Abstract: Provided are systems and methods for configuring a network servicing node with user-defined instruction scripts. A method for configuring a network servicing node with user-defined instruction scripts may commence with receiving, from a user of the network servicing node, a user loadable program. The user loadable program may include at least the user-defined instruction scripts. The method may continue with receiving a data packet from a data network associated with the user. The method may further include determining a condition associated with the data packet. The method may continue with identifying, in a name table, a program name associated with a program using the condition. The program may be the user loadable program. The method may further include processing the data packet by getting an instruction of the user-defined instruction scripts from a storage module and applying the instruction to the data packet.

Abstract: Systems and methods for TCP fast open support in proxy devices are provided. An example system may include at least one circuit and at least one data plane communicatively coupled to the circuit. The circuit may be configured to receive at least one SYN packet. The at least one SYN packet is associated with at least one client device and includes a cookie. The circuit can be configured to validate the cookie. If the result of the validation is positive, the data plane can be configured to initiate, based on the at least one SYN packet, a connection between the at least one client device and at least one server. If the result of the validation is negative, the circuit can be configured to generate, based on the SYN packet, a new cookie and send a SYN-ACK packet to the client, the SYN-ACK packet including the new cookie.

Abstract: Provided is a method for identifying suspicious traffic. The method may commence with compiling statistical data for a plurality of hosts. The method may further include generating data lists for with the plurality of hosts based on the statistical data. The method may continue with receiving a data packet from a host of the plurality of hosts. The data packet may be associated with a plurality of parameters. The method may further include analyzing one or more of the plurality of parameters associated with the data packet using the data lists. The method may continue with determining, based on the analysis, that the one or more of the plurality of parameters are outside a predetermined tolerance zone. Based on the determination that the one or more of the plurality of parameters are outside the predetermined tolerance zone, a mitigation action associated with the host may be selectively initiated.

Abstract: Provided are methods and systems for a Transmission Control Protocol (TCP) state handoff of a data traffic flow. A method for a TCP state handoff of a data traffic flow comprises determining a TCP state at predetermined times by a state machine unit. The TCP state includes data concerning a session between a client and a server. The TCP state for the predetermined times is stored to a database. A request to apply a predetermined policy to the session is received by a transaction processing unit and, in response to the request, a session request associated with the session between the client and the server is sent to an access control unit. The session request is processed by the access control unit based on the TCP state and according to the predetermined policy.

Abstract: Provided are systems and methods for configuring a network servicing node with user-defined instruction scripts. A method for configuring a network servicing node with user-defined instruction scripts may commence with receiving, from a user of the network servicing node, a user loadable program. The user loadable program may include at least the user-defined instruction scripts. The method may continue with receiving a data packet from a data network associated with the user. The method may further include determining a condition associated with the data packet. The method may continue with identifying, in a name table, a program name associated with a program using the condition. The program may be the user loadable program. The method may further include processing the data packet by getting an instruction of the user-defined instruction scripts from a storage module and applying the instruction to the data packet.

Abstract: Provided are systems and methods for configuring a network servicing node with user-defined instruction scripts. A method for configuring a network servicing node with user-defined instruction scripts may commence with receiving, from a user of the network servicing node, a user loadable program. The user loadable program may include at least the user-defined instruction scripts. The method may continue with receiving a data packet from a data network associated with the user. The method may further include determining a condition associated with the data packet. The method may continue with identifying, in a name table, a program name associated with a program using the condition. The program may be the user loadable program. The method may further include processing the data packet by getting an instruction of the user-defined instruction scripts from a storage module and applying the instruction to the data packet.

Abstract: Exemplary embodiments for configuring a network device using user-defined scripts are disclosed. The systems and methods provide for a servicing node to receive a request for a network session between a client device and a server, receive a user defined class and a user defined object configuration from a node controller, and use the information to instruct an object virtual machine to generate at least one user defined object. The servicing node can then apply the at least one user defined object to a data packet of the network session, where the user defined object allows a user to configure the network device with user-defined instruction scripts.

Abstract: Provided are methods and systems for dynamically distributing a service session from a client device. The method may commence with receiving a packet associated with the service session from the client device by a gateway node. The method may include determining that the packet matches a service address in a forwarding policy. The method may continue with selecting one of a plurality of forwarding nodes for sending the packet to the one of the plurality of forwarding nodes. The method may include receiving the packet of the service session by the one of the plurality of forwarding nodes. The method may continue with determining that the packet matches the service address serviced by a servicing node of a plurality of servicing nodes. The method may further include sending the packet to the servicing node for forwarding the packet to a server by the servicing node.

Abstract: Methods and systems are provided for automatically capturing network data for a detected anomaly. In some examples, a network node establishes a baseline usage by applying at least one baselining rule to network traffic to generate baseline statistics, detects an anomaly usage by applying at least one anomaly rule to network traffic and generating an anomaly event, and captures network data according to an anomaly event by triggering at least one capturing rule to be applied to network traffic when an associated anomaly event is generated.

Abstract: Provided are methods and systems for configuring a network device with user-defined instruction scripts. The method may commence with receiving a request for a network session between a client device and a server. The method may further include receiving a user-defined class and a user-defined object configuration. The user-defined class and the user-defined object configuration may include the user-defined instruction scripts provided by a user of the client device. The method may further include instructing an object virtual machine to generate at least one user-defined object based on the user-defined class and the user-defined object configuration. The method may continue with instructing an object virtual machine to generate at least one user-defined object based on the user-defined class and the user-defined object configuration.

