Abstract: Secure networking processes, such as packet encapsulation and decapsulation, can be executed upstream of a user or guest operating system provisioned on a host machine, where the user has substantially full access to that machine. The processing can be performed on a device such as a network interface card (NIC), which can have a separate network port for communicating with mapping systems or other devices across a cloud or secure network. A virtual image of the NIC can be provided to the user such that the user can still utilize at least some of the NIC functionality. In some embodiments, the NIC can work with a standalone processor or control host in order to offload much of the processing to the control host. The NIC can further handle headers and payload separately where possible, in order to improve the efficiency of processing the various packets.

Abstract: The state of firmware for devices on a provisioned host machine can be validated independent of the host CPU(s) or other components exposed to the user. A port that is not fully exposed or accessible to the user can be used to perform a validation process on firmware without accessing a CPU of the host device. The firmware can be scanned and a hashing or similar algorithm can be used to determine validation information, such as hash values, for the firmware, which can be compared to validation information stored in a secure location. If the current and stored validation information do not match, one or more remedial actions can be taken to address the firmware being in an unknown or unintended state.

Abstract: Disclosed are various embodiments of a first computing device for obtaining an authentication credential for a cryptographic module of a second computing device. The authentication credential is obtained via a communication session with a module interface of the second computing device. Configuration data is determined for the cryptographic module based at least in part upon the authentication credential. The configuration data is transmitted to the second computing device via the communication session.

Abstract: Generally described, systems and methods are provided for monitoring and detecting causes of failures of network paths. The system collects performance information from a plurality of nodes and links in a network, aggregates the collected performance information across paths in the network, processes the aggregated performance information for detecting failures on the paths, analyzes each of the detected failures to determine at least one root cause, and initiates a remedial workflow for the at least one root cause determined. In some aspects, processing the aggregated information may include performing a statistical regression analysis or otherwise solving a set of equations for the performance indications on each of a plurality of paths. In another aspect, the system may also include an interface which makes available for display one or more of the network topology, the collected and aggregated performance information, and indications of the detected failures in the topology.

Abstract: Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

Abstract: High-speed processing of packets to and from a virtualization environment can be provided while utilizing segmentation offload and other such functionality of hardware such as a network interface card. Virtualization information can be added to extension portions of protocol headers, for example, such that the payload portion is unchanged. The virtualization information can be hashed and added to the payload or stream at, or relative to, various segmentation boundaries, such that the virtualization or additional header information will only be added to a subset of the segmented data frames, thereby reducing the necessary overhead. Further, the hashing of the information can allow for reconstruction of the virtualization information upon desegmentation even in the event of packet loss.

Abstract: Approaches are described for enabling a host computing device to store credentials and other security information useful for recovering the state of the host computing device in a secure store, such as a trusted platform module (TPM) on the host computing device. When recovering the host computing device in the event of a failure (e.g., power outage, network failure, etc.), the host computing device can obtain the necessary credentials from the secure store and use those credentials to boot various services, restore the state of the host and perform various other functions. In addition, the secure store (e.g., TPM) may provide boot firmware measurement and remote attestation of the host computing devices to other devices on a network, such as when the recovering host needs to communicate with the other devices on the network.

Abstract: Systems and methods for handling resources in a computer system differently in certain situations, such as catastrophic events, based upon an assigned layer of the resource to the system. The layer can be based, for example, on criticality of the resource to the system. Services or computing device resources can be physically segregated in accordance with layers and can be managed in accordance with the segregation. In response to receiving information about an event, the different layers can be handled in accordance with their criticality, for example by shutting some of the resources down and/or slowing some of the resources down.

Abstract: Host machines and other devices performing synchronized operations can be dispersed across multiple racks in a data center to provide additional buffer capacity and to reduce the likelihood of congestion. The level of dispersion can depend on factors such as the level of oversubscription, as it can be undesirable in a highly connected network to push excessive host traffic into the aggregation fabric. As oversubscription levels increase, the amount of dispersion can be reduced and two or more host machines can be clustered on a given rack, or otherwise connected through the same edge switch. By clustering a portion of the machines, some of the host traffic can be redirected by the respective edge switch without entering the aggregation fabric. When provisioning hosts for a customer, application, or synchronized operation, for example, the levels of clustering and dispersion can be balanced to minimize the likelihood for congestion throughout the network.

Abstract: A trusted peripheral device can be utilized with an electronic resource, such as a host machine, in order to enable the secured performance of security and remote management in the electronic environment, where various users might be provisioned on, or otherwise have access to, the electronic resource. The peripheral can have a secure channel for communicating with a centralized management system or service, whereby the management service can remotely connect to this trusted peripheral, using a secure and authenticated network connection, in order to run the above-described functionality on the host to which the peripheral is attached.

Abstract: A trusted computing host is described that provides various security computations and other functions in a distributed multitenant and/or virtualized computing environment. The trusted host computing device can communicate with one or more host computing devices that host virtual machines to provide a number of security-related functions, including but not limited to boot firmware measurement, cryptographic key management, remote attestation, as well as security and forensics management. The trusted computing host maintains an isolated partition for each host computing device in the environment and communicates with peripheral cards on host computing devices in order to provide one or more security functions.

