to create a NAT hole. The method may also include connecting a client device to the controller. The client device may be directly connected to one of the plurality of edge devices via the NAT hole in the network. The method may further include directly connecting the client device to one of the plurality of edge devices by receiving a query from the client device and returning public IP/ports of a most relevant edge device to the client device, the most relevant edge device being based on attributes of the client device, attributes of the plurality of edge devices, or combinations thereof.
In an embodiment, a method includes receiving a data packet and generating an optimized security tag based on a standard security tag by replacing an 8-byte optional secure channel identifier (SCI) of the standard security tag with 32 most significant bits of a 4 packet number, a 2-byte MAC Security Entities (SecY) engine identifier, and a 2-byte short SCI. The method further includes encrypting the data packet and transmitting the encrypted data packet comprising the optimized security tag to an electronic device.
A system generates a user interface that enables a user to generate a chart from one or more statements of a data processing package. Via one or more user interactions with the user interface, the system may receive one or more chart parameters for a chart. Using a statement from the data processing package and the one or more chart parameters, the system may generate an additional statement and append the generated statement to the data processing package to form an enriched data processing package. The system may communicate the enriched data processing package to a search service for execution. The system may display the results in an interactive chart.
A method to align a constellation of access points of a wireless local area network to, e.g., a floorplan, includes generating a representation of a constellation of access points of a wireless local area network area using inter-access point range finding, wherein data from the inter-access range finding is filtered based on a quality indicator associated with respective links between the access points, matching the representation of the constellation of access points to features of a map of a predetermined space, and identifying a location for each access point in the representation of the constellation of access points based on location information associated with the map.
In one implementation, a device receives a request from a chatbot for user credentials needed to perform an application programming interface call. The device prevents the user credentials from being provided to the chatbot in response to the request. The device provides an instruction to the chatbot indicative of the user credentials not being shared because they are locally available. The device makes the application programming interface call based on an output of the chatbot and using the user credentials.
H04L 51/02 - User-to-user messaging in packet-switching networks, transmitted according to store-and-forward or real-time protocols, e.g. e-mail using automatic reactions or user delegation, e.g. automatic replies or chatbot-generated messages
In one implementation, a device may obtain a request from a client of an application to utilize a backend widget. The device may determine, based on an identifier of the application and a token associated with the request, whether a user associated with the request is authorized to utilize the backend widget. The device may determine, based on the identifier of the application and an identifier of the client associated with the request, whether the application is authorized to utilize the backend widget. The device may modify, responsive to a determination that the user and the application are authorized to utilize the backend widget, the request to include context for the application to utilize the backend widget.
In one embodiment, a method for management of large-scale networks includes receiving, by a network orchestrator, a request for performance of a data operation and performing, by the network orchestrator, a lookup operation corresponding to a specific data node in a computer network in response to receiving the request. The method can further include enqueuing, by the network orchestrator, a background loading operation involving a network configuration tree that includes one or more children nodes associated with the specific data node in response to initiating performance of the lookup operation and executing, by the network orchestrator, the lookup operation using the network configuration tree.
In one embodiment, a method includes monitoring bandwidth utilization on a plurality of ports on a network switch and determining that the bandwidth utilization on the plurality of ports meets a criterion. The method further includes disabling at least one serializer/de-serializer component on the network switch in response to determining that the bandwidth utilization on the plurality of ports meets the criterion and reconfiguring a PHY on the network switch in response to disabling the at least one serializer/de-serializer component.
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
H04L 41/0833 - Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for reduction of network energy consumption
H04L 43/0876 - Network utilisation, e.g. volume of load or congestion level
A multimode combiner is disclosed. In one aspect, a multimode combiner includes a first input waveguide, a second input waveguide, and an output waveguide disposed between the first and second input waveguides. The first input waveguide, the second input waveguide, and the output waveguide are arranged such that an optical signal transmitted through the multimode combiner has substantially the same optical power at an output of the output waveguide as the optical signal does at an input of either of the first and second input waveguides. A multiplexer and an apparatus including multimode combiners are also disclosed.
