The present technology provides a three-dimensional video conference experience using readily available cameras and two-dimensional video displays by inserting the two-dimensional video of a remote video conference participant into a three-dimensional environment, and by using visual cues to create the perception of depth for the two-dimensional video of a remote video conference participant.
Techniques and apparatus for managing a message relaying system are described. One technique includes an access point (AP) detecting a first signal and a second signal from a computing device. A validation of the first signal is performed based on parameters of the first signal and the second signal. After the validation, information associated with the first signal is transmitted to a computing system. In another technique, the computing system may designate one of multiple APs reporting information regarding first signals as a primary reporting AP and designate the remaining APs as secondary reporting APs. The computing system may instruct the secondary reporting APs to refrain from reporting information regarding first signals to the computing system.
H04W 76/16 - Setup of multiple wireless link connections involving different core network technologies, e.g. a packet-switched [PS] bearer in combination with a circuit-switched [CS] bearer
H04W 88/04 - Terminal devices adapted for relaying to or from another terminal or user
Techniques and apparatus for configuring ultra-wideband (UWB) communications using out-of-band (OOB) mechanisms are described. An example technique performed by a wireless device includes obtaining, prior to association with an access point (AP), ultra-wideband (UWB) information from the AP via an out-of-band (OOB) communication link between the wireless device and the AP. A location server within a network including the wireless device and the AP is determined based on the UWB information. Configuration information associated with a UWB ranging session from the location server is obtained via the OOB communication link. The UWB ranging session is performed in accordance with the configuration information.
Network traffic interference detection and management may be provided. An infringement event by an infringing Access Point (AP) on a Restricted Target Wake Time (rTWT) transmission opportunity (TxOp) associated with a victim AP may be detected, and information associated with the infringement event may be added to an infringement list, wherein the information includes a MAC address associated with the infringing AP. A controller, may receive the infringement list and notify the infringement event to the infringing AP. The infringing AP may determine whether a transmission associated with the infringement event is low latency and high priority. When the transmission is not low latency and high priority the infringing AP may modify future transmissions based on the notification. When the transmission is low latency and high priority the infringing AP may notify the controller that the transmission is low latency and high priority. The controller may then create a negotiation between the victim AP and the infringing AP, wherein the negotiation comprises managing future transmissions of the victim AP and the infringing AP.
H04W 52/28 - TPC being performed according to specific parameters using user profile, e.g. mobile speed, priority or network state, e.g. standby, idle or non-transmission
H04W 72/0446 - Resources in time domain, e.g. slots or frames
H04W 74/0816 - Non-scheduled access, e.g. ALOHA using carrier sensing, e.g. carrier sense multiple access [CSMA] with collision avoidance
An optical engine and methods of assembly are disclosed. In one aspect, an optical engine has a lid defining an optical feedthrough configured to fully encircle an optical channel received therein. The optical feedthrough provides an access opening for the optical channel to be fed through so that the optical channel is coupled with a photonic integrated circuit of the optical engine.
Embodiments herein describe re-ordering bit-interleaved data to be byte-interleaved data before transmitting the data on an OTN. For example, a transmitter can receive interleaved bits for different symbols that are part of an error correction code to be transmitted in an optical transport network. The transmitter re-orders the interleaved bits into interleaved bytes where each of the interleaved bytes correspond to one of the different symbols. The interleaved bytes can then be transmitted on the OTN.
Techniques and architecture are described for L2 service insertion in a network. More particularly, the techniques and architecture provide for monitoring a L2 service, e.g., firewall, MAC address (instead of learning the MAC address) and registering/de-registering the service node (e.g., fabric border or edge or LISP service_etr) to the service control plane (e.g., LISP MSMR) based on this. This not only load-balances the traffic (per L2 flow) but also tracks it for node's liveliness. The techniques and architecture also provide L2 service insertion connected to a service border to allow for dynamic SGT based service, e.g., firewall, insertion for both software defined access (SDA) fabric and non-fabric deployments.
A process can include determining a plurality of Network Address Translation (NAT) routes associated with respective edge routers included in a same virtual private network (VPN) for communicating with a software-defined wide area network (SDWAN). A process can include identifying a first subset of the plurality of NAT routes as mapped to a first public NAT address included in a NAT pool associated with the VPN. A process can include tagging each NAT route of the first subset with a tag value indicative of a preferred router for receiving return traffic of the respective NAT route. A process can include routing traffic on a respective NAT route of the plurality of NAT routes based on applying, at an SDWAN controller, a corresponding control policy matching the tag value of the respective NAT route.
A process can include determining affinity information indicative of route preferences between branch routers and gateway routers. A prefix can be determined for a subnet of branch routers located at a same branch location. An affinity position of a first gateway router can be determined based on affinity information of the branch routers in the subnet. A mapping can be determined between a local preference Border Gateway Protocol (BGP) community attribute and the affinity position of the first gateway router, wherein a mapped local preference BGP community attribute and the affinity position are indicative of a same routing preference. The mapped local preference BGP community attribute can be attached to routes from the first gateway router into a cloud service provider. Affinity-based route preferences are indicated to the cloud service provider by redistributing the routes from the first gateway router with the mapped local preference BGP community attribute attached.
Techniques for a Software-Defined Networking (SDN) controller associated with a multisite network to implement jurisdictional data sovereignty polices in a multisite network, route network traffic flows between user sites and destination services over one or more provider sites, and/or perform a routing operation on the network traffic flow(s) based on the jurisdictional data sovereignty policies. The jurisdictional data sovereignty polices may be implemented using destination group tags (DGTs) and/or source group tags (SGTs). A secure access service edge (SASE) associated with the network controller may generate, store, and distribute the DGTs to provider sites and/or the SGTs to user sites. Based on the SGT and/or DGT associated with a network traffic flow, one or more services may be applied to the network traffic flow, and the network traffic flow may be routed through a particular region of a software-defined access (SDA) transit.
Devices, systems, methods, and processes for feature level power calibration are described herein. Network devices include sensors that generate sensor readings indicative of various device parameters. A calibration logic utilizes the sensor readings and feature permutations associated with the sensor readings to predict a feature level power consumption for all features of the network device. The calibration logic then applies a calibration factor to the predicted feature level power consumption and obtains an actual feature level power consumption. Using the actual feature level power consumption, the calibration logic determines an actual power consumption for feature licenses of the network device. The feature and feature license level power consumption is utilized for determining which features or feature licenses can be deactivated when the device power consumption is outside a threshold limit. Such dynamic deactivation ensures that the network device accurately meets the sustainability goals.
The present disclosure is directed to receiving multiple concurrent requests from multiple applications for session establishment from a user device, wherein the concurrent requests originated from a single browser instance, communicating a redirect response comprising a query parameter to each of the applications to the user device, receiving a browser-session synchronization cookie from each of the applications responsive to each corresponding redirect response from the user device, determining a browser-session identifier based on the browser-session synchronization cookies and by a negotiation algorithm, generating a browser-session cookie based on the browser-session identifier and by the negotiation algorithm, and establishing a session for the applications via the single browser instance based on the browser-session cookie.
Techniques and apparatus for configuring ultra-wideband (UWB) communications using out-of-band (OOB) mechanisms are described. An example technique performed by a wireless device includes obtaining, prior to association with an access point (AR), ultra-wideband (UWB) information from the AR via an out-of- band (OOB) communication link between the wireless device and the AR. A location server within a network including the wireless device and the AR is determined based on the UWB information. Configuration information associated with a UWB ranging session from the location server is obtained via the OOB communication link. The UWB ranging session is performed in accordance with the configuration information.
