The present disclosure provides techniques for AID generation for enhanced data privacy (EDP) operations. An AP provides a first communication indicating that the AP supports a randomized MAC address rotation management protocol. The AP establishes a communications link between the AP and a STA, where establishing the communications link comprises assigning the STA to an EDP group. The AP generates a list of N AIDs for the STA, each of the N AIDs to be used in a corresponding epoch of N epochs associated with the EDP group. The AP transmits, to the STA in a protected wireless frame, information indicating the list of N AIDs for the STA. The AP maintains the communications link with the STA based at least in part on the timing information for randomized MAC address rotation for the EDP group, and including using each AID in the list of N AIDs during corresponding epochs.
Systems, methods, and computer-readable media are disclosed for validating multiple paths used for routing network traffic in a network. In one aspect, a network controller can identify one or more intermediate nodes on each of multiple paths in a network, wherein the multiple paths begin at a first network node and end at a last network node. The network controller can further generate a data packet with a label at the first network node, forward the test data packet from the first network node, along each of the one or more intermediate nodes, to the last network node, and perform a data plane validation process for validating packet forwarding from the first network node to the last network node based on the label(s) by determining if a number of the multiple paths equals to a number of packets received at the last network node.
A meeting server provides, to one or more participants of an online meeting, an invitation to join the online meeting. The invitation including an option to request one or more accommodations for the online meeting. The meeting server obtains, from a participant of the one or more participants, a request for an accommodation, of the one or more accommodations, during the online meeting. The meeting server performs one or more actions associated with the request for the accommodation.
A system of one embodiment provides for efficient grid-estimation of spherical geo-probability function. The system includes a memory and a processor. The system accesses data, wherein the data includes training points and each training point includes a latitude value and a longitude value. The system also generates one or more grid points around each training point in the data. The system calculates a probability value for each grid point in the plurality of grid points using a probability density function. The system also combines each grid point into a geo-grid. The systems stores the geo-grid. In some embodiments, the system combines each grid point into a geo-grid by adding a probability value of a first grid point to a probability value of second grid point.
In one aspect, a method includes defining a corresponding depth for each leaf device and each spine device in a leaf-spine network fabric having a hierarchical structure; defining one or more zones in the leaf-spine network fabric; generating a corresponding replication list for each leaf device and one or more spine devices in the leaf-spine network fabric based at least in part of the corresponding depth and the one or more zones defined; and performing ingress replication of network traffic received at a given leaf device using the corresponding replication list of the given leaf device and the corresponding replication list of at least one of the one or more spine devices.
In one example, a method includes receiving, at a network node of a network deploying segment routing, a data packet, wherein an IPv6 header of the data packet includes a source specific function associated with a source address of the data packet and a destination specific function associated with a destination address of the data packet; determining, at the network node, whether a source flag in an End node address of the network node is set; upon determining that the source flag is set, extracting, by the network node, the source specific function; and executing, by the network node, the source specific function for the data packet.
A system and method are provided for faster convergence with multihoming using internet protocol (IP) performance measurement (PM) sessions to report, to a transmitting provider edge (PE), a state of health of a connection between a multihomed node and a receiving (PE). The state of health can be the liveness of the connection. The receiving PE locally monitors the state of health of its connection to the node, and encodes information of the state of health in a field of the PM session messages sent to the transmitting PE. For example, while the PM session messages indicate the connection is live, traffic from the transmitting PE to the node is routed through the receiving PE. Upon the PM session messages indicating the connection is no longer live, the transmitting PE instead routes traffic to the node through another receiving PE with which the node is multihomed.
Techniques are described for avoiding data packet fragmentation in a routing device such as a router or network switch. Path Maximum Transport Unit (PMTU) values are monitored for a plurality of egress links of a networking device. A statistical analysis of fragmentation rates is performed. The statistical analysis can be performed on a per-link basis, per-flow basis or both per-link and per-flow basis. If the packet fragmentation rate of data flows through a particular egress link exceeds a determined threshold value, one or more data flows can be re-routed to a different egress link having a higher PMTU, thereby preventing data packet fragmentation.
In some aspects, a computer-implemented method for performance monitoring in a multicast network, includes a controller causing a source router to originate a probe data packet. The controller may also originate, at the source router, the probe data packet, where the probe data packet is a data packet intended to measure performance data associated with one or more legs of a multicast distribution tree. Further, the source router may transmit the probe data packet through the multicast distribution tree using a probe identifier, where when received by a last hop router associated with the one or more legs of the multicast distribution tree, the last hop router redirects the probe data packet to a CPU of the last hop router configured to generate performance statistics. The source router may receive from the last hop router, the performance statistics.
H04L 43/062 - Génération de rapports liés au trafic du réseau
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
Techniques for tunneling Layer 2 ethernet frames over a connection tunnel using the MASQUE protocol are described herein. The MASQUE protocol may be extended to include a new entity, configured to proxy ethernet frames using a MASQUE proxy connection, and an associated CONNECT method, CONNECT-ETH. Using the extended MASQUE protocol, an Ethernet over MASQUE (EoMASQUE) tunnel may then be established between various networks that are remote from one another and connected to the internet. An EoMASQUE tunnel, established between separate remote client premises, and/or between a remote client premise and an enterprise premise, may tunnel ethernet packets between the endpoints. Additionally, a first EoMASQUE tunnel, established between a first client router provisioned in a first remote client premise and an EoMASQUE proxy node, and a second EoMASQUE tunnel, established between a second client premise and the EoMASQUE proxy node, may tunnel ethernet packets between the first and second client premise.
H04L 61/103 - Correspondance entre adresses de types différents à travers les couches réseau, p. ex. résolution d’adresse de la couche réseau dans la couche physique ou protocole de résolution d'adresse [ARP]
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
H04L 67/02 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP]
H04L 67/101 - Sélection du serveur pour la répartition de charge basée sur les conditions du réseau
H04L 67/1012 - Sélection du serveur pour la répartition de charge basée sur la conformité des exigences ou des conditions avec les ressources de serveur disponibles
H04L 67/141 - Configuration des sessions d'application
H04L 67/562 - Courtage des services de mandataires
11.
Automated transformation of natural language queries into search query statements using artificial intelligence
Implementations of this disclosure provide a search query statement generation system that receives user input being a natural language description of a search query and, through the use of artificial intelligence, translates the natural language description into an executable search query statement. The executable search query statement may be in the form of a pipelined search query statement. The use of artificial intelligence may include a trained machine learning model that transforms the natural language description to an alternative text format. In some instances, the trained machine learning model is a generative pre-trained transformer. In such instances, the natural language description may be provided to a chatbox, which may return one or more search query statements automatically generated by the generative pre-trained transformer. Further, one of the automatically generated search query statements may be executed such that the results are displayed within the chatbox.
Described herein are techniques are provided for enabling a security orchestration, automation, and response (SOAR) service to automatically manage apps used to interface with an integrated security operations service and other related devices and services. Further described herein is a SOAR app generator service or application used to automate the creation of apps for a SOAR service based on application programming interfaces (API) specifications for related devices or services, as well as visual playbook editor interfaces for a SOAR service that enable the configuration of complex action input parameters including arrays and objects.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
The present technology provides solutions for enabling software-defined wide area network (SD-WAN) policies on a cloud security provider. An example method includes collecting, by a SD-WAN controller, contextual data associated with at least one user account of a SD-WAN, wherein the contextual data includes at least one of a virtual private network (VPN) identifier or a security group tag; and transmitting, by the SD-WAN controller, the contextual data over a secure application programming interface to a cloud security engine of a cloud network for enforcement of security policies on the cloud network based on the contextual data. Systems and computer-readable media are also provided.
A method is performed by a host assembly including a controller, a power supply circuit, and a host connector to be connected to an optical module of a particular type among different types of optical modules respectively configured to accept different types of supply voltages. The method includes: when the optical module is connected to the host assembly, identifying a particular type of supply voltage, among the different types of the supply voltages, that the optical module is configured to accept; selecting, among different power modes available to the host assembly that are respectively compatible with the different types of the supply voltages, a particular power mode that is compatible with the particular type of the supply voltage; and operating in the particular power mode to provide the particular type of the supply voltage to the optical module.
H04B 10/80 - Aspects optiques concernant l’utilisation de la transmission optique pour des applications spécifiques non prévues dans les groupes , p. ex. alimentation par faisceau optique ou transmission optique dans l’eau
Generally, Software-Defined Wide Area Networks (SD-WAN) generally do not support network segmentation. The concepts disclosed herein connects IPSec SD-WAN fabric to a Virtual Routing and Forwarding (VRF) router and make use of a Software Defined Cloud Interconnect (SDCI) Router to route traffic from IPSec SD-WAN to various cloud services from the SDCI Router in the fabric. The concepts disclosed herein also provides for tunnel multi-plexing that takes incoming and outgoing traffic and maps VPNs to any service VRF associated with the cloud based services.