G02B 6/122 - Basic optical elements, e.g. light-guiding paths
G02B 6/12 - Light guidesStructural details of arrangements comprising light guides and other optical elements, e.g. couplings of the optical waveguide type of the integrated circuit kind
In one embodiment, a method for automatic construction of attack graphs using large language models includes sending, by a computing system comprising one or more processors configured to execute one or more processes, vulnerability information to at least one large language model in order to extract structured information and building, by the computing system comprising the one or more processors configured to execute the one or more processes, a natural language query based on the structured information. The method further comprises sending, by the computing system comprising the one or more processors configured to execute the one or more processes, the natural language query to the at least one large language model to generate at least a portion of an attack graph from the vulnerability information.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
Presented herein are techniques through which an Access and Mobility Management Function (AMF) may obtain location information for a plurality of terrestrial radio base stations and a plurality of non-terrestrial network (NTN) radio base stations. The AMF may obtain an indication of neighboring NTN radio base stations for each of the plurality of terrestrial radio base stations and store an NTN neighbor list that includes the indication of the neighboring NTN radio base stations for each of the plurality of terrestrial radio base stations. The AMF may perform one or more actions with respect to the NTN neighbor list and the GPS coordinates.
Devices, systems, methods, and processes for link status propagation are provided. In modern networks, transmitting a single bit of information about link status of each host-side link in the network may require a large amount of data, consuming considerable bandwidth and processing power. To address these concerns, a network device having a plurality of host-side ports coupled to same ordinal processing units in a set of host devices and associated with a rail identifier is provided. The network device determines first link status information associated with communication links of the network device and receives second link status information from other network devices having rail identifiers that match the rail identifier of the network device. The network device transmits the first and second link status information to the same ordinal processing units and a host device aggregates link status information received at corresponding processing units to obtain a cluster wide view.
Existing network architectures may experience latency variabilities due to varied cable lengths and diverse network paths available in a network fabric. Therefore, devices, systems, methods, and processes for facilitating enhanced latency-aware routing are described herein. A routing logic in a network fabric classifies two or more network paths, coupling a first network device to a second network device, into a plurality of groups based on latency attributes of the network paths. The routing logic in response to receiving a traffic flow at the first network device for the second network device, selects from the plurality of groups, a target group and routes the traffic flow to the second network device via at least one network path in the target group. If the target group includes more than one network path, the routing logic executes load balancing among a set of network paths classified into the target group.
Devices, systems, methods, and processes for dynamically controlling power supplied from power supply units (PSUs) and battery units of network devices are described herein. Generally, network devices rely on redundant power supplies or large hold-up capacitors to address power supply issues. Redundant power supplies lead to sub-optimal efficiency, while hold-up capacitors lead to bulky network device taking up space within the PSUs. Therefore, the present disclosure describes disposing one or more battery units in linecard slots or PSU slots. The battery unit may provide redundancy for the power supply and can act as an effective filter for power signal fluctuations. The battery units and the PSUs are dynamically controlled based on a load demand associated with the network device and power supply sources connected to the network device. Thus, the battery unit actively participates in load sharing with the PSUs to operate the PSUs more efficiently.
A method and system are provided for optically blurring a background against a foreground in a video captured using a main camera and a secondary camera in a video endpoint device. A first video stream is acquired using a main camera of a video endpoint device and a foreground object is detected in the first video stream. A foreground mask video stream is generated based on the foreground object detected in the first video stream. A second video stream is acquired from a secondary camera of the video endpoint device that is adjusted to be intentionally out of focus. The foreground mask video stream and the second video stream are combined to generate an output video stream that includes the foreground object against a background that is optically blurred by the secondary camera.
In one implementation, a device obtains a prompt from a user interface that requests a network troubleshooting agent complete a task with respect to a computer network using one or more language models. The device identifies, using the network troubleshooting agent, a series of steps for the network troubleshooting agent to perform in order to complete the task. The device uses the network troubleshooting agent to perform the series of steps using the one or more language models. The device provides update information to the user interface regarding performance of one or more of the series of steps by the network troubleshooting agent.