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations using radio waves
H04W 4/80 - Services using short range communication, e.g. near-field communication [NFC], radio-frequency identification [RFID] or low energy communication
H04W 4/02 - Services making use of location information
H04W 64/00 - Locating users or terminals for network management purposes, e.g. mobility management
Access network monitoring in a wireless federation may be provided. A plurality of access requests may be received from a probe device. Each of the plurality of access requests may comprise access request information. Next, an availability metric may be determined based on an amount of the plurality of access requests received and the access request information. The availability metric may then be reported.
Methods are provided for sustainably training artificial intelligent or machine learning models. Specifically, the methods involve obtaining power supply information about at least two computing resource groups. The power supply information relates to one or more power sources that supply power to the at least two computing resource groups. The methods further involve determining, while training an artificial intelligence or machine learning model using a current computing resource group of the at least two computing resource groups, an availability of power provided to the current computing resource group from one or more renewable energy sources, based on the power supply information and migrating the artificial intelligence or machine learning model for training using a different computing resource group than the current computing resource group, based on determining a lack of the availability of power provided to the current computing resource group from the one or more renewable energy sources.
Devices, systems, methods, and processes for generating and sharing a verifiable Zero Knowledge (ZK) proof are described herein. A device may utilize one or more non-reversible aggregation techniques to receive, normalize, and aggregate one or more Carbon Footprint Metrics (CFMs) of the device corresponding to a timeframe. The device can generate a ZK attestation and the verifiable ZK proof based on an aggregated CFM or a sum of normalized CFMs, and a carbon footprint threshold for the timeframe. The device may further transmit the verifiable ZK proof to an auditing device. The auditing device can receive the verifiable ZK proof and verify, in a trustworthy manner, that the CFMs of the device corresponding to the timeframe are in compliance with the carbon footprint threshold. The device may hence prove the compliance with the carbon footprint threshold to the auditing device without actually sharing the CFMs with the auditing device.
The present technology pertains to a method to balance the performance of an application with the device health and the application runtime health statistics utilizing a hybrid approach. In the hybrid approach, the static performance control is a robust machine learning algorithm trained on data from many client devices and applications. The dynamic performance control is local to the client device and the application and reacts to the real-time device performance and application performance. Additionally, a user can provide their preferences for the performance and resource optimization of the application.
In one aspect, a system includes a station device configured to transmit a signal; multiple access point devices in connection with the station device, the multiple access point devices configured to receive the signal transmitted from the station device, wherein the multiple access point devices are configured to convert the signal into a measurable form; and a processing unit operably connected to the multiple access point devices. The processing unit is configured to, for each subcarrier within the signal received by the multiple access point devices, determine a measurement of channel state information including an overall shape of the signal; determine a magnitude distance for each subcarrier; and determine a location of the station device based on a fit of the magnitude distance to a model, wherein the model is based on an environment with one or more obstacles causing an obscuration of the signal.
Systems, methods, and computer-readable media are provided for generating a unique ID for a sensor in a network. Once the sensor is installed on a component of the network, the sensor can send attributes of the sensor to a control server of the network. The attributes of the sensor can include at least one unique identifier of the sensor or the host component of the sensor. The control server can determine a hash value using a one-way hash function and a secret key, send the hash value to the sensor, and designate the hash value as a sensor ID of the sensor. In response to receiving the sensor ID, the sensor can incorporate the sensor ID in subsequent communication messages. Other components of the network can verify the validity of the sensor using a hash of the at least one unique identifier of the sensor and the secret key.
G06F 16/9535 - Search customisation based on user profiles and personalisation
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/55 - Detecting local intrusion or implementing counter-measures
G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 41/046 - Network management architectures or arrangements comprising network management agents or mobile agents therefor
H04L 41/0668 - Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
H04L 41/0806 - Configuration setting for initial configuration or provisioning, e.g. plug-and-play
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
H04L 41/0893 - Assignment of logical groups to network elements
H04L 41/12 - Discovery or management of network topologies
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
H04L 41/22 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
H04L 43/026 - Capturing of monitoring data using flow identification
H04L 43/04 - Processing captured monitoring data, e.g. for logfile generation
H04L 43/062 - Generation of reports related to network traffic
H04L 43/08 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
H04L 43/0805 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
H04L 43/0811 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
H04L 47/2441 - Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
H04L 47/2483 - Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
H04L 47/28 - Flow controlCongestion control in relation to timing considerations
H04L 47/31 - Flow controlCongestion control by tagging of packets, e.g. using discard eligibility [DE] bits
H04L 47/32 - Flow controlCongestion control by discarding or delaying data units, e.g. packets or frames
H04L 67/10 - Protocols in which an application is distributed across nodes in the network
H04L 67/1001 - Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
A system and associated methods provide solutions for reducing a volume of traffic through a multicast network attributed to repeated maintenance messages, which are required in order to maintain a multicast connection. The system configures provider edge devices to generate and send maintenance messages on behalf of members of a multicast group to establish and maintain the multicast connection and provides options for determining unknown locations of sources and/or subscribers, thereby reducing the overall volume of traffic transmitted over the multicast network.
Disclosed herein are methods of forwarding data over an IP network. The methods may include receiving a packet from a source host connected to the IP network, identifying the IP address of a destination host designated in the packet, determining the location on the IP network where the destination host designated by the packet is connected, without reference to the MAC address specified in the packet, by using location-identification information stored on the IP network, and forwarding the packet to the location on the IP network where the destination host is connected without reference to the MAC address specified in the packet. Also disclosed herein are related network devices implementing such techniques and operations, as well as IP networks which include such network devices.
H04L 61/103 - Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
H04W 64/00 - Locating users or terminals for network management purposes, e.g. mobility management
22.
GENERATIVE MODELS TO CREATE NETWORK CONFIGURATIONS THROUGH NATURAL LANGUAGE PROMPTS
In one implementation, a device obtains a natural language-based description of a network via a user interface. The device generates, based on the natural language-based description, network configuration parameters for the network using a generative model. The device conducts a simulation of traffic in the network using the network configuration parameters, to obtain telemetry data. The device uses the telemetry data to train a machine learning model to perform network analytics.
Techniques for utilizing a portion of a communication session identifier (e.g., a Session-ID, an SPI, a CID, a DCID, and/or the like) to indicate a target routing device (e.g., a VPN and/or ZTNA termination device) for establishing control plane session(s) and/or data plane session(s) at wire-speed in a networked computing environment. The routing device(s) of a networked computing environment may generate a communication session identifier and send the communication session identifier to the client device, such that subsequent packets send from the client device may be forwarded to the proper routing device indicated by the communication session identifier for establishment of one or more data plane sessions. Additionally, data plane sessions may be established using a Resumed Handshake rather than a full handshake that is typically required, as Session Resumption utilizes the assigned communication session identifier for mapping.
Techniques for utilizing a portion of a communication session identifier (e.g., a Session-ID, an SPI, a CID, a DCID, and/or the like) to indicate a target routing device (e.g., a VPN and/or ZTNA termination device) for establishing control plane session(s) and/or data plane session(s) at wire-speed in a networked computing environment. The routing device(s) of a networked computing environment may generate a communication session identifier and send the communication session identifier to the client device, such that subsequent packets send from the client device may be forwarded to the proper routing device indicated by the communication session identifier for establishment of one or more data plane sessions. Additionally, data plane sessions may be established using a Resumed Handshake rather than a full handshake that is typically required, as Session Resumption utilizes the assigned communication session identifier for mapping.
In one aspect, a system includes a station device configured to transmit a signal; multiple access point devices in connection with the station device, the multiple access point devices configured to receive the signal transmitted from the station device, wherein the multiple access point devices are configured to convert the signal into a measurable form; and a processing unit operably connected to the multiple access point devices. The processing unit is configured to, for each subcarrier within the signal received by the multiple access point devices, determine a measurement of channel state information including an overall shape of the signal; determine a magnitude distance for each subcarrier; and determine a location of the station device based on a fit of the magnitude distance to a model, wherein the model is based on an environment with one or more obstacles causing an obscuration of the signal.