Devices, systems, methods, and processes for managing network devices through generated predictions and associated confidence levels are described herein. Networks within a floorplan can be operated at full capacity all day in an inefficient way when not adjusted due to traffic patterns and seasonality changes. Data related to the topology of the network, along with historical data can be utilized to generate predictions of various network needs. For example, the overall network throughput capacity needs may be predicted for a series of points in the future. An associated confidence level can be generated as well including one or more confidence intervals. These can be utilized to select a future need for the network and generate a corresponding sustainable network configuration for the network devices and/or their transceivers that can provide sufficient network needs while minimizing the overall power used. This can be automated over time once trust has been established.
H04L 41/0833 - Réglages de configuration caractérisés par les objectifs d’un changement de paramètres, p. ex. l’optimisation de la configuration pour améliorer la fiabilité pour la réduction de la consommation d’énergie du réseau
H04L 41/083 - Réglages de configuration caractérisés par les objectifs d’un changement de paramètres, p. ex. l’optimisation de la configuration pour améliorer la fiabilité pour augmenter la vitesse du réseau
H04L 41/12 - Découverte ou gestion des topologies de réseau
H04L 41/147 - Analyse ou conception de réseau pour prédire le comportement du réseau
Techniques for using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS) to anonymize server-side addresses in data communications. Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a random IP address that is mapped to the client device and the endpoint device. In this way, IP addresses of servers are obfuscated by a random IP address that cannot be used to identify the endpoint device or service. The client device may then communicate data packets to the server using the random IP address as the destination address, and a gateway that works in conjunction with DNS can convert the random IP address to the actual IP address of the server using NAT and forward the data packet onto the server.
H04L 61/2521 - Architectures de traduction autres que les serveurs de traduction d’adresses de réseau [NAT] pour réseau unique
H04L 61/2539 - Traduction d'adresses de protocole Internet [IP] en masquant les adressesTraduction d'adresses de protocole Internet [IP] en gardant les adresses anonymes
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
18.
METHOD TO ACHIEVE DYNAMIC NAT66 ENCRYPTION AND DECRYPTION
The disclosed technology addresses the need in the art for systems and methods of dynamic but stateless NAT encryption and decryption. The disclosed technology provides a robust encryption/decryption algorithm for concurrently obfuscating source and destination IPv6 addresses for SNAP deployments with 100% reversal and zero collisions, thereby providing protection to both the source and destination IPv6 simultaneously.
The present technology provides for receiving communications at an authentication service, and the communication is indicative of a change in a security posture of an authenticated session between a user device and a secure service. The authentication service can then determine that the change in the security posture of the authenticated session impacts the trust level associated with the user device and causes the trust level to fall below the threshold. The authentication service can then send an enforcement signal to a security agent on a network device that provides remedial actions that a user can undertake to improve the security posture of the authenticated session.
Make-before-break roaming may be provided. A first packet and a second packet may be created. The first packet and the second packet may comprise replicants of one another. The first packet and the second packet may comprise a sequence number. The first packet may be received by a first link and the second packet may be received by a second link. The first packet may be forwarded from the first link and the second packet may be forwarded from the second link.
The present technology provides a software-defined wide area network (SD-WAN) interconnect gateway to connect multiple SaaS clouds based on user intent. The technology dynamically discovers the best possible interconnect gateway to provide access to different cloud services from different geographic locations. A first branch connecting to a first cloud, and a second branch connecting to a second cloud, can now share their respective pathways to the clouds so that both branches can enjoy access to both clouds.
A system and method are provided for implementing a network component, such as a software-defined wide area network, a firewall, a router, or a load balancer. The network component can be an embedded network edge device that is implemented, e.g., in software, in circuitry, or using hardware acceleration (e.g., a data processing unit (DPU), a smart network interface card (SmartNIC), etc.). The system can a primary (first) dataplane and a shadow (second) dataplane. During verification testing, the network function (e.g., routing) is performed by transmitting the egress packets from the primary (first) dataplane, but using the egress packets from the shadow (second) dataplane only for verification testing. After verification testing, the shadow (second) dataplane is promoted to be a new primary dataplane by gradually increasing the ratio of the output packets that originate from the new primary (second) dataplane until all output packets originate from the second dataplane.
H04L 43/08 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux
H04L 41/082 - Réglages de configuration caractérisés par les conditions déclenchant un changement de paramètres la condition étant des mises à jour ou des mises à niveau des fonctionnalités réseau
H04L 43/04 - Traitement des données de surveillance capturées, p. ex. pour la génération de fichiers journaux
23.
ENABLING SECURITY POLICIES ON CLOUD SECURITY PROVIDER BASED ON SD-WAN CONTEXT
The present technology provides solutions for enabling software-defined wide area network (SD-WAN) policies on a cloud security provider. An example method includes collecting, by a SD-WAN controller, contextual data associated with at least one user account of a SD-WAN, wherein the contextual data includes at least one of a virtual private network (VPN) identifier or a security group tag; and transmitting, by the SD-WAN controller, the contextual data over a secure application programming interface to a cloud security engine of a cloud network for enforcement of security policies on the cloud network based on the contextual data. Systems and computer-readable media are also provided.
A system of one embodiment that provides proactive security policy suggestions for applications based on the applications' software composition and runtime behavior. The system includes a memory and a processor. The system is operable to access data that represents one or more features of an application. The application is running on one or more nodes in a computer network, and a feature indicates an application library of the node. The system is operable to apply a clustering algorithm to the data to generate a plurality of cluster sets. The system is operable to determine a security policy to apply to a cluster set of the plurality of cluster sets and apply the security policy to an application whose features are represented by the data in the cluster set.
G06F 18/23213 - Techniques non hiérarchiques en utilisant les statistiques ou l'optimisation des fonctions, p. ex. modélisation des fonctions de densité de probabilité avec un nombre fixe de partitions, p. ex. K-moyennes
25.
METHOD AND SYSTEMS FOR ETHERNET VIRTUAL PRIVATE NETWORKS FAST RE-ROUTE CONVERGENCE
Disclosed herein are systems, methods, and computer-readable media for forwarding data in response to a detected local area network failure. In one aspect, a method includes identifying one or more EVPN services in a local area network. In one aspect, the method includes allocating one or more FRR labels, each of the FRR labels corresponding to each of the EVPN services. In one aspect, the method includes broadcasting the FRR labels to a plurality of network appliances of the LAN. In one aspect, the method includes determining one or more EVI-EAD routes associated with the FRR labels. In one aspect, the method includes detecting a LAN failure of one of the plurality of the network appliances. In one aspect, the method includes forwarding incoming data to another one of the plurality of the network appliances in accordance with the determined EVI-EAD routes, in response to detecting the LAN failure.
Techniques for dynamically establishing, pausing, and/or terminating secure communication sessions. The techniques may include, detecting an occurrence of an authentication trigger event on a computing device and causing a user of the computing device to be authenticated for access to a resource that is to be accessed via a secure communication session. Based at least in part on authenticating the user for access to the resource, a token may be stored in a location that is accessible to a headend appliance associated with the secure communication session. The token may indicate that the user of the computing device is authenticated for access to the resource. In this way, at least partially responsive to detecting an occurrence of a networking trigger event, the secure communication session may be established between the computing device and the headend appliance to provide the computing device with access to the resource.
This disclosure describes techniques for using an anchored endpoint to enhance MFA authentication of a client device. A method performed at least in part by a security service includes determining a fingerprint of a client device connected to a secure resource. The method also includes determining that the client device is within a threshold proximity of an anchor device. The method also includes detecting a change to the fingerprint of the client device. Based at least in part on the client device staying within the threshold proximity of the anchor device, the method also includes continuing to allow the client device to access the secure resource. Based at least in part on detecting that the client device is no longer within the threshold proximity of the anchor device, the method also includes triggering a reauthentication of the client device.
A computing device monitors a key performance indicator (KPI) relative to a first alert threshold, where a value of the KPI having a specified relationship to the first alert threshold causes the computing device to generate an alert. When the computing device receives an instruction to modify the first alert threshold by an adjustment amount, for a specified time window, the computing device generates a modified alert threshold by applying the adjustment amount to the first alert threshold. During the specified time window, the computing device monitors the KPI relative to the modified alert threshold instead of the first alert threshold. Monitoring is resumed relative to the first alert threshold after the specified time window.