Techniques and architecture are described for a method that includes an in network compute (INC) manager receiving from switches of a fat tree configured network, arithmetic logic unit (ALU) capacity of the switches. Based at least in part on the ALU capacity of the switches and bandwidth, the INC manager determines one or more switches within each tier that are capable of supporting the processing units and based at least in part on the determining, the INC manager selects a first switch as a root, wherein the first switch is included within a tier of switches having intermediate tiers of switches located between the tier and the plurality of processing units within the fat tree configured network. The INC manager creates one or more paths of switches within each of the intermediate tiers from the root to the plurality of processing units to provide a constrained disjoint spanning tree of switches.
G06F 7/57 - Arithmetic logic units [ALU], i.e. arrangements or devices for performing two or more of the operations covered by groups or for performing logical operations
In one aspect, a method is disclosed. The method includes transmitting, from a first anchor in an Ultra-Wide Band (UWB) network, a poll message to a second anchor associated with the UWB network, wherein the poll message includes a first indication of radar usage by the first anchor. The method includes receiving, from the second anchor at the first anchor, a response message in response to the poll message. The response message includes a second indication of radar usage by the second anchor. The method includes determining, by the first anchor, a format of at least one ranging frame to enable dual radar and downlink time difference of arrival (DL-TDoA) ranging by one or more of the first anchor and the second anchor based on the poll message and the response message.
G01S 7/00 - Details of systems according to groups , ,
G01S 7/02 - Details of systems according to groups , , of systems according to group
G01S 13/02 - Systems using reflection of radio waves, e.g. primary radar systemsAnalogous systems
G01S 13/76 - Systems using reradiation of radio waves, e.g. secondary radar systemsAnalogous systems wherein pulse-type signals are transmitted
G01S 13/00 - Systems using the reflection or reradiation of radio waves, e.g. radar systemsAnalogous systems using reflection or reradiation of waves whose nature or wavelength is irrelevant or unspecified
The present disclosure provides techniques for expiry imminence reporting in multi-AP coordination (MARC). A first AR collects traffic metadata associated with a data flow. The first AR collects an expiry imminence metric for the data flow based on the traffic metadata. The first AR encodes the expiry imminence metric into a coordination message, and transmits the coordination message to a second AR for engaging in access scheduling coordination.
The present disclosure provides techniques for TID obfuscation. A network device generates a first transformation matrix comprising a plurality of rows and a plurality of columns, each row corresponding to a real traffic identifier (TID) value, and each column corresponding to an epoch identifier within a sequence of epochs. The network device populates each entry of the first transformation matrix with an over-the-air-TID (OTA-TID) value, where each OTA-TID value is mapped from a respective TID and a respective epoch identifier. The network device transmits the first transformation matrix to a station (STA).
Techniques and apparatus for supporting seamless roaming for enhanced privacy wireless stations are described. An example technique performed by a wireless station includes obtaining, while associated with a first access point (AR) in a first basic service set (BSS) and associated with a first enhanced data privacy (EDP) group supported by the first AP, information associated with one or more EDP groups supported by a second AP in a second BSS. Upon roaming from the first AP in the first BSS to the second AP in the second BSS, a second EDP group of the one or more EDP groups is joined, based at least in part on the information.
Described herein is a network that shares metrics and the algorithms used to determine the values of metrics. A wireless device includes one or more memories and one or more processors communicatively coupled to the one or more memories. The one or more processors, individually or collectively, perform an operation that includes calculating, using a first algorithm, a first value of a first metric for a wireless medium in a network, adding, to a message, the first value of the first metric, adding, to the message, an indication of the first algorithm used to calculate the first value of the first metric, and transmitting the message to report the first value of the first metric and the first algorithm.
Methods to restrict the number of multi-link operation (MLO) links while Layer 3 (web) authentication is in progress and permit additional links only after the web authentication is completed. The methods involve obtaining an MLO policy for establishing a multi-link connection to a wireless network and performing an MLO association for establishing the multi-link connection to the wireless network based on the MLO policy in which the MLO association is restricted to a single link during a web authentication for access to the wireless network.
In one implementation, a device generates a template for a particular parameter in one or more log files. The device uses a language model to determine a context for the particular parameter based on the template that would be relevant to an administrator. The device generates a visualization of the particular parameter based on the context. The device provides the visualization to a user interface for review by the administrator.