26.
SYSTEM AND METHOD OF PROVIDING UNIVERSAL MOBILE INTERNET PROXY PRINTING
Disclosed is a method to enable printing on legacy devices. The method includes discovering a legacy device that does not have a universal record that enables the legacy device to provide services to a mobile device through a network, appending the universal record for the legacy device, transmitting the universal record for the legacy device to a controller, receiving, at the controller and from the mobile device, a request for services which can be provided by the legacy device, transmitting, from the controller and based on the universal record for the legacy device, data associated with the legacy device to the mobile device to yield transmitted data and transmitting, based on an acceptance of the transmitted data by the mobile device, a service request from the mobile device to the legacy device for providing a service to the mobile device.
H04L 67/125 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks involving control of end-device applications over a network
27.
SYSTEMS AND METHODS FOR IDENTIFYING WEAKNESS IN A NETWORK SYSTEM USING CHAOS ENGINEERING
A method for identifying one or more weakness in a network system through simulations includes configuring a plurality of chaos events to be run on the network system, running the plurality of chaos events on the network system, receiving alert messages from a monitoring system, determining differences if the alert messages match with a set of expected alert messages and/or delay in receiving the alert messages, and reporting the determined differences to a control plane of the network system for display on a user terminal.
H04L 41/0604 - Management of faults, events, alarms or notifications using filtering, e.g. reduction of information by using priority, element types, position or time
28.
TRUST-BASED MODEL FOR DEPLOYING ISSUE IDENTIFICATION AND REMEDIATION CODE
A method, computer system, and computer program product are provided for selectively deploying code modules for issue identification and remediation tasks. A plurality of code modules is obtained, wherein each code module includes instructions for issue identification and remediation. A trust score for each code module of the plurality of code modules is determined, wherein the trust score includes a first trust score component for issue identification and a second trust score component for issue remediation, and wherein the trust score is based on a source of each code module selected from a group of a human-generated source and an artificial intelligence model-generated source. A particular code module of the plurality of code modules is deployed based on the trust score of the particular code module satisfying a threshold value. The trust score for the particular code module is updated based on results of deploying the particular code module.
Multi-AP Coordination (MAPC) configuration protocol may be provided. MAPC modes supported by a plurality of Access Points (APs) may be discovered. A MAPC group of a sub-set of APs of the plurality of APs may be formed. Each AP of the sub-set of APs of the MAPC group may support at least one common MAPC mode. Roles including a leader and followers of the MAPC group may be advertised. A first AP of the MAPC group may be assigned as the leader and remaining APs of the MAPC group may be assigned as the followers.
Methods are provided for a proxy infrastructure that serves as a bridge between an enterprise network and a computing machine of a user ensuring a chain of trust. The methods involve obtaining, from a client device, a request to navigate to one or more target devices of a remote enterprise network and locally authenticating the client device based on at least one of an identity of the client device and user credentials. The methods further involve generating a connection request for the client device to navigate to the one or more target devices based on the client device being locally authenticated and providing the connection request to a proxy service executing in the remote enterprise network. The proxy service authenticates an access to the one or more target devices based on device credentials while hiding the device credentials from the client device.
Novel techniques and mechanisms enable processing of heavy deep learning workloads on standard edge network devices to optimize the overall inference throughput of the network while meeting Service Level Agreement(s) (SLAs). The techniques can include receiving a deep learning model, determining a graph structure of the deep learning model including neurons organized in layers (the layers including an input layer, a plurality of hidden layers, and an output layer), assigning to a first IP subnet, at least a part of a first hidden layer of the plurality of hidden layers, assigning to a second IP subnet, at least a part of a second hidden layer of the plurality of hidden layers, and deploying the parts of the first and second hidden layers to edge devices as containerized applications with assigned IP addresses, which may be hidden from the user and/or third party application.
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
Described herein are devices, systems, methods, and processes for assessing and managing the carbon footprint of information technology (IT) infrastructures. The system can utilize distributed public key infrastructure (PKI) to ensure data security, trustworthiness, and anonymity. It may provide real-time, accurate, and comprehensive data on the carbon footprint of the entire infrastructure, enabling administrators to make informed decisions based on live, aggregated, and anonymized power consumption data and carbon footprint metrics. The system can also support the management of carbon-related metrics during processes such as device migration or infrastructure renewal. Furthermore, it can enable various stakeholders, including IT infrastructure owners, auditors, and generic users, to access and analyze the data based on their specific roles and permissions. This approach can enhance the transparency and accountability of IT operations, contributing to environmental sustainability efforts in the IT industry.
The present technology provides intercloud connectivity as a service by discovering components of the organization's deployment in various sites, irrespective of the cloud provider, such that two sites can merely be selected along with a few standard options, and the controller can handle the complexity of instantiating a tunnel between the cloud sites automatically. Further, the controller can monitor the health of one or more tunnels between the cloud sites to automatically scale bandwidth up or down.
A method of rendering a service graph illustrating dependencies between a frontend and a backend of an application comprises generating a plurality of frontend traces from a plurality of frontend spans and generating a plurality of backend traces from a plurality of backend spans ingested from the application. The method also comprises aggregating frontend metrics data using the plurality of frontend traces and backend metrics data using the plurality of backend traces. The method further comprises determining connection information between one or more frontend traces of the plurality of frontend traces and corresponding backend traces of the plurality of backend traces. The method also comprises rendering the service graph using the connection information and the aggregated frontend and backend metrics data.
Techniques and architecture are described for providing a configurable security posture for a network device using an extended ownership artifact, e.g., an ownership voucher, an ownership certificate, etc., and a security profile mechanism that scales to user needs and desires for security profiles on network devices, i.e., easily and securely customizable on thousands of nodes of a network. The configurable security posture may be achieved using the manufacturer authorized signing authority (MASA) to issue an ownership voucher with a security bit extension to support security profile additions. Using the MASA service, a user may explicitly decide on various security postures of a given network device and may apply that profile across the fixed or modular chassis of a network of network devices.
This disclosure generally relates to a method and system for mapping application dependency information. The present technology relates techniques that enable user-adjustable application dependency mapping of a network system. By collecting internal network data using various sensors in conjunction with external user inputs, the present technology can provide optimized application dependency mapping using user inputs.
G06F 16/9535 - Search customisation based on user profiles and personalisation
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/55 - Detecting local intrusion or implementing counter-measures
G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 41/046 - Network management architectures or arrangements comprising network management agents or mobile agents therefor
H04L 41/0668 - Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
H04L 41/0806 - Configuration setting for initial configuration or provisioning, e.g. plug-and-play
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
H04L 41/0893 - Assignment of logical groups to network elements
H04L 41/12 - Discovery or management of network topologies
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
H04L 41/22 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
H04L 43/026 - Capturing of monitoring data using flow identification
H04L 43/04 - Processing captured monitoring data, e.g. for logfile generation
H04L 43/062 - Generation of reports related to network traffic
H04L 43/08 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
H04L 43/0805 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
H04L 43/0811 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
H04L 47/2441 - Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
H04L 47/2483 - Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
H04L 47/28 - Flow controlCongestion control in relation to timing considerations
H04L 47/31 - Flow controlCongestion control by tagging of packets, e.g. using discard eligibility [DE] bits
H04L 47/32 - Flow controlCongestion control by discarding or delaying data units, e.g. packets or frames
H04L 67/10 - Protocols in which an application is distributed across nodes in the network
H04L 67/1001 - Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
A Low Power Indoor (LPI) Access Point (AP) that punctures its channel while respecting incumbents may be provided. First, a computing device may determine a relaxation value. Then an energy detection Clear Channel Assessment (CCA) threshold may be changed by the relaxation value for a punctured subchannel. Next, the punctured subchannel may be reported as busy when energy is detected in the punctured subchannel above the changed energy detection CCA threshold.