G06F 11/34 - Enregistrement ou évaluation statistique de l'activité du calculateur, p. ex. des interruptions ou des opérations d'entrée–sortie
G06Q 10/0637 - Gestion ou analyse stratégiques, p. ex. définition d’un objectif ou d’une cible pour une organisationPlanification des actions en fonction des objectifsAnalyse ou évaluation de l’efficacité des objectifs
G06Q 10/0639 - Analyse des performances des employésAnalyse des performances des opérations d’une entreprise ou d’une organisation
29.
UPLINK AND DOWNLINK DATA AND CONTEXT HANDLING FOR ROAMING
The present disclosure provides techniques for seamless roaming with uplink/downlink context transfer. A serving AP transmits a sequence of downlink data units for a TID to a client device, the sequence of downlink data units having sequence numbers falling within a transmit window for the TID. The serving AP receives, from the client device, a roaming request identifying a target AP. In response, the serving AP sends a roaming context message to the target AP, comprising at least one of a SSN of the transmit window corresponding to the TID, or a NSN for the TID, where the NSN is a first sequence number to be assigned for downlink data units of the TID transmitted by the target AP to the client device.
Embodiments described herein are directed to facilitating efficient management of data storage and retrieval. In one embodiment, filter data associated with a bucket of data is obtained at a local data store from a remote data store. Based on analysis of the filter data, it is determined that the bucket of data is a candidate to contain data relevant to a search query. Based on such a determination, the index data associated with the bucket of data is obtained at the local data store from the remote data store. Thereafter, it may be determined that the bucket of data includes data relevant to the search query based on analysis of the index data. Based on the determination that the bucket of data includes data relevant to the search query, the journal data associated with the bucket of data is obtained at the local data store from the remote data store.
A data intake and query system can manage the search of large amounts of data using one or more processing nodes. When a new processing node is added or becomes available, the node coordinator can reassign duties from one or more processing nodes to the new processing node. The node coordinator can initially assign the new processing node one or more groups of data for backup purposes. At a later time, the node coordinator can reassign the new processing node to the one or more groups of data for searching purposes.
Techniques used by an observability system for facilitating near real-time analytics using structures representing or summarizing data distributions, such as histograms. An observability system receives a set of datapoints in which each received datapoint includes data for a structure representing a data distribution. For example, each of the datapoints may include data for a histogram including at least two dimensions. A processing pipeline is disclosed for processing the received data and making the results of the processing available to a user in near real-time. The processing includes identifying, from the datapoints received by the observability system, a subset of datapoints that fall within a time window, generating aggregate data based upon data in the identified subset of datapoints, computing one or more statistical measures based upon the aggregate data, and enabling querying of the subset of datapoints, the aggregate data, and the statistical measures computed for the first minute.
A device executes a visualization application program on a processor. Via the visualization application, a technique for visualizing data paths are performed. The technique includes receiving a data structure from a data intake and query system, where the data stream includes event stream data associated with the data path. The data path includes a set of entities, including an origin entity and a destination entity. The technique further includes generating visualizations of the origin entity, destination entity, and the event stream data. The visualization of the event stream data includes visualizations of events streaming between the visualization of the origin entity and visualization of the destination entity. The technique also includes causing the visualizations of the origin entity, destination entity, and the event stream data to be presented in an extended reality environment.
Described herein is a technique to update an edge device deployed in a secure computing network. A repository connected to a public network stores build contents configured to update software installed on the edge device; the public network is inaccessible to devices within the secure computing environment. A second device connected to the public network acquires the build contents in a signed lockbox file. An edge device management service generates a lockbox file containing the build contents and a trusted signer outside the secure computing network signs the lockbox file. The second device connects to secure computing network and establishes communications with the edge device. The edge device verifies the signed lockbox file provided by the second device. Upon verification, the edge device extracts the contents of the signed lockbox file and updates the software installed on the edge device. Both offline and online updating approaches are described.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
35.
SECURE SUPPORT OF CUSTOMIZATION SCRIPTS USING PIPELINING
In one embodiment, a device performs a detection stage of an automated instrumentation pipeline during which the device detects an application server type by examining a command line of a process of an application. The device performs, based on the application server type, an extraction stage of the automated instrumentation pipeline during which the device extracts application server attributes. The device performs, based on the application server attributes, a naming stage of the automated instrumentation pipeline during which the device forms a naming hierarchy for processes of the application. The detection stage, the extraction stage, and the naming stage of the automated instrumentation pipeline do not have access to a controlled space of the application. The device inserts, based in part on the naming hierarchy, arguments into command lines of processes of the application that cause the processes of the application to be instrumented at runtime.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p. ex. par clés ou règles de contrôle de l’accès
36.
EXTENSIONS TO SIMPLE TWO-WAY ACTIVE MEASUREMENT PROTOCOL PACKETS
In one implementation, a device may obtain a Simple Two-way Active Measurement Protocol test packet that includes hop-by-hop data collected by the Simple Two-way Active Measurement Protocol test packet along its path. The device may determine whether the Simple Two-way Active Measurement Protocol test packet includes an instruction to reflect the hop-by-hop data back to an originating session sender. The device may copy, based on a determination that the Simple Two-way Active Measurement Protocol test packet includes the instruction, the hop-by-hop data into a type-length-value segment of a reply Simple Two-way Active Measurement Protocol test packet. The device may transmit the reply Simple Two-way Active Measurement Protocol test packet back to the originating session sender.
A method for virtual datacenter deployment includes initializing, at a physical datacenter, a virtual private cloud executing one or more containers, and deploying, to a container in the virtual private cloud, a datacenter agent for managing a virtual datacenter executing within the container. The method further includes receiving, from the datacenter agent, a first request for service configuration data defining one or more services provided by the virtual datacenter, and responsive to the first request, providing the service configuration data to the datacenter agent to configure the one or more services provided by the virtual datacenter. The method further includes receiving, from the datacenter agent, a second request for application configuration data defining one or more applications executing within the virtual datacenter, and responsive to the second request, providing the application configuration data to the datacenter agent to configure the one or more applications executing within the virtual datacenter.
G06F 9/455 - ÉmulationInterprétationSimulation de logiciel, p. ex. virtualisation ou émulation des moteurs d’exécution d’applications ou de systèmes d’exploitation
38.
TELEMETRY-BASED DEVICE POWER CONSUMPTION PREDICTION
Devices, systems, methods, and processes for telemetry-based device power consumption prediction are described herein. Values of power consumption and telemetry parameters associated with a network device are collected over a time period. Using at least one telemetry parameter, various engineered parameters are generated. From all the collected telemetry parameters and the engineered parameters, a set of model parameters is selected for model development. A machine learning (“ML”) model is then trained to determine a correlation between the values of the set of model parameters and the power consumption of the network device. When the network device is in the field, device telemetry data is sensed. Based on the device telemetry data, values corresponding to the set of model parameters are determined and provided as input to a trained ML model. Device power consumption is predicted based on an output of the trained ML model for the input values.
H04L 43/08 - Surveillance ou test en fonction de métriques spécifiques, p. ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux
H04L 41/16 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets en utilisant l'apprentissage automatique ou l'intelligence artificielle
Devices, networks, systems, methods, and processes for routing data in a network are described herein. A network device may identify one or more fabric links and determine one or more system ports associated with the one or more fabric links. The network device can generate one or more Reverse Fabric Routing Tables (RFRTs) associated with the one or more system ports. The network device may detect changes in operational statuses of the one or more fabric links and update the RFRTs based on the detected changes. The network device can create and update a FRT based on the RFRTs. The network device may transmit one or more update messages to provide reachability, congestion, and bandwidth awarenesses to other network devices. The network device can be partitioned into one or more virtual elements to provide multiple reachability planes and may also dynamically adjust traffic routing for packet and/or flow spray traffic.
Devices, networks, systems, methods, and processes for delivering power to a plurality of powered devices in a network are described herein. A controller may receive a lease request from a powered device. The controller can extract one or more requested parameters from the lease request. The controller can determine one or more device parameters associated with the powered device and one or more dynamic lease conditions associated with a power resource. If the one or more device parameters and/or the one or more requested parameters meet the one or more dynamic lease conditions, the controller can grant the lease request. The controller may deliver power to the powered device upon the grant of the lease request. The controller can dynamically update the one or more dynamic lease conditions and monitor the lease to check whether the lease complies with the one or more updated dynamic lease conditions.
System, methods, and computer-readable media for switching a dynamic radio of a single RU between Radio Access Technology (RAT) protocols based on a Software-Defined RAN intelligent controller (SD-RIC). The SD-RIC efficiently assigning RAN resources by converting a radio access point to either 5G or Wi-Fi based on the load conditions and the number of users seen on the network, so that it appropriately servers the customer and end devices. To determine the load conditions may be based on active users on a particular cell, and then the resource utilization cue is a connection latency. A single radio unit includes a primary radio and a secondary radio, each being independently tuned. The primary radio is static while a secondary one can be influenced based on the conditions, turning into N-RU or Wi-Fi.