In one implementation, a device receives, via a natural language interface agent, an input prompt from a user interface. The device decomposes the input prompt into one or more tasks for performance to produce an answer to the input prompt. The device selects one or more external resources registered in a resource directory for the natural language interface agent based on a semantic relevance between the one or more tasks and information regarding the one or more external resources stored in the resource directory. The device provides the answer to the user interface via the natural language interface agent by performing the one or more tasks using the one or more external resources.
In one implementation, a device obtains node information regarding a plurality of nodes in a computer network. The device identifies a topology of the computer network. The device determines an optimal agent deployment plan for probing agents in the computer network based on the node information and the topology of the computer network. The device causes probing agents to be deployed to a selected set of nodes from the plurality of nodes in accordance with the optimal agent deployment plan.
In one implementation, a device receives a superclass and an image specified via a user interface. The device identifies subclasses of the superclass using a language model. The device generates, for each of the subclasses, subclass image masks for the image. The device forms an ensemble segmentation mask for the image based on the subclass image masks that represents the superclass.
G06V 10/764 - Arrangements for image or video recognition or understanding using pattern recognition or machine learning using classification, e.g. of video objects
G06V 20/52 - Surveillance or monitoring of activities, e.g. for recognising suspicious objects
90.
USING CROWDSOURCED REINFORCEMENT LEARNING TO OPTIMIZE A NATURAL LANGUAGE INTERFACE SYSTEM
In one implementation, a device receives a query from a user for input to a large language model. The device matches a pattern associated with the query with one or more prior chat exchanges between the large language model and one or more other users. The device generates an adjusted query based on the query and the one or more prior chat exchanges. The device provides an answer to the adjusted query from the large language model to the user.
G06F 16/383 - Retrieval characterised by using metadata, e.g. metadata not derived from the content or metadata generated manually using metadata automatically derived from the content
91.
LOCATION BASED CONTROL PLANE SIGNALING AND PROACTIVE TRANSPORT SWITCHING FOR SDWAN
In some aspects, a method for managing policies on a mobile client device within a Software-Defined Wide Area Network (SD-WAN) is disclosed. The method can include receiving, at a controller, a policy based on knowledge of a route the mobile client device. The controller transmits this policy to the mobile client device. The policy specifies the transition to base stations in the policy area to provide connectivity for the mobile client device based on its position along the route. As the mobile client device enters a policy area defined by the received policy, it signals its entry to the controller. In response to a request, the buffer is increased upon its entry into the policy area. Once the mobile client device is predicted to exit the policy area, it is prompted to resume normal operation. If normal operation is not detected, the system smoothly transitions into a GR mode.
Techniques are provided herein for implementing hybrid path selection for use in load balancing operations. The techniques may comprise initially implementing a first data distribution technique to distribute data packets across a set of paths. The techniques may then comprise upon determining an amount of network traffic handled by the edge device is above a threshold amount of network traffic, identifying, based on one or more values associated with the set of paths, that a first path of the set of paths is underutilized, receiving a first data packet directed to a destination, assigning the first data packet to the first path in a flow table associated with a second data distribution technique, and routing the first data packet across the first path in accordance with the second data distribution technique.
Devices, systems, methods, and processes for operating a plurality of power supplies of a network device using cold redundancy are described herein. Traditionally, redundant power supplies are operated in parallel with primary power supplies, thus making power supply system less efficient. To address these issues, an analog architecture is provided for implementing cold redundancy in a network device. Each power supply includes two pins: one for designating the power supply as primary or secondary, and the other pin for configuring an activity state of the power supply. The activity state can be an active state or a sleep state. The secondary power supplies are further ranked in an order of priority using different voltage levels for assignment. In response to surge in load demand, activity states of one or more secondary power supplies are changed to the active state without requiring a signal from a centralized control software.
H02J 9/00 - Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting
G06F 1/28 - Supervision thereof, e.g. detecting power-supply failure by out of limits supervision
H02J 9/06 - Circuit arrangements for emergency or stand-by power supply, e.g. for emergency lighting in which the distribution system is disconnected from the normal source and connected to a standby source with automatic change-over
94.