Techniques, which may be embodied herein as systems, computing devices, methods, algorithms, software, code, computer readable media, or the like, are described herein for comparing a set of metrics generated during a simulated user interaction with a website to metrics generated by observing real user interactions with the website. Simulated user interactions with a website can be used to diagnose a website's performance issues, but it can be difficult to determine whether the simulated interactions reflect the experience of real users. In addition, the simulated user interactions can be challenging to contextualize because the number of observed real user interactions may significantly outnumber the simulated interactions. A graphical user interface can help with the interpretation of these website interactions by using the real user interactions to properly contextualize the simulated results.
Systems and methods are described for scheduling a query for execution. The system receives and parses a query to identify one or more portions of the query. The system determines a resource allocation for each portion of the query, and determines an availability of compute resources for the different portions of the query. Based on the resource allocation and the availability of compute resources, the system schedules the query.
Disclosed is a data fabric service system that can be implemented in a distributed computer network, such as a data intake and query system. The data index and query system can receive a search query and define a search scheme for applying the search query on distributed data storage systems including internal data storage and external data storage. The data index and query system may provide a portion of the search scheme to a search service of the data fabric service system, which can cause worker nodes of the data fabric service system to perform various functions-including applying the search query to the external data storage based on the portion of the search scheme in order to obtain search results.
G06F 16/25 - Integrating or interfacing systems involving database management systems
G06F 16/27 - Replication, distribution or synchronisation of data between databases or within a distributed database systemDistributed database system architectures therefor
This disclosure describes various methods, systems, and devices related to identifying path changes of data flows in a network. An example method includes receiving, at a node, a packet including a first signature. The method further includes generating a second signature by inputting the first signature and one or more node details into a hash function. The method includes replacing the first signature with the second signature in the packet. The packet including the second value is forwarded by the node.
Disclosed are systems, apparatuses, methods, computer readable medium, and circuits for sharing multifactor authentication with shared session tokens using an authentication service. According to at least one example, a method includes: in response to receiving a request to check an authentication status from a first application, transmitting a first message to an authentication service including shared information; providing first authentication credentials related to a first authentication to the authentication service; and receiving a message related to a second authentication to bypass the second authentication.
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
44.
Receiver Performance Measurement System and Method Thereof
Devices, networks, systems, methods, and processes for determining receiver performance metric of a network device are described herein. A device may utilize one or more error patterns associated with the network device to retrieve one or more symbol errors from the one or more error patterns. The device can determine an error threshold for a segment based on a predefined Bit Error Rate (BER) level for the segment. The device may generate a performance metric for the segment based on the error threshold and the retrieved symbol errors. The device can generate a receiver performance metric based on performance metrics of segments. The device may determine a Code Error Ratio (CER) and can predict a Frame Loss ratio (FLR) associated with the network device based on the CER.
This disclosure describes techniques and mechanisms enabling processing of heavy deep learning workloads on standard edge network devices to optimize the overall inference throughput of the network while meeting Service Level Agreement(s) (SLAs). The techniques can include receiving a deep learning model, determining a graph structure of the deep learning model including neurons organized in layers (the layers including an input layer, a plurality of hidden layers, and an output layer), assigning to a first IP subnet, at least a part of a first hidden layer of the plurality of hidden layers, assigning to a second IP subnet, at least a part of a second hidden layer of the plurality of hidden layers, and deploying the parts of the first and second hidden layers to edge devices as containerized applications with assigned IP addresses, which may be hidden from the user and/or third party application.
A Low Power Indoor (LPI) Access Point (AP) that punctures its channel while respecting incumbents may be provided. First, a computing device may determine a relaxation value. Then an energy detection Clear Channel Assessment (CCA) threshold may be changed by the relaxation value for a punctured subchannel. Next, the punctured subchannel may be reported as busy when energy is detected in the punctured subchannel above the changed energy detection CCA threshold.
Described herein are devices, systems, methods, and processes for determining the geo-positions of access points (APs) in a wireless network. The techniques involve utilizing geo-positioning data including global navigation satellite system (GNSS) measurements, wireless local area network (WLAN) signal measurements, air pressure measurements, preexisting knowledge, or any combination thereof. The GNSS measurements may include pseudo range measurements. The WLAN signal measurements can include time of arrival (ToA), channel state information (CSI), and/or received signal strength indicator (RSSI) measurements. The geo-position of each AP is calculated by applying Bayes' theorem to all available geo-positioning data and selecting the geo-position hypothesis with the highest probability. The geo-positions of the APs can be updated when a new measurement is obtained. The techniques can handle diverse AP deployments including heterogeneous APs with varying sensor capabilities.
H04B 7/06 - Diversity systemsMulti-antenna systems, i.e. transmission or reception using multiple antennas using two or more spaced independent antennas at the transmitting station
A system facilitates communication between branches of an SD-WAN and a service chain element. A hub node receives a data packet of a flow from a source branch over a VPN segment to be transmitted to a destination branch, extracts flow information from the data packet including VPN segment information to be stored in a flow table before transmitting the data packet to the service chain element over a service chain VPN. Upon return of the data packet from the service chain element, the hub node uses packet tuple information to retrieve the flow information with VPN segment information from the flow table. The hub node can then forward the data packet to the destination branch over the VPN segment. The hub node can generate and store an Auto Service Chaining Key that connects bidirectional flows so that the hub node can apply service-chaining to bidirectional traffic.
Disclosed are systems, apparatuses, methods, computer readable medium, and circuits for ordering services in a service chain comprising: receiving, at an edge router, one or more data packets; determining, at the edge router, a sequence order of service chain elements for the one or more data packets based upon an established sequence, the sequence order modifies the established sequence to performing an altering service that alters a payload of the one or more packets prior to one or more remaining services that inspect the one or more packets; transmitting and receiving, by the edge router in the sequence order, the one or more data packets to and from the service chain elements; transmitting, by the edge router, the one more data packets to a destination after a last of the service chain elements has been performed.
In an example embodiment, a method includes determining an attitudinal negativity score associated with a contact center agent, among a plurality of contact center agents, based on an interaction between the contact center agent and a user during a communication session, receiving data associated with an incoming user communication, determining a user ease score associated with the incoming user communication based on the data, and blocking routing of the incoming user communication to the contact center agent based on the attitudinal negativity score being above a first threshold score and the user ease score being below a second threshold score.
Techniques are described herein for detecting an invalid (e.g., spoof) email before it is received by an intended recipient. In some embodiments, the techniques may involve, upon receiving an electronic communication directed to an intended recipient, determining, based on information included in the electronic communication, a claimed source entity, and determining a domain associated with the email communication. The techniques may further involve determining an owner entity associated with the domain and then determining that the electronic communication is valid based on a comparison between the owner entity and the claimed source entity. Upon determining that the electronic communication is not valid, the techniques may further comprise performing one or more mitigation techniques.
Devices, systems, methods, and processes for calibrating clock signals of network devices are described herein. A device can initiate a ranging procedure with a reference device for synchronizing a clock signal of the device. The ranging procedure may utilize Fine Time Measurement (FTM), Ultra-Wide band (UWB), or similar protocols. The device can also synchronize the clock signal based on detection of ambient interference events. The device may also receive Global Navigation Satellite System (GNSS) data from a satellite and determine a pseudo range for the corresponding satellite based on the synchronized clock signal. The device may further transmit the GNSS data to a location engine. The location engine may aggregate the GNSS data received from a plurality of devices and determine a geolocation of the plurality of devices based on the aggregated GNSS data.