Devices, systems, methods, and processes for telemetry-based device power consumption prediction are described herein. Values of power consumption and telemetry parameters associated with a network device are collected over a time period. Using at least one telemetry parameter, various engineered parameters are generated. From all the collected telemetry parameters and the engineered parameters, a set of model parameters is selected for model development. A machine learning ("ML") model is then trained to determine a correlation between the values of the set of model parameters and the power consumption of the network device. When the network device is in the field, device telemetry data is sensed. Based on the device telemetry data, values corresponding to the set of model parameters are determined and provided as input to a trained ML model. Device power consumption is predicted based on an output of the trained ML model for the input values.
H04L 41/147 - Analyse ou conception de réseau pour prédire le comportement du réseau
H04L 41/16 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets en utilisant l'apprentissage automatique ou l'intelligence artificielle
Described herein are systems and methods for creating and executing playbooks to automate security and Information Technology (IT) workflows. In one embodiment, an IT and security operations application initiates execution of a playbook. The playbook includes multiple function blocks, where the function blocks collectively define a series of operations to be performed responsive to identification of an incident in an IT environment. Each function block includes computer program source code that is executed upon encountering the function block during execution of the playbook. A first function block of the multiple function block causes the IT and security operations application to send a message seeking a user input via a prompt from one or more recipients. The IT and security operations application receives the user input via the prompt and continues the execution of the playbook. The continued execution of the playbook is affected based on the user input.
Systems, methods, and computer-readable media may facilitate data-driven playbook generation. Resources may be sent to facilitate presentation of a graphical user interface (GUI) that allows configuring of function blocks with a playbook editor to build a playbook. The playbook editor may include an interface and a playbook canvas that allows addition and interrelation of function blocks to define an ordered set of operations to be performed in response to identification of an incident in an information technology (IT) environment. A selection of an interface option to add a first function block to the playbook canvas may be received. The first function block may be added to the playbook canvas of the interface. Outputs of the first function block with sample data for the outputs in a data panel of the interface may be presented in conjunction with the playbook canvas.
Techniques for detecting anomalies at an edge device integrated with a data intake system are disclosed. Sensor data captured by a set of edge devices is received at a system. The system is remote from the set of edge devices. A subset of the sensor data is selected based on a query. The machine learning model is trained to detect anomalies using the subset of the sensor data. After training the machine learning model, the machine learning model is deployed on the edge device. The machine learning model is executed at the edge device to detect one or more anomalies based on runtime sensor data captured at the edge device.
A device transmits, from an overlay service controller associated with an overlay network to an underlay service controller associated with an underlay network and via a semantic structure defined for a service usage API, a request for a service offered by the underlay network. A device may receive, at the overlay service controller, from the underlay service controller and via the service usage API, attachment metadata. A device may map, based on the attachment metadata and via the overlay service controller, an overlay network tunnel to the service in the underlay network to generate an overlay tunnel mapping, wherein the overlay service controller does not have knowledge of details about implementing the service in order to enable the overlay network to consume the service offered by the underlay network. A device may communicate tunneled packets from the overlay network to the underlay network via the overlay tunnel mapping.
A method is provided in which an AP of a MLD AP device may decide to include all out-of-link BSS parameters updates in a beacon frame (beacon). A flag is included in the beacon frame to indicate that all updates are included in the beacon frame and thus the client device that receives the beacon frame should not send probe request frames (probe requests) to obtain these updates. Thus, a non-AP MLD that receives a beacon frame with the above indication and that has all critical BSS parameters corresponding to the Change Sequence Number (CSN) that preceded the updates indicated by the AP, should not send probe requests to obtain the updated parameters. The number of bits to assign to the complete BSS Update Report Indication flag may vary depending on the number of updates to be reported.
H04W 76/15 - Établissement de connexions à liens multiples sans fil
H04W 24/02 - Dispositions pour optimiser l'état de fonctionnement
H04W 48/12 - Distribution d'informations relatives aux restrictions d'accès ou aux accès, p. ex. distribution de données d'exploration utilisant un canal de commande descendant
H04W 84/12 - Réseaux locaux sans fil [WLAN Wireless Local Area Network]
H04W 88/10 - Dispositifs formant point d'accès adapté au fonctionnement dans des réseaux multiples, p. ex. points d'accès multi-mode
48.
ON-DEMAND AND SECURE HARDWARE LICENSE-BASED SKU CREATION FOR ASICS
A method of operating a system-on-chip (SOC) including decrypting, by isolated Root of Trust (RoT) code, a Stock Keeping Unit (SKU) license code from a host during bootup of a device. Then validating, by the isolated RoT code, the SKU license code with firmware and at least one built-in key of a plurality of built-in keys from secure storage. Finally, enabling or disabling, by the isolated RoT code, at least one feature set of a plurality of feature sets comprising resources configured at the SOC based on at least one SKU license code which has been decrypted by isolated RoT code using at least one built-in key and authenticated by firmware.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
A method of manufacturing a printed circuit board (PCB) includes arranging a first trace segment of a trace on a substrate of the PCB, the substrate being composed of fiber glass strands that define a fiber glass weave pattern, and arranging a second trace segment of the trace on the substrate at a position that is fractionally offset from the first trace segment along an axis by a distance that is less than a ball grid array (BGA) pitch of a BGA based on the fiber glass weave pattern. The BGA pitch is a separation distance along the axis between a center of a first via of the BGA of the PCB and a center of a second via of the BGA.
H05K 1/03 - Emploi de matériaux pour réaliser le substrat
H05K 3/10 - Appareils ou procédés pour la fabrication de circuits imprimés dans lesquels le matériau conducteur est appliqué au support isolant de manière à former le parcours conducteur recherché
Systems, methods, and computer-readable media are provided for lattice routing across a plurality of routers. An example method can include receiving, by a first router of a lattice including a plurality of routers, an Internet Protocol packet including a source Internet Protocol prefix and an index number, where the plurality of routers of the lattice is indexed in a lattice index, and where the plurality of routers is configured to forward the Internet Protocol packet to routers of the plurality of routers based on the index number, shuffling, by the first router, the source Internet Protocol prefix, determining, by the first router and based on the index number, whether the first router is the egress router, and sending, by the first router, the Internet Protocol packet with a shuffled source Internet Protocol prefix to a next node.
In one aspect, a method includes setting, at a source node of an SRv6 network, one or more bits of a packet to indicate an ingress service identifier associated with an ingress service, where the ingress service is behind a source node; transmitting, by the source node, the packet towards a destination device of the SRv6 network; accessing, at the source node and from a network device in communication with the source node, an Internet Control Message Protocol error message that includes a portion of the packet indicating the ingress service identifier; and identifying, based on the ingress service identifier indicated by the Internet Control Message Protocol error message for the packet, the ingress service associated with the packet.
H04L 45/00 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données
H04L 41/0686 - Présence d’informations supplémentaires dans la notification, p. ex. pour l’amélioration de métadonnées spécifiques
H04L 43/0823 - Erreurs, p. ex. erreurs de transmission
H04L 69/325 - Protocoles de communication intra-couche entre entités paires ou définitions d'unité de données de protocole [PDU] dans la couche réseau [couche OSI 3], p. ex. X.25
In one embodiment, a method includes: receiving a request from a powered device to schedule one or more power slots for delivery of additional power from power sourcing equipment to the powered device, the request including a requested amount of additional power, a requested time, and a requested duration, the additional power being an amount of power above a base level of power being supplied to the powered device; determining an availability of the amount of additional power at the requested time and for the requested duration; transmitting, in response to determining that the amount of additional power at the requested time and for the requested duration is available, a response indicating the availability; receiving at the requested time a confirmation request for the additional power from the powered device; and enabling the additional power to be supplied to the powered device in response to the confirmation request.
In one implementation, a device obtains network characteristic data associated with degraded performance in a computer network. The device also obtains configuration change data associated with a Border Gateway Protocol configuration change implemented in the computer network. The device determines a correlation between the network characteristic data and the configuration change data. The device provides, based on the correlation, an indication that the Border Gateway Protocol configuration change is a cause of the degraded performance in the computer network.
H04L 41/0823 - Réglages de configuration caractérisés par les objectifs d’un changement de paramètres, p. ex. l’optimisation de la configuration pour améliorer la fiabilité
H04L 41/08 - Gestion de la configuration des réseaux ou des éléments de réseau
H04L 41/16 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets en utilisant l'apprentissage automatique ou l'intelligence artificielle
54.