Abstract: Provided are methods and systems for eliminating a redirection of data traffic in a cluster. An example method may include receiving, by one or more nodes of the cluster, a data packet associated with a service session. The method may include determining, by the node, that the data packet is directed to a further node in the cluster. The method may further include, in response to the determination, acquiring, by the node, a session context associated with the service session. Acquiring the session context may include sending, by the node, a request for the session context to the further node and receiving the session context from the further node. The method may further include processing, by the one or more nodes, the data packet based on the session context.

Abstract: Provided are methods and systems for a Transmission Control Protocol (TCP) state handoff of a data traffic flow. A method for a TCP state handoff of a data traffic flow comprises determining a TCP state at predetermined times by a state machine unit. The TCP state includes data concerning a session between a client and a server. The TCP state for the predetermined times is stored to a database. A request to apply a predetermined policy to the session is received by a transaction processing unit and, in response to the request, a session request associated with the session between the client and the server is sent to an access control unit. The session request is processed by the access control unit based on the TCP state and according to the predetermined policy.

Abstract: Exemplary embodiments for a distributed system for determining a server's health are disclosed. The systems and methods provide for a network controller to direct one or more servicing nodes to check the health of one or more servers, and report a health score to the network controller. The network controller may then calculate, update and maintain a health score for each server in the network from the various health scores reported to it from the servicing nodes. This allows a distributed system to be used to facilitate network operations, as a single device is not relied on for periodically determining each server's health.

Abstract: Provided are methods and systems for processing data packets in a data network using a policy-based network path. The method may commence with receiving the data packet associated with a service session from a client. The method may continue with determining data packet information associated with the data packet. The method may further include determining the policy-based network path for the data packet based on the data packet information and one or more packet processing criteria. The method may continue with routing, based on the determination of the policy-based network path, the data packet along the policy-based network path.

Abstract: Provided is a method for identifying suspicious traffic. The method may commence with compiling statistical data for a plurality of hosts. The method may further include generating data lists for with the plurality of hosts based on the statistical data. The method may continue with receiving a data packet from a host of the plurality of hosts. The data packet may be associated with a plurality of parameters. The method may further include analyzing one or more of the plurality of parameters associated with the data packet using the data lists. The method may continue with determining, based on the analysis, that the one or more of the plurality of parameters are outside a predetermined tolerance zone. Based on the determination that the one or more of the plurality of parameters are outside the predetermined tolerance zone, a mitigation action associated with the host may be selectively initiated.

Abstract: Facilitation of secure network traffic over an application session by an application delivery controller is provided herein. A method for secure network traffic transmission over an application session may include receiving, from a client device, a SYN data packet intended for an application server. The method may continue with determining, based on the SYN data packet, that the client device is a trusted source. The method may further include transmitting, based on the determination that the client device is the trusted source, a SYN/ACK packet to the client device. The SYN/ACK packet may include information for the client device to authenticate the client device to the application server directly as the trusted source.

Abstract: Decreasing a volume of data transfer over a network may commence with collecting a plurality of datasets having subscriber data. The method may continue with classifying data fields of each dataset of the plurality of datasets into low frequency change data and high frequency change data based on predetermined criteria. The method may further include combining a plurality of consecutive datasets of the plurality of datasets into a combination dataset. The combination dataset may include the low frequency change data and aggregated high frequency change data from the plurality of consecutive datasets. The method may continue with providing the combination dataset to a data processing node.

Abstract: Provided are methods and systems for network access control. A method for network access control may commence with determining whether a client device is a trusted source or an untrusted source. The determination may be performed using a SYN packet received from the client device. The SYN packet may include identifying information for the client device. When it is determined that the client device is neither the trusted source nor the untrusted source, the method may continue with transmitting a SYN/ACK packet to the client device. The SYN/ACK packet may include a SYN cookie and identifying information for a network device. The method may further include receiving an ACK packet from the client device that may include the identifying information for the client device, identifying information for the network device, and the SYN cookie. The method may continue with establishing a connection with a network for the client device.

Abstract: Provided are methods and systems for a Transmission Control Protocol (TCP) state handoff of a data traffic flow. A method for a TCP state handoff of a data traffic flow comprises determining a TCP state at predetermined times by a state machine unit. The TCP state includes data concerning a session between a client and a server. The TCP state for the predetermined times is stored to a database. A request to apply a predetermined policy to the session is received by a transaction processing unit and, based on the request, a session request associated with the session between the client and the server is sent to an access control unit. The session request is processed by the access control unit based on the TCP state and according to the predetermined policy.

Abstract: Decreasing data transfer over a network may commence with collecting subscriber data. The method may continue with classifying the subscriber data into low frequency change data and high frequency change data based on predetermined criteria. The method may include storing the low frequency change data to a data storage. The method may continue with generating reporting data. The reporting data may include the high frequency change data and at least one data index pointer to the low frequency change data in the data storage. The method may further include providing the reporting data to a data processing node. The low frequency change data may include subscriber identifying data. The data reporting node may be further configured to obfuscate the subscriber identifying data. The at least one data index pointer may include a secure data identifier associated with the obfuscated subscriber identifying data.