G01S 19/39 - Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system the satellite radio beacon positioning system transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.
G06F 16/9535 - Search customisation based on user profiles and personalisation
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
G06F 21/55 - Detecting local intrusion or implementing counter-measures
G06F 21/56 - Computer malware detection or handling, e.g. anti-virus arrangements
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 41/046 - Network management architectures or arrangements comprising network management agents or mobile agents therefor
H04L 41/0668 - Management of faults, events, alarms or notifications using network fault recovery by dynamic selection of recovery network elements, e.g. replacement by the most appropriate element after failure
H04L 41/0806 - Configuration setting for initial configuration or provisioning, e.g. plug-and-play
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
H04L 41/0893 - Assignment of logical groups to network elements
H04L 41/12 - Discovery or management of network topologies
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
H04L 41/22 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks comprising specially adapted graphical user interfaces [GUI]
H04L 43/026 - Capturing of monitoring data using flow identification
H04L 43/04 - Processing captured monitoring data, e.g. for logfile generation
H04L 43/062 - Generation of reports related to network traffic
H04L 43/08 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters
H04L 43/0805 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability
H04L 43/0811 - Monitoring or testing based on specific metrics, e.g. QoS, energy consumption or environmental parameters by checking availability by checking connectivity
H04L 47/2441 - Traffic characterised by specific attributes, e.g. priority or QoS relying on flow classification, e.g. using integrated services [IntServ]
H04L 47/2483 - Traffic characterised by specific attributes, e.g. priority or QoS involving identification of individual flows
H04L 47/28 - Flow controlCongestion control in relation to timing considerations
H04L 47/31 - Flow controlCongestion control by tagging of packets, e.g. using discard eligibility [DE] bits
H04L 47/32 - Flow controlCongestion control by discarding or delaying data units, e.g. packets or frames
H04L 67/10 - Protocols in which an application is distributed across nodes in the network
H04L 67/1001 - Protocols in which an application is distributed across nodes in the network for accessing one among a plurality of replicated servers
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
In one embodiment, a process observes a communication network with automated systems for packet relative arrival times between a pair of devices having stable or periodic communications within the communication network. The process performs a spectral analysis on the packet relative arrival times between the pair of devices to determine a periodicity of communications between the pair of devices. When a change in the periodicity of communications between the pair of devices is detected based on continued inference observing, the process may then mitigate the change in the periodicity of communications between the pair of devices.
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
Presented herein is a printed circuit board (PCB) assembly with an absorber having a perforated structure. The absorber is positioned between a trace of a PCB and a connector that couples the PCB to an enclosure. The absorber includes a perforated structure to maintain an integrity of a signal propagated along the trace, while improving electromagnetic interference and/or electromagnetic compatibility properties.
Disclosed are systems, apparatuses, methods, computer readable medium, and circuits for ordering services in a service chain comprising: receiving, at an edge router, one or more data packets; determining, at the edge router, a sequence order of service chain elements for the one or more data packets based upon an established sequence, the sequence order modifies the established sequence to performing an altering service that alters a payload of the one or more packets prior to one or more remaining services that inspect the one or more packets; transmitting and receiving, by the edge router in the sequence order, the one or more data packets to and from the service chain elements; transmitting, by the edge router, the one more data packets to a destination after a last of the service chain elements has been performed.
Interoperable Transmit Power Envelop (TPE) signaling with Automated Frequency Coordination (AFC) frequency response may be provided. First, AFC information may be received. Next a mask may be determined for a punctured channel indicated in the AFC information. Then a first amount may be determined that the mask needs to be altered to reach an AFC response for the punctured channel indicated in the AFC information. A Transmit Power Envelop (TPE) value may then be reported for the punctured channel comprising the first amount plus a second amount.
H04W 52/14 - Separate analysis of uplink or downlink
H04W 52/36 - Transmission power control [TPC] using constraints in the total amount of available transmission power with a discrete range or set of values, e.g. step size, ramping or offsets
An epoch scheme for Station (STA) privacy and, specifically, a structured Media Access Control (MAC) address rotation schedule for STAs may be provided. Providing an epoch scheme for STA privacy can include determining epoch parameters for a STA, the epoch parameters comprising a minimum epoch period duration and a maximum epoch period duration. The epoch parameters are sent to the STA, wherein the STA is operable to rotate a MAC address each epoch period at a time between the minimum epoch period duration and the maximum epoch period duration. A mapping of the STA and the MAC address can be updated each epoch period.
Interoperable Transmit Power Envelop (TPE) signaling with Automated Frequency Coordination (AFC) frequency response may be provided. First, AFC information may be received. Next a mask may be determined for a punctured channel indicated in the AFC information. Then a first amount may be determined that the mask needs to be altered to reach an AFC response for the punctured channel indicated in the AFC information. A Transmit Power Envelop (TPE) value may then be reported for the punctured channel comprising the first amount plus a second amount.
In one implementation, a method herein comprises: determining a given time during which a computer network is unstable in response to a topology event within the computer network; causing, in response to the computer network being unstable, a measurement analysis process to perform network performance analysis on the computer network based on the computer network being unstable during the given time; and causing, in response to determining that the computer network is otherwise in a stable state, the measurement analysis process to perform network performance analysis on the computer network based on the computer network being stable.
In one implementation, a “probe controller orchestrator” provides access to cross-domain probing via the probe controller orchestrator for a plurality of probe controllers across a plurality of different network domains with a respective different probing protocol and associated probing capability. The probe controller orchestrator, in particular, obtains domain-specific probe test results from each of the plurality of probe controllers, and correlates the domain-specific probe test results into cross-domain data formatted in a common data format understandable by each of the plurality of probe controllers. As such, the probe controller orchestrator may then respond to requests received from the plurality of probe controllers with the cross-domain data in order to cause respective domain-specific processing.
According to one or more implementations of the disclosure, a device may determine a path of travel of the vehicle. The device may obtain telemetry data associated with the path of travel. The device may compute, based on the telemetry data, a communication strategy whereby the vehicle switches from using a first transceiver to communicate with a primary satellite network and a second transceiver to communicate with a secondary satellite network. The device may cause the vehicle to communicate according to the communication strategy.
Systems, methods, and computer-readable media for performing threat remediation through a switch fabric of a virtualized network environment. Data traffic passing into a virtualized network environment including a plurality of virtual machines running on a switch fabric is monitored. A network threat introduced through at a least a portion of the data traffic is identified at the switch fabric. One or more remedial measures are performed in the network environment based on the identification of the network threat in the virtualized network environment.
The present embodiments are directed to a system with a first power assembly having a first power enclosure configured to attach to an optical plug and a first power connector disposed in the first power enclosure, as well as a second power assembly having a second power enclosure configured to attach to an optical enclosure that is configured to receive the optical plug and a second power connector disposed in the second power enclosure. The first power connector and the second power connector are configured to couple to each other.
A system facilitates communication between branches of an SD-WAN and a service chain element. A hub node receives a data packet of a flow from a source branch over a VPN segment to be transmitted to a destination branch, extracts flow information from the data packet including VPN segment information to be stored in a flow table before transmitting the data packet to the service chain element over a service chain VPN. Upon return of the data packet from the service chain element, the hub node uses packet tuple information to retrieve the flow information with VPN segment information from the flow table. The hub node can then forward the data packet to the destination branch over the VPN segment. The hub node can generate and store an Auto Service Chaining Key that connects bidirectional flows so that the hub node can apply service-chaining to bidirectional traffic.