MEDIA ACCESS CONTROL ADDRESS RANDOMIZATION SUPPORT FOR MULTI-LINK DEVICES
Devices and methods provide Media Access Control (MAC) address randomization support for multi-link devices. A multi-link client device transmits an Identifiable Random Media Access Control (IRM) address of the multi-link client device to a network device. The multi-link client device generates one or more wireless frames indicating the IRM address as a physical address. The IRM address in each wireless frame identifies at least one station of the multi-link client device. The multi-link client device transmits the wireless frame(s) to the network device. The network device receives and stores a first IRM address of the multi-link client device. The network device receives at least one wireless frame indicating a second IRM address as a physical address. The network device recognizes at least one station of the multi-link client device based on a match of the second IRM address with the first IRM address.
A method for exposing a location associated with an emergency call may include receiving, at a first network, a request to initiate an emergency session from a user device associated with a second network. The request may trigger the first network to determine location information of the user device. Data associated with the location information of the user device is maintained by the second network in one or more databases. The method may further include querying, by the first network, the DNS for the location information associated with the user device. The one or more databases may be updated by the second network. The method may further include receiving, at the first network and from the DNS via the one or more databases, the location information associated with the user device. The method may further include updating the emergency session based on the location information.
H04W 76/50 - Gestion de la connexion pour les connexions d'urgence
H04L 61/4511 - Répertoires de réseauCorrespondance nom-adresse en utilisant des répertoires normalisésRépertoires de réseauCorrespondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
H04W 64/00 - Localisation d'utilisateurs ou de terminaux pour la gestion du réseau, p. ex. gestion de la mobilité
56.
SECURE REMOTE ACCESS TO DEVICES ON OVERLAPPING SUBNETS
In one embodiment, a remote access manager receives an access request from a client to remotely access a device on a local network. The remote access manager generates a universally unique identifier for the access request. The remote access manager sends a response to the client having a one-time use domain name system name that is based on the universally unique identifier. The remote access manager communicates with a web proxy to authorize the client to remotely access the device.
The present technology provides intercloud connectivity as a service by discovering components of the organization's deployment in various sites, irrespective of the cloud provider, such that two sites can merely be selected along with a few standard options, and the controller can handle the complexity of instantiating a tunnel between the cloud sites automatically. Further, the controller can monitor the health of one or more tunnels between the cloud sites to automatically scale bandwidth up or down.
In a computer-implemented method for managing analytic results in a cybersecurity system, data representing a plurality of events are accessed, where the plurality of events include machine data generated by entities that are part of or that interact with a computer network. A cybersecurity analytic of a cybersecurity application is applied to the data to produce analytic results, wherein the cybersecurity analytic is to detect a cybersecurity-related anomaly or threat. A performance of the cybersecurity analytic is then evaluated by applying the analytic results to a specified performance criterion. A corrective action for the cybersecurity analytic is then determined, based on a result of evaluating the performance of the cybersecurity analytic. Zero or more anomaly or threat detections by the cybersecurity analytic are then incorporated into an output of the cybersecurity application, based on the determined corrective action.
Presented herein are a variety of palette mode encoding and decoding techniques that can achieve further compression benefits. The techniques can be generalized to use arbitrary block partitions instead of rows, for instance columns of identical indices, or quadrants of identical indices.
H04N 19/13 - Codage entropique adaptatif, p. ex. codage adaptatif à longueur variable [CALV] ou codage arithmétique binaire adaptatif en fonction du contexte [CABAC]
H04N 19/136 - Caractéristiques ou propriétés du signal vidéo entrant
H04N 19/167 - Position dans une image vidéo, p. ex. région d'intérêt [ROI]
H04N 19/176 - Procédés ou dispositions pour le codage, le décodage, la compression ou la décompression de signaux vidéo numériques utilisant le codage adaptatif caractérisés par l’unité de codage, c.-à-d. la partie structurelle ou sémantique du signal vidéo étant l’objet ou le sujet du codage adaptatif l’unité étant une zone de l'image, p. ex. un objet la zone étant un bloc, p. ex. un macrobloc
H04N 19/46 - Inclusion d’information supplémentaire dans le signal vidéo pendant le processus de compression
60.
MULTI-PROTOCOL / MULTI-SESSION PROCESS IDENTIFICATION
In one embodiment, a device obtains one or more packets of a traffic session in a network. The device determines, for a particular packet of the one or more packets that match a filter, a fingerprint for the particular packet. The device identifies a plurality of traffic sessions whose packets match the fingerprint, wherein each of the plurality of traffic sessions is associated with at least one process. The device updates a process with the traffic session by applying a classifier to the plurality of traffic sessions.
Devices, systems, methods, and processes for energy scoring of network paths are described herein. Various network paths, each including one or more hops, may be identified in a network. Presence of additional hops in each network path may be determined. From the identified and determined hops, a set of hops may be determined for energy score determination. For each selected hop, a set of energy parameters may be determined and one or more weights may be assigned to the determined set of energy parameters. A weight may correspond to a level of confidence in or an accuracy of the energy parameter determination. An energy score of each network path may be determined based on the determined set of energy parameters and the assigned one or more weights. One network path may be selected based on the energy scores and traffic may be routed along the selected network path.
H04L 41/00 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets
62.
UPLINK AND DOWNLINK DATA AND CONTEXT TRANSFER FOR SEAMLESS ROAMING
The present disclosure provides techniques for seamless roaming with uplink/downlink context transfer. A serving AP transmits a sequence of downlink data units for a TID to a client device, the sequence of downlink data units having sequence numbers falling within a transmit window for the TID. The serving AP receives, from the client device, a roaming request identifying a target AP. In response, the serving AP sends a roaming context message to the target AP, comprising at least one of a SSN of the transmit window corresponding to the TID, or a NSN for the TID, where the NSN is a first sequence number to be assigned for downlink data units of the TID transmitted by the target AP to the client device.
In one implementation, a device may obtain natural language descriptions of issues detected in a computing system. The device may prompt one or more language models to generate sets of possible causal dependencies between the issues based on their natural language descriptions. The device may form, using the one or more language models, an issue dependency graph that reaches consensus among the sets of possible causal dependencies between the issues. The device may use the issue dependency graph to determine a particular one of the issues as a root cause of an indicated problem in the computing system.
In one implementation, a device may generate cleaned log messages by removing irrelevant data from log messages. The device may construct a directed root tree graph for the cleaned log messages. The device may refine the cleaned log messages in the directed root tree graph based on predefined relationships established in the directed root tree graph. The device may select representative messages from the cleaned log messages in the directed root tree graph to generate a relevancy-filtered file configured for inclusion in a language model prompt.
An optical receiver and a linear receiver pluggable optics (LRO) module are disclosed. The optical receiver includes a photodiode, a transimpedance amplifier (TIA), and a variable gain stage with multiple amplifiers. The optical receiver features dual output buffers for signal distribution to a HOST serializer/deserializer and a re-timer or digital signal processor (DSP). A switch controls the second output buffer without causing bit errors. The LRO module connects to a remote transmitter and includes a photodiode, TIA, and DSP for signal processing. The optical receiver supports advanced monitoring and testing through multiple test points. The module's design ensures efficient signal conversion and transmission, with the ability to toggle re-timers without introducing errors. The system is designed for high-performance optical communication, offering flexibility and reliability in signal handling and processing.
H04B 10/69 - Dispositions électriques dans le récepteur
H03G 3/30 - Commande automatique dans des amplificateurs comportant des dispositifs semi-conducteurs
H04B 10/079 - Dispositions pour la surveillance ou le test de systèmes de transmissionDispositions pour la mesure des défauts de systèmes de transmission utilisant un signal en service utilisant des mesures du signal de données
66.
Systems And Methods For Automated Generation Of Programming Code Through Deployment Of An Orchestration Agent
Some implementations of the disclosure provide a computer-implemented method including operations of receiving a user question by an orchestration agent, where generating a response to a user question includes generation of programming code, executing, by a sub-large language model (LLM), an instruction to generate the programming code and performing, by the sub-LLM, a validation process including determining whether the programming code generated by the sub-LLM includes a syntax error. When the validation process indicates the programming code does not include the syntax error, the method includes operations of invoking a logic module configured to execute the programming code, wherein the logic module is provided the programming code generated by the sub-LLM and executes the programming code and generating, by the orchestration agent, a graphical user interface that displays the response to the user question that includes or is based on results of execution of the programming code.
In one aspect, a method for enhancing cybersecurity using Large Language Model (LLM)-generated honeypot schemes, the method includes generating a plurality of deceptive information using an LLM, configured to attract and engage potential attackers, where the plurality of deceptive information includes one or more characteristics referencing vulnerabilities of a network, continuously monitoring for interactions initiated by an interacting party with one or more components of the generated deceptive information, where the interaction is identified as a potential threat to the network, in response to detection of an interaction identified as a potential threat, extracting interaction data associated with the interacting party retrieved during the interaction, and retraining the LLM with the interaction data to create more effective honeypots.