ACTIVATION OF GOOSENECK MICROPHONE IN INTEGRATED GOOSENECK/TABLE MICROPHONE DEVICE
A method is provided that includes detecting audio with a first microphone unit of a hybrid microphone device in a relatively narrow angular sector, and detecting, with a multi-directional microphone unit of the hybrid microphone device, audio in a relatively wide angular sector range that encompasses the relatively narrow angular sector. The method further includes determining a direction of arrival of detected audio from outputs of the multi-directional microphone unit, and selecting for output the audio detected by the first microphone unit when the direction of arrival of the detected audio by the multi-directional microphone unit is a desired direction of arrival.
The techniques described herein relate to a method including: generating a plurality of noise spectra, using a plurality of noise models, of noise generated in an optical channel by classical communication signals provided via the optical channel; generating a combined noise spectrum by combining the plurality of noise spectra; determining a quantum channel parameter for a quantum signal based upon the comprehensive noise spectrum; and providing the quantum signal over the optical channel using the quantum channel parameter.
Techniques and architecture are described for a method, implemented within a Clos configured backend network of a web scale network includes registering, with a distributed service control plane, a plurality of egress endpoints and status of the egress endpoints, and distributing, by the service control plane to a plurality of ingress virtual output queues (VOQs), registration information relating to the plurality of egress endpoints. The method also includes based at least in part on the distributing, scheduling packets for transmission from the plurality of ingress VOQs to the plurality of egress endpoints and forwarding, by the plurality of ingress VOQs to the plurality of egress endpoints, packets. The method may also include updating the registration information.
This disclosure describes techniques and mechanisms for a system to integrate data from multiple controllers such that a user may manage and/or have visibility to the multiple controllers from a single management platform and/or dashboard. For example, each of the multiple controllers may be associated with a large language model (LLM) that may be trained on a functionality associated with the controller, as well as the structure of the user interface associated with the controller. Using data associated with the secondary controller and output by the LLM of the secondary controller, the data may be used by the primary controller and the LLM of the primary controller such that data of the secondary controller (e.g., command data and/or user interface data) may be integrated with data of the primary controller (e.g., command data and/or user interface data) at a single controller management system and/or dashboard.
Techniques for on-boarding of devices using language models are described herein. A controller of a network may receive profiling information associated with a device that made an initial connection to the network. The controller may determine a type associated with the device based on the profiling information and query a database to identify a workflow for on-boarding the device of that type. The controller may request a configuration script to configure the device with the network from one or more generative artificial intelligence (AI) language models. The language model(s) may generate the configuration script by translating the profiling information of the device and the workflow associated with the device into a configuration script. The language model(s) may output a configuration script for configuring the device with the network to the controller, where the controller may configure a network port associated with the device upon execution of the configuration script.
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
99.
NETWORK SEGMENTATION IN MULTI-SITE COMPUTER NETWORKS
This disclosure describes techniques for enabling multiple subnets across multiple fabric sites and associated with multiple network segments (e.g., virtual networks (VNs)) to communicate with each other using a shared network infrastructure, such as a service provider network. In some cases, the techniques described herein include using a common transit VN (e.g., a common transit VN with or without a common firewall) in the shared network infrastructure as well as border devices that enable switching traffic between the common transit VNs and segment VNs (e.g., subscriber VNs) for data transmission to and/or from the common transit VN. In some cases, a border device maintains two types of mapping entries (e.g., map-caches): transit mapping entries and local mapping entries. A transit and a local mapping entry may be configured to represent (e.g., installed to program) forwarding information for packets received on a transit VN and on a segment VN, respectively.
Devices, systems, methods, and processes for location discovery of an access point (AP) are described herein. The AP, after a reboot event, is required to transmit a current location for automated frequency coordination (AFC) registration. However, the current location may be unknown to the AP. To address this, a device is provided with a location discovery logic that determines the current location of the AP. The device may receive first neighborhood discovery data (NDD) of the AP after first boot event and may generate an RF proximity map based on the first NDD. The device may receive the second NDD of the AP based on the reboot event. The device may compare the second NDD with the RF proximity map, and if the second NDD matches the RF proximity map, the device may determine the current location to be same as a reference location associated with the RF proximity map.