In one aspect, a method of supporting enhanced UE policies that control which access technologies and the number of access technologies a user equipment can access beyond a single 3GPP connection and a single non-3GPP connection, the method including registering, by a user equipment, to a 3GPP network, wherein the registering includes an indication that the user equipment supports multi-access packet data unit (MA-PDU) sessions; receiving, by the user equipment, a UE policy for a first application permitting the user equipment to access at least three access technologies for communications while accessing the first application, wherein the UE policy is received from an access mobility function (AMF) of the 3GPP network; and determining, by the user equipment, one or more of the access technologies permitted in the UE policy for the first application to use to establish protocol data unit (PDU) session with the first application.
A system and method are provided for allocating bandwidth and metering data flows within a wireless mesh-tree network. The network includes a wireless LAN controller (WLC), a root access point (RAP), and mesh access points (MAPs), which are arranged in respective hop levels corresponding to the number of links a given MAP is removed from the RAP. The WLC allocates available data rates (ADRs) to the respective MAPs, and each MAP then apportions its ADR among various origination types of data flowing through the given MAP (e.g., backhaul, ethernet-bridged, and client data types). The MAPs can use a token bucket filter (TBF)-like mechanism to enforce this apportionment. WiFi multi-media (WMM) based access classes can be used to shape the data flows (e.g., an NC access class assigned to topology maintenance traffic ensures it is fed directly into a WMM queue).
A system facilitates communication between branches of an SD-WAN and a service chain element. A hub node receives a data packet of a flow from a source branch over a VPN segment to be transmitted to a destination branch, extracts flow information from the data packet including VPN segment information to be stored in a flow table before transmitting the data packet to the service chain element over a service chain VPN. Upon return of the data packet from the service chain element, the hub node uses packet tuple information to retrieve the flow information with VPN segment information from the flow table. The hub node can then forward the data packet to the destination branch over the VPN segment. The hub node can generate and store an Auto Service Chaining Key that connects bidirectional flows so that the hub node can apply service-chaining to bidirectional traffic.
Devices, systems, methods, and processes for detecting anomalous movements within network devices are described herein. Certain movements within networks devices are predictable and negligible. However, other movements may indicate a larger problem with the network, or network devices, especially when the network devices (e.g., access points) are within a stationary deployment. For example, a sudden movement of a network device may indicate that it has fallen, been moved, or is under threat of a physical attack. Many network devices are being deployed with various environmental sensors. These sensors can be utilized to detect movement of the network device. This can be done by evaluating the received signal strength indicator levels as well as the output of the environmental sensor. If an anomalous movement is detected, preventative actions can be taken such as rebooting or limiting access. This can be done on the network device or by a centralized management system.
Described herein are devices, systems, methods, and processes for determining the geo-positions of access points (APs) in a wireless network. The techniques involve utilizing geo-positioning data including global navigation satellite system (GNSS) measurements, wireless local area network (WLAN) signal measurements, air pressure measurements, preexisting knowledge, or any combination thereof. The GNSS measurements may include pseudo range measurements. The WLAN signal measurements can include time of arrival (ToA), channel state information (CSI), and/or received signal strength indicator (RSSI) measurements. The geo-position of each AP is calculated by applying Bayes' theorem to all available geo-positioning data and selecting the geo-position hypothesis with the highest probability. The geo-positions of the APs can be updated when a new measurement is obtained. The techniques can handle diverse AP deployments including heterogeneous APs with varying sensor capabilities.
G01S 19/09 - Cooperating elementsInteraction or communication between different cooperating elements or between cooperating elements and receivers providing processing capability normally carried out by the receiver
G01S 19/14 - Receivers specially adapted for specific applications
G01S 19/39 - Determining a navigation solution using signals transmitted by a satellite radio beacon positioning system the satellite radio beacon positioning system transmitting time-stamped messages, e.g. GPS [Global Positioning System], GLONASS [Global Orbiting Navigation Satellite System] or GALILEO
G01S 19/46 - Determining position by combining measurements of signals from the satellite radio beacon positioning system with a supplementary measurement the supplementary measurement being of a radio-wave signal type
G01S 5/00 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations using radio waves
G01S 19/45 - Determining position by combining measurements of signals from the satellite radio beacon positioning system with a supplementary measurement
Techniques for a proxy to replicate traffic being communicated between a client device and a destination device based on determining an outage or impairment in a LEO satellite network. The prow may be communicating a traffic stream between a source device and a destination device using a primary WAN that includes the LEO satellite network. However, the prow may determine that the primary WAN has experienced or will experience an outage or other impairment. In such examples, the proxy may then replicate the traffic stream and send the replicated traffic stream over a backup communication link. The backup communication link may a different path through the primary WAN, and/or may be a communication path through a secondary WAN. Once the outage or impairment has cleared, the proxy may stop replicating the traffic and again use the primary WAN to communicate traffic.
H04B 7/00 - Radio transmission systems, i.e. using radiation field
H04L 67/12 - Protocols specially adapted for proprietary or special-purpose networking environments, e.g. medical networks, sensor networks, networks in vehicles or remote metering networks
H04W 40/00 - Communication routing or communication path finding
An epoch scheme for Station (STA) privacy and, specifically, a structured Media Access Control (MAC) address rotation schedule for STAs may be provided. Providing an epoch scheme for STA privacy can include determining epoch parameters for a STA, the epoch parameters comprising a minimum epoch period duration and a maximum epoch period duration. The epoch parameters are sent to the STA, wherein the STA is operable to rotate a MAC address each epoch period at a time between the minimum epoch period duration and the maximum epoch period duration. A mapping of the STA and the MAC address can be updated each epoch period.
H04W 12/02 - Protecting privacy or anonymity, e.g. protecting personally identifiable information [PII]
H04L 61/103 - Mapping addresses of different types across network layers, e.g. resolution of network layer into physical layer addresses or address resolution protocol [ARP]
A method of managing communication over a quantum channel. The method includes generating a first set of quantum channel codes configured to encode a message to obtain a quantum encoded message, supplying the first set of quantum channel codes to an encoder, generating a second set of quantum channel codes configured to decode the quantum encoded message, and supplying the second set of quantum channel codes to a decoder that is configured to operate with encoder across a channel, wherein the first set of quantum channel codes and the second set of quantum channel codes are derived using a machine learning model.
An optical network element detects an input optical signal at a preamplifier input and sets an output power level of the preamplifier at a predetermined Automatic Power Reduction (APR) power level. The optical network element starts an APR timer that expires after a first predetermined time period. While the APR timer is running, the optical network element measures an input power level of the input optical signal and calculates a span loss as a function of the difference between the predetermined APR power level and the measured input power level. After the expiration of the APR timer, the optical network element adjusts the output power level of the preamplifier output based on the calculated span loss.
H04B 10/079 - Arrangements for monitoring or testing transmission systemsArrangements for fault measurement of transmission systems using an in-service signal using measurements of the data signal
Described herein are devices, systems, methods, and processes for managing the computational complexity in geolocating a large number of network devices (e.g., access points (APs)) in indoor environments. A number of network devices may be partitioned into smaller groups or batches based on neighbor knowledge about the network devices. Each batch of network devices can include just devices located on a same floor, or may include devices located across different floors. Every batch may include at least one anchor network device. The geolocation of the network devices can be determined, batch-by-batch, based on fusing global navigation satellite system (GNSS) pseudorange measurements and inter-network device ranging measurements. The geolocation accuracy for each partition can be evaluated utilizing such metrics as the average residual error. If the error for a batch is greater than a threshold, remedial measures may be taken to reduce the error and improve the geolocation accuracy.