Abstract: Efficient and highly-scalable network solutions are provided that each utilize deployment units based on Clos networks, but in an environment such as a data center of Internet Protocol-based network. Each of the deployment units can include multiple stages of devices, where connections between devices are only made between stages and the deployment units are highly connected. In some embodiments, the level of connectivity between two stages can be reduced, providing available connections to add edge switches and additional host connections while keeping the same number of between-tier connections. In some embodiments, where deployment units (or other network groups) can be used at different levels to connect other deployment units, the edges of the deployment units can be fused to reduce the number of devices per host connection.

Abstract: When providing a user with native access to at least a portion of device hardware, the user can be prevented from modifying firmware and other configuration information by controlling the mechanisms used to update that information. In some embodiments, an asymmetric keying approach can be used to encrypt or sign the firmware. In other cases access can be controlled by enabling firmware updates only through a channel or port that is not exposed to the customer, or by mapping only those portions of the hardware that are to be accessible to the user. In other embodiments, the user can be prevented from modifying firmware by only provisioning the user on a machine after an initial mutability period wherein firmware can be modified, such that the user never has access to a device when firmware can be updated. Combinations and variations of the above also can be used.

Abstract: Customers in a multi-tenant environment can obtain energy consumption information for a set of resources or other computing components used by those customers, including time-accurate accounting for various components of those resources utilized on behalf of the customer. A customer can also have the ability to specify how the resources are to be operated when used for the customer, in order to manage the amount of energy consumption. The accounting can be performed even when the resources are shared among multiple users or entities. Various hardware components or agents can be used to provide detailed energy consumption information for those components that is associated with a particular customer. The information can be used not only for accounting and monitoring purposes, but also to make dynamic adjustments based on various changes in usage, energy consumption, or other such factors.

Abstract: Host machines and other devices performing synchronized operations can be dispersed across multiple racks in a data center to provide additional buffer capacity and to reduce the likelihood of congestion. The level of dispersion can depend on factors such as the level of oversubscription, as it can be undesirable in a highly connected network to push excessive host traffic into the aggregation fabric. As oversubscription levels increase, the amount of dispersion can be reduced and two or more host machines can be clustered on a given rack, or otherwise connected through the same edge switch. By clustering a portion of the machines, some of the host traffic can be redirected by the respective edge switch without entering the aggregation fabric. When provisioning hosts for a customer, application, or synchronized operation, for example, the levels of clustering and dispersion can be balanced to minimize the likelihood for congestion throughout the network.

Abstract: Each server in a server group of a data center can run a data collection agent. The agent can collect data from a respective server in the server group. The data can include a performance characteristic (i.e., performance data) associated with the respective server. If the performance characteristic falls outside an allowable range, the agent can broadcast this information to other agents at other servers in the server group. If the other agents at the other servers in the server group detect a similar performance characteristic outside the allowable range, they can broadcast as well. If there is a sufficiently high quantity of broadcasts, then that can indicate a high likelihood that there is a potential problem with respect to servers in the server group. The problem can be reported to the central controller, which can then handle the problem appropriately (e.g., issue an alarm, contact support technician, etc.).

Abstract: Host machines and other devices performing synchronized operations can be dispersed across multiple racks in a data center to provide additional buffer capacity and to reduce the likelihood of congestion. The level of dispersion can depend on factors such as the level of oversubscription, as it can be undesirable in a highly connected network to push excessive host traffic into the aggregation fabric. As oversubscription levels increase, the amount of dispersion can he reduced and two or more host machines can be clustered on a given rack, or otherwise connected through the same edge switch. By clustering a portion of the machines, some of the host traffic can he redirected by the respective edge switch without entering the aggregation fabric. When provisioning hosts for a customer, application, or synchronized operation, for example, the levels of clustering and dispersion can be balanced to minimize the likelihood for congestion throughout the network.

Abstract: Efficient and highly-scalable network solutions are provided that each utilize deployment units based on Clos networks, but in an environment such as a data center of Internet Protocol-based network. Each of the deployment units can include multiple stages of devices, where connections between devices are only made between stages and the deployment units are highly connected. In some embodiments, the level of connectivity between two stages can be reduced, providing available connections to add edge switches and additional host connections while keeping the same number of between-tier connections. In some embodiments, where deployment units (or other network groups) can be used at different levels to connect other deployment units, the edges of the deployment units can be fused to reduce the number of devices per host connection.

Abstract: Methods and apparatus for client-allocatable bandwidth pools are disclosed. A system includes a plurality of resources of a provider network and a resource manager. In response to a determination to accept a bandwidth pool creation request from a client for a resource group, where the resource group comprises a plurality of resources allocated to the client, the resource manager stores an indication of a total network traffic rate limit of the resource group. In response to a bandwidth allocation request from the client to allocate a specified portion of the total network traffic rate limit to a particular resource of the resource group, the resource manager initiates one or more configuration changes to allow network transmissions within one or more network links of the provider network accessible from the particular resource at a rate up to the specified portion.

Abstract: Systems and methods are described for managing computing resources. In one embodiment, groupings of computer resources having common firmware settings are maintained based on an abstraction firmware framework representing associations between vendor-specific firmware settings and abstracted firmware settings that provide a degree of independence from specific vendor-specific firmware settings. In response to a request for a computer resource with a specified abstracted firmware configuration, it is determined which of the groupings can support the specified abstracted firmware configuration based on at least one criterion for managing the computer resources in accordance with the abstraction firmware framework.