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
This disclosure describes techniques for improving routing policy awareness in a network. The method includes detecting, by a controller, an application initiated for use at an edge node of a network. Then, generating, by an analytics engine coupled to the controller, analytical data of traffic flow at the edge node of the network wherein the traffic flow is in accordance with a routing policy for routing traffic associated with the application. Further, routing of the traffic through a path from one or more paths configured at the edge node that is in accordance with at least a Service Level Agreement (SLA) for traffic flow. Also, in response to an SLA violation during routing of the traffic, causing an action, by the controller, of routing traffic flow through another path that is in accordance with at least the SLA for traffic flow based on analytical data received of the traffic flow.
Devices, systems and methods to provide a more effective way of allocating power across a plurality of drops in a multi-drop power delivery arrangement. A power transmitter transmits a power waveform together with a multi-drop signaling waveform. Thus, the power waveform and the multi-drop signaling waveform are directed to each of a plurality of drops. The multi-drop signaling waveform has a plurality of divisions, and each of a plurality of power receivers at respective drops of the plurality of drops are assigned to one or more divisions of the plurality of divisions of the multi-drop signaling waveform to draw an associated portion of power from the power waveform.
Devices, systems, methods, and processes for fabric congestion management are described herein. At each ingress switch, virtual output (“VO”) queues are created for egress ports based on identifiers, state indicators, and encapsulation values of the egress ports received via an Ethernet Virtual Private Network (“EVPN”) control plane. When a data packet is received at the ingress switch, an egress port for the data packet is determined, an identifier and an encapsulation value of the egress port are added to the data packet, and the data packet is stored in a corresponding VO queue. The data packet remains at the ingress switch until an egress switch is available. At the egress switch, one or more tags are added in the data packet based on the encapsulation value, whereas the destination egress port is identified based on the identifier. Thus, a quick egress through the egress switch is achieved.
Devices, systems, methods, and processes for recommendation and update of network policies. Existing network policy update solutions rely on human intervention in monitoring and analyzing traffic patterns in a network, checking for policy compliance, detecting any policy violations, and even updating new policies in the network. However, manual processes are prone to human error, introduce significant delays, and lack scalability and objectivity. To address these issues, an automated system is provided that monitors traffic across a network (in real-time or near real-time) and detects violations in a set of network policies associated with the network. The system utilizes one or more recommendation models to process network flow data and network inventory data, and generate one or more policy update recommendations to resolve the detected policy violations. The system further enforces the one or more policy update recommendations on various network devices within the network to resolve the detected policy violations.
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p. ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/0894 - Gestion de la configuration du réseau basée sur des règles
H04L 47/20 - Commande de fluxCommande de la congestion en assurant le maintien du trafic
72.
PATH TRACING PROXY BEHAVIOR FOR INTEGRATION WITH EXTERNAL PROBING APPLIANCE
Systems, methods, and computer-readable media are provided for path tracing proxy behavior using an external probing appliance. An example method can include generating, at an external probing appliance of a network, a probe packet, the probe packet including a source address, a destination address, and a packet tracing indication in a next header field of the probe packet, the packet tracing indication triggering a proxy source behavior at a source node having the source address and a proxy sink behavior at a sink node having the destination address; sending the probe packet to the source node to trigger a packet tracing mechanism; and receive an updated probe packet from the sink node, the updated probe packet including probe data associated with one or more data flows in the network as the one or more data flows traverse the network from the source node to the sink node.
Techniques for providing a language model to detect and remedy a security incident are described. A language model is deployed to respond to prompts from network operators. The language model receives a prompt from the network operator indicating actions to take based on trigger events. When a trigger event occurs, the language model receives a description of a potential security incident and identifies indicators of compromise in the description. The language model calls one or more other models to analyze the indicators and receives from the one or more other models, information indicating that the potential security incident is a real security incident, and outputs a prompt to the network operator to approve confirmation of the security incident.
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/57 - Certification ou préservation de plates-formes informatiques fiables, p. ex. démarrages ou arrêts sécurisés, suivis de version, contrôles de logiciel système, mises à jour sécurisées ou évaluation de vulnérabilité
One embodiment of the disclosure is an electro-optical modulator system. The system may include a ferroelectric material having one or more crystal orientation axes and a Mach-Zehnder interferometer (MZI) modulator comprising an MZI input, an MZI output, a first arm and a second arm, wherein the first arm and the second arm are in optical communication with the MZI input and the MZI output. The ferroelectric material may define or be in communication with a portion of the first arm and the second arm. The first arm may have a first phase parameter and the second arm may have a second phase parameter. The arms may have domain orientations that differ. A portion of the first arm may include a portion of one or more loading layers and a portion of the second arm may include a portion of one or more loading layers.
G02F 1/05 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur basés sur des céramiques ou des cristaux électro-optiques, p. ex. produisant un effet Pockels ou un effet Kerr avec des propriétés ferro-électriques
G02F 1/00 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire
G02F 1/21 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur par interférence
G02F 1/225 - Dispositifs ou dispositions pour la commande de l'intensité, de la couleur, de la phase, de la polarisation ou de la direction de la lumière arrivant d'une source lumineuse indépendante, p. ex. commutation, ouverture de porte ou modulationOptique non linéaire pour la commande de l'intensité, de la phase, de la polarisation ou de la couleur par interférence dans une structure de guide d'ondes optique
Devices, systems, methods, and processes for energy scoring of network paths are described herein. Various network paths, each including one or more hops, may be identified in a network. Presence of additional hops in each network path may be determined. From the identified and determined hops, a set of hops may be determined for energy score determination. For each selected hop, a set of energy parameters may be determined and one or more weights may be assigned to the determined set of energy parameters. A weight may correspond to a level of confidence in or an accuracy of the energy parameter determination. An energy score of each network path may be determined based on the determined set of energy parameters and the assigned one or more weights. One network path may be selected based on the energy scores and traffic may be routed along the selected network path.
In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker should be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.
Techniques for providing a language model to detect and remedy a security incident are described. A language model is deployed to respond to prompts from network operators. The language model receives a prompt from the network operator indicating actions to take based on trigger events. When a trigger event occurs, the language model receives a description of a potential security incident and identifies indicators of compromise in the description. The language model calls one or more other models to analyze the indicators and receives from the one or more other models, information indicating that the potential security incident is a real security incident, and outputs a prompt to the network operator to approve confirmation of the security incident.
In one embodiment, a device receives, via a user interface, definition of a first sequence of transactional milestones performed by users of an online application and identified using a first type of identifier. The device also receives, via the user interface, definition of a second sequence of transactional milestones performed by users of the online application and identified using a second type of identifier. The device further receives, via the user interface, definition of a key transition associated with at least one transactional milestone in the first sequence of transactional milestones or second sequence of transactional milestones that links the first type of identifier with the second type of identifier. The device represents, using the key transition, performance of the first sequence of transactional milestones and the second sequence of transactional milestones by a particular user of the online application as a unified sequence.
A system monitors a network or web application provided by one or more distributed applications and provides data for each and every method instance in an efficient low-cost manner. Agents may monitor the performance of the distributed application by the web services and report monitoring data as runtime data to the remote server, for example a controller. The controller may analyze the data to identify one or more performance issues or “hot spot” methods based on current or past performance, functionality, content, or business relevancy. Instructions and/or configuration information may be transmitted by the controller to the agents that correspond to a particular business transaction portion associated with a hot spot. The portions are then monitored to collect data associated with the hot spot and the hot spot data is reported back to the controller.
H04L 43/04 - Traitement des données de surveillance capturées, p. ex. pour la génération de fichiers journaux
G06N 5/00 - Agencements informatiques utilisant des modèles fondés sur la connaissance
H04L 41/5074 - Traitement des plaintes des utilisateurs ou des tickets d’incident
H04L 61/10 - Correspondance entre adresses de types différents
H04L 67/025 - Protocoles basés sur la technologie du Web, p. ex. protocole de transfert hypertexte [HTTP] pour la commande à distance ou la surveillance à distance des applications
The present disclosure provides techniques for seamless roaming with uplink/downlink context transfer. A serving AP transmits a sequence of downlink data units for a TID to a client device, the sequence of downlink data units having sequence numbers falling within a transmit window for the TID. The serving AP receives, from the client device, a roaming request identifying a target AP. In response, the serving AP sends a roaming context message to the target AP, comprising at least one of a SSN of the transmit window corresponding to the TID, or a NSN for the TID, where the NSN is a first sequence number to be assigned for downlink data units of the TID transmitted by the target AP to the client device.