G01S 19/48 - Determining position by combining or switching between position solutions derived from the satellite radio beacon positioning system and position solutions derived from a further system
Devices, systems, methods, and processes for detecting anomalous movements within network devices are described herein. Certain movements within networks devices are predictable and negligible. However, other movements may indicate a larger problem with the network, or network devices, especially when the network devices (e.g., access points) are within a stationary deployment. For example, a sudden movement of a network device may indicate that it has fallen, been moved, or is under threat of a physical attack. Many network devices are being deployed with various environmental sensors. These sensors can be utilized to detect movement of the network device. This can be done by evaluating the received signal strength indicator levels as well as the output of the environmental sensor. If an anomalous movement is detected, preventative actions can be taken such as rebooting or limiting access. This can be done on the network device or by a centralized management system.
A method, computer system, and computer program product are provided for mitigating carbon emissions. Data is obtained indicating an overall amount of power consumption for a plurality of nodes in a service provider network, wherein each node of the plurality of nodes is located in a different geographical location, and wherein the service provider network provides service to a plurality of service provider network users. A fraction of network traffic is determined that is handled by the plurality of nodes in the service provider network for serving a particular service provider network user. A service provider network user power consumption is determined for the particular service provider network user based on the fraction of network traffic and the overall amount of power consumption. An amount of emissions is determined resulting from generating electrical power to support the service provider network user power consumption for the particular service provider network user.
H04L 41/0833 - Configuration setting characterised by the purposes of a change of settings, e.g. optimising configuration for enhancing reliability for reduction of network energy consumption
H04L 41/0816 - Configuration setting characterised by the conditions triggering a change of settings the condition being an adaptation, e.g. in response to network events
H04L 41/16 - Arrangements for maintenance, administration or management of data switching networks, e.g. of packet switching networks using machine learning or artificial intelligence
H04L 45/00 - Routing or path finding of packets in data switching networks
Methods and systems are described herein for graceful insertion and removal of at a data link layer of an open systems interconnection model (OSI Model). In one aspect, the method comprises: establishing connections to at least two ports on a first side of a link to create a link aggregation group managed using link aggregation control protocol (LACP), wherein the link aggregation group constitutes a transmit path from the first side of the link to the second side of the link. A partner device may receive, from a first port of the at least two ports, a first message, wherein the first message indicates that the first port will become unavailable to receive traffic.
Described herein are techniques directed to utilizing IP encapsulation to route data packets to different instances of a service in a network. In one aspect, a method includes generating a first request, which includes a first data packet and a first IP encapsulation; transmitting the first request to a service aware router, wherein the service aware router generates a second request that includes the first data packet and a second IP encapsulation, and transmits the service request to the instance of the service; receiving, from the service instance, a response including a second data packet and a third IP encapsulation, which includes an identifier of the service instance of the service; and recording the identifier of the service instance, wherein subsequent requests for applying the service to data packets originating at the device are directly transmitted by the device to the service instance.
Techniques for a proxy to replicate traffic being communicated between a client device and a destination device based on determining an outage or impairment in a LEO satellite network. The proxy may be communicating a traffic stream between a source device and a destination device using a primary WAN that includes the LEO satellite network. However, the proxy may determine that the primary WAN has experienced or will experience an outage or other impairment. In such examples, the proxy may then replicate the traffic stream and send the replicated traffic stream over a backup communication link. The backup communication link may a different path through the primary WAN, and/or may be a communication path through a secondary WAN. Once the outage or impairment has cleared, the proxy may stop replicating the traffic and again use the primary WAN to communicate traffic.
Techniques for using real-time metrics and telemetry information to dynamically prioritize attack paths identified during a static analysis of a cloud native application, and using top priority attack paths identified during the static analysis to steer the dynamic analysis. The techniques may include identifying components of the cloud native application and connections between the components. The components and connections are analyzed to identify a set of attack paths. Network communications are monitored between the connections and metrics representing signals in the communications collected. A first subset of the attack paths based on a first portion of the metric indicating a real-time security vulnerability are identified. Finally, the first subset of the attack paths is prioritized over a second subset of the attack paths based at least in part on the first subset having the first portion of the metrics indicating real-time security vulnerabilities.
A computer-implemented method includes a processing node sending a request that includes an identified alert record from a shared alert data store that is shared amongst a cluster of processing nodes including the processing node. The processing node receives, responsive to the request, a delete alert record uniquely identifying the identified alert record and including an annotation identifying a new delete alert record as being a delete alert record type. The processing node matches, responsive to the annotation, the delete alert record to a local copy of the identified alert record based on the delete alert record uniquely identifying the identified alert record. The processing node deletes, based on the annotation, the local copy of the identified alert record according to the delete alert record.
The disclosed technology relates to a process of evaluating any number of different identity providers (IDPs) and their respective set of credentials that are used to authenticate corresponding users to assist with the onboarding of the different IDPs in connection with Wi-Fi identity federations. In particular, the process allows a person's electronic identity and attributes (stored across one or more IDPs) to be determined once using a standard. Once trust has been established for the user, that trust can then be utilized across a number of different systems (e.g., Single-sign on). The same trust determination can be used without the need for the authenticity of the user identity to be re-evaluated with each new access request.
Systems, methods, and computer-readable media are provided for inter-network messaging among private and public 5G networks. For instance, a first server on a public 5G mobile network can receive a first message directed to a first wireless device associated with a first network identity. The first server can determine, based on the first network identity, that the first wireless device is associated with a second network identity, wherein the second network identity is used to identify the first wireless device on a private 5G mobile network. The first server can send a copy of the first message to a second server on the private 5G mobile network for transmission to the first wireless device through the private 5G mobile network based on the second network identity.
Disclosed are systems, methods, and computer-readable media for assuring tenant forwarding in a network environment. Network assurance can be determined in layer 1, layer 2 and layer 3 of the networked environment including, internal-internal (e.g., inter-fabric) forwarding and internal-external (e.g., outside the fabric) forwarding in the networked environment. The network assurance can be performed using logical configurations, software configurations and/or hardware configurations
In one implementation, a device provides, to a user interface, proof-of-creation information that certifies that data presented by the user interface was created by one or more sensors capturing the data from a real person. The device receives, via the user interface, an edit to the data, to form edited data. The device associates one or more keys with the edited data that are based on the proof-of-creation information and on the edit to the data. The device provides, based on the one or more keys, lineage information to the user interface in conjunction with the edited data that indicates the edit to the data and the proof-of-creation information.
G06F 21/64 - Protecting data integrity, e.g. using checksums, certificates or signatures
G06F 3/01 - Input arrangements or combined input and output arrangements for interaction between user and computer
H04L 9/32 - Arrangements for secret or secure communicationsNetwork security protocols including means for verifying the identity or authority of a user of the system
H04L 12/18 - Arrangements for providing special services to substations for broadcast or conference
87.
COMMUNICATION-AWARE INFERENCE SERVING FOR PARTITIONED NEURAL NETWORKS
In one implementation, a device generates outputs of nodes in a upstream layer of a partitioned neural network. The device assigns priorities to each of the outputs of the nodes. The device selects, based on the priorities, a subset of the outputs to send to a remote device. The device sends, via a computer network, the subset of the outputs to the remote device for input to a downstream layer of the partitioned neural network.
In one embodiment, a method is disclosed comprising monitoring dynamic locations of a plurality of mobile communication devices within a physical area covered by a wireless communication network, wherein keys are distributed to the mobile communication devices at association time; determining that a particular mobile communication device should have a relay for communication with the network based on a first location of the particular mobile communication device and inadequate wireless communication characteristics at the first location; selecting an opportunistic relay device from the mobile communication devices based on a second location of the opportunistic relay device and adequate wireless communication characteristics of the opportunistic relay device within the network and to the first location from the second location; and directing the opportunistic relay device to relay communications for the particular mobile communication device at the first location, wherein the communications are encrypted based on the keys.
