Abstract: A server may receive, from a virtual private network (VPN) client of a client device, a message which indicates a request for a policy rule for communications with a network-based application (e.g. provided via a data center or cloud computing services). The server may obtain source attributes of the client device and a user thereof based on source identifiers, and destination attributes of the application based on a destination identifier, and select a policy rule associated with the attributes (e.g. indicative of security, risk, cost, load, and/or business function). The server may send a message which indicates a response and includes the policy rule for application at the VPN client. The policy rule may indicate a policy action for selecting a path, of a plurality of paths, identified by a path identifier, and specify conditions such as a location and/or a date, day, and/or time of the client device.

Abstract: A server may receive, from a virtual private network (VPN) client of a client device, a message which indicates a request for a policy rule for communications with a network-based application (e.g. provided via a data center or cloud computing services). The server may obtain source attributes of the client device and a user thereof based on source identifiers, and destination attributes of the application based on a destination identifier, and select a policy rule associated with the attributes (e.g. indicative of security, risk, cost, load, and/or business function). The server may send a message which indicates a response and includes the policy rule for application at the VPN client. The policy rule may indicate a policy action for selecting a path, of a plurality of paths, identified by a path identifier, and specify conditions such as a location and/or a date, day, and/or time of the client device.

Abstract: Application-based Transmission Opportunity (TXOP) sharing may be provided. First, a sharing AP may receive a request to share TXOPs with a requesting AP. The request may include information associated with an application executing on a client serviced by the requesting AP. Next, a TXOP duration for the requesting AP may be reserved based on the information associated with the application such that, in response to winning contention on the medium, the sharing AP may share a TXOP with the requesting AP for the TXOP duration.

Abstract: A network optimization controller (NOC) performs operations including obtaining, from a secure access service edge (SASE) device executing a security service, a first data set defining a security performance metric provided by the security service, and obtaining, from the SASE, a second data set defining a network performance metric associated with a network device. The operations further include defining a policy based at least in part on the first data set and the second data set, determining if the policy has been violated, and changing a first access modality provided for the network device to access an end host to a second access modality based at least in part on the policy being violated. The first access modality and the second access modality define different methods of access to the end host.