Some implementations of the disclosure provide a computer-implemented method including operations of receiving, by an orchestration agent, user input corresponding to a user question, wherein generating a response to the user question includes one of generating, editing, or refining programming code, and generating, by the orchestration agent, a prompt instructing a first sub-large language model (LLM) to perform a first task. In response to the prompt, generating, by the first sub-LLM, instructions for a second sub-LLM to perform a second task, wherein results of performing the second task by the second sub-LLM are provided to the first sub-LLM and performing, by the first sub-LLM, the first task utilizing the results of the second task generated by the second sub-LLM. An additional operation includes generating, by the orchestration agent, a GUI that displays the response to the user question, wherein the response includes or is based on the programming code.
This disclosure describes techniques for enforcing conditional access to network services. In an example method, a first computing device detects a second device operating in a per-flow authorization mode. The first device receives a first request from a second computing device to communicate with a third computing device using a first network flow and determines that the first flow is authorized (e.g., because of an active past authentication and/or the third device's authentication exemption). Data associated with the first request is transmitted to the third device. The first device then receives a second request to communicate with a fourth computing device using a second network flow and determines that the second flow is not authorized (e.g., because it is not associated with an active past authentication and/or the fourth device is not exempt from authentication). Data associated with the second request is not transmitted to the fourth device.
Described herein are techniques are provided for enabling a security orchestration, automation, and response (SOAR) service to automatically manage apps used to interface with an integrated security operations service and other related devices and services. Further described herein is a SOAR app generator service or application used to automate the creation of apps for a SOAR service based on application programming interfaces (API) specifications for related devices or services, as well as visual playbook editor interfaces for a SOAR service that enable the configuration of complex action input parameters including arrays and objects.
Techniques are described for managing QUIC connections. The techniques include identifying a first QUIC connection between a first and second device. Determining, from the connection, a first IP address and port number of the first device, a second IP address and port number of the second device, and a first CID. Storing an association between the first and second IP addresses, port numbers and first CID. Identifying a second QUIC connection between the first device and another device. Identifying, from the second connection, the first IP address and port number, a second CID, and a third IP address and port number. Determining if two of the following are met: the second IP address corresponds to the third IP address, the second port number corresponds to the third port number, the second CID corresponds to the first CID, if two are met, the first and second QUIC connections are the same.
H04L 69/16 - Implémentation ou adaptation du protocole Internet [IP], du protocole de contrôle de transmission [TCP] ou du protocole datagramme utilisateur [UDP]
Techniques are described for providing a threat analysis platform capable of automating actions performed to analyze security-related threats affecting IT environments. Users or applications can submit objects (e.g., URLs, files, etc.) for analysis by the threat analysis platform. Once submitted, the threat analysis platform routes the objects to dedicated engines that can perform static and dynamic analysis processes to determine a likelihood that an object is associated with malicious activity such as phishing attacks, malware, or other types of security threats. The automated actions performed by the threat analysis platform can include, for example, navigating to submitted URLs and recording activity related to accessing the corresponding resource, analyzing files and documents by extracting text and metadata, extracting and emulating execution of embedded macro source code, performing optical character recognition (OCR) and other types of image analysis, submitting objects to third-party security services for analysis, among many other possible actions.
G06F 21/56 - Détection ou gestion de programmes malveillants, p. ex. dispositions anti-virus
G06F 21/53 - Contrôle des utilisateurs, des programmes ou des dispositifs de préservation de l’intégrité des plates-formes, p. ex. des processeurs, des micrologiciels ou des systèmes d’exploitation au stade de l’exécution du programme, p. ex. intégrité de la pile, débordement de tampon ou prévention d'effacement involontaire de données par exécution dans un environnement restreint, p. ex. "boîte à sable" ou machine virtuelle sécurisée
86.
PERISCOPE OPTICAL ASSEMBLY WITH INSERTED COMPONENTS
Periscope assemblies are provided which have a light path that travels in a first plane along the first waveguide, a second plane along the second waveguide that is parallel to the first plane, and along a third plane along the third waveguide that intersects the first plane and the second plane. In some examples the periscope assembly includes first and second carriers comprising respective first and second waveguides and defining respective first and second cavities in which a third carrier comprising a third waveguide is disposed and optionally includes an optical component. In some examples, the cavities are defined in one or more carriers on a mating surface, on a side opposite to the mating surface, or on a side perpendicular to a mating surface.
G02B 6/12 - Guides de lumièreDétails de structure de dispositions comprenant des guides de lumière et d'autres éléments optiques, p. ex. des moyens de couplage du type guide d'ondes optiques du genre à circuit intégré
G02B 6/125 - Courbures, branchements ou intersections
G02B 6/28 - Moyens de couplage optique ayant des bus de données, c.-à-d. plusieurs guides d'ondes interconnectés et assurant un système bidirectionnel par nature en mélangeant et divisant les signaux
G02B 6/30 - Moyens de couplage optique pour usage entre fibre et dispositif à couche mince
G02B 6/35 - Moyens de couplage optique comportant des moyens de commutation
G02B 7/00 - Montures, moyens de réglage ou raccords étanches à la lumière pour éléments optiques
Seamless client roaming for Multi-Link Device (MLD) clients may be provided. First, a Traffic Identifier (TID)-to-link map may be established by an Upper Service Access Point (U-SAP) of a multi-AP MLD entity that assigns subsets of TIDs to at least two links of the entity. For example, a client device logically associates with the U-SAP, while the client device physically connects to a first and second AP of the entity on a respective first and second link, where the first and second AP include first and second Lower Service Access Points (L-SAPs) and are non-collocated. Next, using the map, data received at the U-SAP is directed over one of the two links for transmission to the client device. Further, frame aggregation and block acknowledgment functions may be performed by one of the first or second L-SAP based on whether data transmission is over the first or second link.
Supporting Multi-Access Point (AP) Coordination (MAPC) across multiple bands may be provided. Supporting multi-band MAPC can include receiving one or more multi-band MAPC capabilities elements from one or more APs. One or more MAPC modes can be determined for a plurality of bands based on the one or more multi-band MAPC capabilities elements. A multi-band MAPC Coordination Group (CG) can be formed including the one or more APs, wherein the multi-band MAPC CG uses the one or more MAPC modes for the plurality of bands.
H04W 84/12 - Réseaux locaux sans fil [WLAN Wireless Local Area Network]
H04B 7/024 - Utilisation coopérative d’antennes sur plusieurs sites, p. ex. dans les systèmes à plusieurs points coordonnés ou dans les systèmes coopératifs à "plusieurs entrées plusieurs sorties" [MIMO]
89.
Hybrid query system for searching unstructured data
Technologies are described herein for executing queries expressed with reference to a structured query language against unstructured data. A user issues a structured query through a traditional structured data management (“SDM”) application. Upon receiving the structured query, an SDM driver analyzes the structured query and extracts a data structure from the unstructured data, if necessary. The structured query is then converted to an unstructured query based on the extracted data structure. The converted unstructured query may then be executed against the unstructured data. Results from the query are reorganized into structured data utilizing the extracted data structure and are then presented to the user through the SDM application.
G06F 16/338 - Présentation des résultats des requêtes
G06F 16/80 - Recherche d’informationsStructures de bases de données à cet effetStructures de systèmes de fichiers à cet effet de données semi-structurées, p. ex. données structurées par un langage de balisage tels SGML, XML ou HTML
Implementations of the disclosure pertain to detecting mislabeling of a source type assigned to machine data through utilization of machine learning techniques. Operations of a computerized method for detecting the mislabeling include receiving machine data that has been assigned an initial source type upon receipt by a data intake and query system and parsing the data block into a plurality of events based on a source type definition of the initial source type. Further operations include generating a data representation of a first event being a portion of the machine data and is associated with a point in time, determining a predicted source type of the first event by at least analyzing the data representation through machine learning techniques, and performing a comparison between the predicted source type and the initial source type thereby determining whether the source type of the event was initially mislabeled.
G06F 16/907 - Recherche caractérisée par l’utilisation de métadonnées, p. ex. de métadonnées ne provenant pas du contenu ou de métadonnées générées manuellement
G06F 17/18 - Opérations mathématiques complexes pour l'évaluation de données statistiques
G06F 18/214 - Génération de motifs d'entraînementProcédés de Bootstrapping, p. ex. ”bagging” ou ”boosting”
Various implementations set forth a computer-implemented method for scanning a three-dimensional (3D) environment. The method includes generating, in a first time interval, a first extended reality (XR) stream based on a first set of meshes representing a 3D environment, transmitting, to a remote device, the first XR stream for rendering a 3D representation of a first portion of the 3D environment in a remote XR environment, determining that the 3D environment has changed based on a second set of meshes representing the 3D environment and generated subsequent to the first time interval, generating a second XR stream based on the second set of meshes, and transmitting, to the remote device, the second XR stream for rendering a 3D representation of at least a portion of the changed 3D environment in the remote XR environment.