Described herein are devices, systems, methods, and processes for improving the accuracy of access point (AP) location in a Wi-Fi network using client device data and AP ranging measurements. APs may be deployed across a specific area. The APs can range to one another and form a matrix of measurements. Techniques such as semidefinite programming or multidimensional scaling (MDS) can be employed to transform these AP-to-AP ranges into a set of coordinates. Client devices in the area may also range to the APs. The client devices may provide their location measurement report (LMR) feedback and geo-position estimation to the network. The client devices-provided data, along with the AP-to-AP matrices, may be returned to a location server. The location server can use the data to refine the accuracy of the AP-to-AP graph and ascertain the most probable geo-position of the APs.
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations using radio waves
G01S 11/02 - Systems for determining distance or velocity not using reflection or reradiation using radio waves
90.
HYBRID NON-LINE-OF-SIGHT DETECTION IN WIRELESS NETWORKS
Devices, systems, methods, and processes for hybrid line-of-sight (LOS) / non-line of sight (NLOS) detection are described herein. To facilitate co-existence and co-operation of a fixed network and a wireless network sharing a same frequency band without interference, a device in the wireless network can be configured to perform automatic frequency coordination (AFC). The device can accurately determine a geolocation of the device by utilizing global navigation satellite system (GNSS) data and light detection and ranging (LiDAR) data. The device can also determine whether the fixed station is in the LOS by utilizing the GNSS data and the LiDAR data. The device can further correct the geolocation and improve an accuracy of the LOS / NLOS detection by using both: the GNSS data and the LiDAR data simultaneously. The device can further control an output power when the fixed station is in the LOS, thereby avoiding the interference.
Described herein are devices, systems, methods, and processes for estimating the geolocation of network devices by jointly utilizing pseudorange measurements from global navigation satellite system (GNSS) satellites and terrestrial -based ranging measurements between network devices. Each network device is equipped with a GNSS receiver that collects pseudorange data from each satellite link at time intervals. Terrestrial-based ranging measurements between network devices can also be collected. The receiver clock error can be accounted for at least in part by over-the-air time synchronization of network devices. To mitigate the impact of multipath and improve accuracy, pseudorange measurements with less than satisfactory quality metrics can be filtered out. In some embodiments, the geolocation of anchor network devices can be estimated with high accuracy first, and then the rest of the non-anchor network devices may be localized in a second-stage localization process.
G01S 19/09 - Cooperating elementsInteraction or communication between different cooperating elements or between cooperating elements and receivers providing processing capability normally carried out by the receiver
G01S 19/14 - Receivers specially adapted for specific applications
G01S 19/46 - Determining position by combining measurements of signals from the satellite radio beacon positioning system with a supplementary measurement the supplementary measurement being of a radio-wave signal type
G01S 5/00 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations
G01S 5/02 - Position-fixing by co-ordinating two or more direction or position-line determinationsPosition-fixing by co-ordinating two or more distance determinations using radio waves
G01S 19/24 - Acquisition or tracking of signals transmitted by the system
Devices, systems, methods, and processes for hybrid line-of-sight (LOS) / non-line of sight (NLOS) detection are described herein. To facilitate co-existence and co-operation of a fixed network and a wireless network sharing a same frequency band without interference, a device in the wireless network can be configured to perform automatic frequency coordination (AFC). The device can accurately determine a geolocation of the device by utilizing global navigation satellite system (GNSS) data and light detection and ranging (LiDAR) data. The device can also determine whether the fixed station is in the LOS by utilizing the GNSS data and the LiDAR data. The device can further correct the geolocation and improve an accuracy of the LOS / NLOS detection by using both: the GNSS data and the LiDAR data simultaneously. The device can further control an output power when the fixed station is in the LOS, thereby avoiding the interference.
In one embodiment, a method includes transmitting pulse power on two wire pairs, the pulse power comprising a plurality of high voltage pulses with the high voltage pulses on the wire pairs offset between the wire pairs to provide continuous power, performing low voltage fault detection on each of the wire pairs between the high voltage pulses, and transmitting data on at least one of the wire pairs during transmittal of the high voltage pulses. Data transmittal is suspended during the low voltage fault detection.
H03M 13/03 - Error detection or forward error correction by redundancy in data representation, i.e. code words containing more digits than the source words
H03M 13/15 - Cyclic codes, i.e. cyclic shifts of codewords produce other codewords, e.g. codes defined by a generator polynomial, Bose-Chaudhuri-Hocquenghem [BCH] codes
H03M 13/37 - Decoding methods or techniques, not specific to the particular type of coding provided for in groups
H04B 3/54 - Systems for transmission via power distribution lines
H04L 41/12 - Discovery or management of network topologies
Systems and methods are disclosed for processing and executing queries against one or more dataset sources, where the queries identify a set of data to be processed and a manner of processing the set of data. To query the dataset sources, a query coordinator generates a query processing scheme that includes a dynamic allocation of multiple layers of partitions. The query is then executed based on the query processing scheme.
In one implementation, a device receives a request to generate a new communication protocol. The device generates, based on the request, the new communication protocol using a generative model. The device configures software to use the new communication protocol. The device causes an endpoint in a network to communicate using the new communication protocol via the software.
In one implementation, a controller determines performance of a partitioned neural network. The controller identifies, based on the performance, a particular partition of the partitioned neural network as a bottleneck. The controller configures a first device to execute a replica of the particular partition. The controller configures a multiplexer that provides an output of the particular partition or the replica of the particular partition as input to a downstream partition of the partitioned neural network.
In one implementation, a device intercepts return data for an application programming interface call to be sent to a requester via a network. The device converts the return data into an embedding. The device determines a similarity between the embedding and one or more embeddings in a database that were generated from one or more documents deemed sensitive. The device blocks, based on the similarity, the return data from being sent via the network to the requester.
A system and method of securing and virtualizing firmware trusted platform modules (TPMs) for virtualizing a hardware security module (HSM) for a host within a network fabric is provided. The system and method include operably coupling a set of components associated with a host comprising a data processing unit (DPU) secure vault and a firmware trusted platform module (TPM). The firmware TPM is configured as a virtual firmware TPM. The DPU secure vault secures the virtual firmware TPM into one or more virtual firmware TPMs based on one or more partitions configured with the DPU secure vault. A virtual TPM manager communicatively coupled to the DPU secure vault manages one or more virtual TPMs for hosting a set of Virtual Machines (VMs) or Containers.
G06F 21/57 - Certifying or maintaining trusted computer platforms, e.g. secure boots or power-downs, version controls, system software checks, secure updates or assessing vulnerabilities
G06F 21/72 - Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information in cryptographic circuits
99.
TRAFFIC PROTECTION WITH PREDETERMINED REROUTE AND ADAPTIVE FAILURE DETECTION FOR USE OF APPLICATIONS HOSTED ON VIRTUAL PRIVATE CLOUDS
Techniques are described for quickly rerouting traffic to an application hosted on a first Virtual Private Cloud (VPC) location. In the event of an error in routing traffic to the first VPC portion traffic can be rerouted to a second VPC portion. The first and second VPC portions can be different portions of the same VPC or could be different VPSs. The techniques include steps for calculating a predetermined route to the second private virtual cloud location. The techniques further include steps for monitoring data for detecting an error in the first cloud location. The steps further include detecting a potential error based on the monitored data, and also verifying that the potential error is in fact a valid error. In response to verifying that the error is a valid error, further steps include performing a fast reroute of traffic to the second cloud locations along the predetermined route.
A computing device receives an ingest preview request to preview events to be stored by at least one indexer. Responsive to the ingest preview request, the computing device sends a subscription request to the forwarders. The forwarders receive the subscription request and intercept the events that are being sent to at least one of the indexers. The forwarders then clone matching events to the subscription request and responds to the computing device with the matching events. When the computing device receives the matching events, the computing device adds the matching events to a dispatch directory. The user interface is then populated with events in the dispatch directory.