A receiver configured to receive a plurality of symbols is disclosed. The receiver includes a hard decision decoder, a look-up table (LUT) coupled to the hard decision decoder, and a soft metric generator coupled to the LUT. The hard decision decoder is to receive a first set of symbols from the plurality of symbols and provide a set of hard coded neighboring symbols to the LUT. The first set of symbols comprises a center symbol with neighboring symbols. The LUT is to store a value representative of the center symbol that is addressable by the set of hard coded neighboring symbols. The soft metric generator is to calculate bit log likelihood ratio (LLR) values based on the center symbol and the value representative of the center symbol stored in the LUT.
H03M 13/11 - Détection d'erreurs ou correction d'erreurs transmises par redondance dans la représentation des données, c.-à-d. mots de code contenant plus de chiffres que les mots source utilisant un codage par blocs, c.-à-d. un nombre prédéterminé de bits de contrôle ajouté à un nombre prédéterminé de bits d'information utilisant plusieurs bits de parité
H03M 13/39 - Estimation de séquence, c.-à-d. utilisant des méthodes statistiques pour la reconstitution des codes originaux
93.
LLM TECHNOLOGY FOR POLYMORPHIC GENERATION OF SAMPLES OF MALWARE FOR FUTURE MALWARE DETECTION
Systems, methods, and computer-readable media are disclosed for detecting a malware sample by creating polymorphic variants of a malware sample using a large language model. The technology can obtain a known malware sample and decompose the known malware sample into behavioral characterizations of the known malware sample that correspond to respective processes taken by the known malware sample. The technology can then train a large language model with data corresponding to the behavioral characterizations and generate polymorphic variants of the known malware sample with a large language model based on the behavioral characterizations. When the technology later receives a potential malware sample, it can analyze the potential malware sample by comparing the potential malware sample to the polymorphic variants of the known malware sample generated by the large language model.
In one embodiment, a method includes receiving a request from a powered device for power to be supplied from power sourcing equipment to the powered device; granting, in response to the request, provisional power to the powered device; receiving, an authentication request from the powered device to authenticate the powered device and reserve power; analyzing user data and device data to determine an authentication status for the powered device; denying power within a power budget for the powered device in response to the analyzing determining that the authentication status for the powered device corresponds to a failed authentication; and using an authenticated-power-profile to determine one or more actions to be performed with respect to the powered device having the failed authentication, in response to a defined number of failed authentications or an expiration of a timeout period defining an amount of time allowed to authenticate the powered device.
Devices, systems, methods, and processes for flow entropy management using network address translation (NAT) scheme are described herein. Typically, due to fewer flows and high bandwidth demands in backend data center networks, hash distribution algorithms may exhibit bias, leading to congestion on certain network paths while others remain underutilized, a phenomenon known as low flow entropy. To address the low flow entropy problem, a network interface controller (NIC) decomposes a traffic flow into multiple flowlets and applies a NAT operation on each flowlet. In the NAT operation, an actual source port value of a flowlet is replaced with a unique unused source port value to make the flowlet look like a different traffic flow to a switch. Thus, the switch processes each flowlet as a different traffic flow and uses load balancing schemes to distribute the flowlets across various network paths. Thus, improving the flow entropy of the network.
An optical apparatus is described that includes an input port configured to receive an optical signal comprising a plurality of wavelengths, a plurality of output ports, and one or more grating filters arranged between the input port and the plurality of output ports. Each grating filter is configured to receive one or more wavelengths of the plurality of wavelengths at a multimode waveguide, to propagate the one or more wavelengths through a first transition section extending between the multimode waveguide and a slot waveguide, and to reflect, using a respective antisymmetric Bragg grating formed in the slot waveguide, a first mode of a respective wavelength of the one or more wavelengths through the first transition section toward a respective output port of the plurality of output ports.
G02B 6/293 - Moyens de couplage optique ayant des bus de données, c.-à-d. plusieurs guides d'ondes interconnectés et assurant un système bidirectionnel par nature en mélangeant et divisant les signaux avec des moyens de sélection de la longueur d'onde
G02B 6/42 - Couplage de guides de lumière avec des éléments opto-électroniques
Devices, systems, and methods to enable a user to control initiation and execution of a maintenance mode in a power distribution system that includes a power transmitter subsystem that transmits power over a cable to a power receiver subsystem. A maintenance mode associated with the power transmitter subsystem and the power receiver subsystem is initiated. The maintenance mode causes the power transmitter subsystem and power receiver subsystem to enter a power mode to allow for maintenance activity to be performed at the power transmitter subsystem and power receiver subsystem. An authorization server is configured to authorize initiation of the maintenance mode on the power transmitter subsystem and power receiver subsystem.
H02J 3/00 - Circuits pour réseaux principaux ou de distribution, à courant alternatif
H02J 13/00 - Circuits pour pourvoir à l'indication à distance des conditions d'un réseau, p. ex. un enregistrement instantané des conditions d'ouverture ou de fermeture de chaque sectionneur du réseauCircuits pour pourvoir à la commande à distance des moyens de commutation dans un réseau de distribution d'énergie, p. ex. mise en ou hors circuit de consommateurs de courant par l'utilisation de signaux d'impulsion codés transmis par le réseau
98.
Integration of Erbium-Doped Low Loss Silicon Nitride Waveguides on Silicon Photonics
In various embodiments, the disclosure relates to an electro-optical device that includes an optical amplifier and a photonic assembly. The optical amplifier may include a first encapsulation layer defining a first bonding surface, and an erbium-doped Si3N4 waveguide, wherein the erbium-doped Si3N4 waveguide disposed within the first encapsulation layer. The photonic assembly may include a substrate, a second encapsulation layer defining a second bonding surface, the second encapsulation layer disposed on the substrate, a modulator, one or more photodetectors, and a waveguide. In various embodiments, the modulator, the one or more photodetectors and the waveguide are disposed within the second encapsulation layer. The one or more regions of the first bonding surface are bonded to the one or more regions of the second bonding surface in various embodiments. The Si3N4 waveguide is optically coupled to the waveguide in various embodiments.
G02B 6/12 - Guides de lumièreDétails de structure de dispositions comprenant des guides de lumière et d'autres éléments optiques, p. ex. des moyens de couplage du type guide d'ondes optiques du genre à circuit intégré
G02B 6/124 - Lentilles géodésiques ou réseaux intégrés
H01S 3/10 - Commande de l'intensité, de la fréquence, de la phase, de la polarisation ou de la direction du rayonnement, p. ex. commutation, ouverture de porte, modulation ou démodulation
H01S 5/026 - Composants intégrés monolithiques, p. ex. guides d'ondes, photodétecteurs de surveillance ou dispositifs d'attaque
99.
IN-NETWORK COMPUTING USING MODULAR SWITCH ARCHITECTURE
Devices, systems, methods, and processes for in-network computing using modular switch architecture are described herein. Endpoint devices generate data chunks and forward them to a network, comprising spine and leaf switches, for data reduction. Leaf switches act as conduits and forward the data chunks to a spine switch. The spine switch includes various line cards (e.g., one for each leaf switch) and a fabric element. The line cards may execute a stage of data reduction on the received data chunks or may forward the received data chunks directly to the fabric element. The fabric element executes a data reduction operation on the data received from the line cards and obtains a reduced output which is forwarded to the endpoint devices via the line cards and the leaf switches. Thus, a single-tier in-network computing topology is implemented to execute data reduction in a cost-effective, simple, and efficient manner.
Devices, systems, methods, and processes for incast congestion management are described herein. Typically, in a Packet Sequence Number (PSN) based Remote Direct Memory Access (RDMA) network, Priority Flow Control (PFC) is asserted upstream when an incast congestion event occurs, which can victimize unrelated flows. Thus, instead of asserting PFC, a switch in the PSN based RDMA network detects an incast congestion event and directly notifies one or more Reliable Connection (RC) Queue Pairs (QPs) of various sending devices, associated with the incast congestion event using Receiver Not Ready (RNR) negative acknowledgements (NACKs). These RNR NACKs are associated with unique pause time-periods. The associated RC QPs receive the RNR NACKs and pause packet transmission. The associated RC QPs resume packet transmission upon expiration of corresponding pause time-periods. Thus, the packet transmission from the contributing RC QPs is spaced out, avoiding all packets reaching a switch output port at the same time.
H04L 47/125 - Prévention de la congestionRécupération de la congestion en équilibrant la charge, p. ex. par ingénierie de trafic
H04L 47/122 - Prévention de la congestionRécupération de la congestion en détournant le trafic des entités congestionnées
H04L 47/30 - Commande de fluxCommande de la congestion en combinaison avec des informations sur l'occupation de mémoires tampon à chaque extrémité ou aux nœuds de transit
