Abstract: Stateless network address privacy may be provided. A data packing may be received with an obfuscated destination address and an un-obfuscated source address. An un-obfuscated destination address may be determined based on the obfuscated destination address. An obfuscated source address may be determined based on the un-obfuscated source address. The obfuscated destination address may be replaced with the un-obfuscated destination address and the un-obfuscated source address may be replaced with the obfuscated source address. The packet may be forwarded.

Abstract: A method of creating a root-of-trust (RoT) within a network fabric may include powering on a network interface card (NIC) baseboard management controller (BMC) (NIC BMC), booting up a NIC via the NIC BMC, obtaining an address for the NIC, verifying an identity of the NIC at a fabric trust identity server using a key obtained from a secure vault communicatively coupled to the NIC BMC, verifying with the fabric trust identity server a number of images of a host device residing in the NIC based at least in part on the identity of the NIC being verified, and instructing a platform BMC to boot up the host device based at least in part on the number of images of the host device being verified.

Abstract: This disclosure describes techniques for controlling group access to a collaboration technology. The techniques include generating a shared encryption key among authorized producers of content associated with a collaboration technology. The techniques include receiving, by the authorized producers and from authenticated consumers, requests to access the content. The requests may be received in a partitioned manner, such that individual producers are serving a particular subset of the authenticated consumers. In response to receiving the requests, the techniques include sending the shared encryption key from the individual producers to the corresponding subset of authenticated consumers. The techniques include using the shared encryption key to encrypt content by the authorized producers, which may then be decrypted by the authenticated consumers using the shared encryption key, achieving end-to-end encryption of event content.

Abstract: Presented herein are techniques for a non-intruding auto quoting feature on-the-fly for chat applications based on previous conversations and effectively forking/quoting such conversations to ease the burden of the user going through all the chat history. The techniques may involve monitoring an ongoing first text communication session between a first user and at least one second user; detecting one or more salient words or phrases in the first text communication session based on the monitoring; based on the one or more salient words or phrases, identifying a second text communication session that is topically related to the first text communication session; and displaying in a user interface presented to the first user a prompt to quote relevant content from the second text communication session into the first text communication session or to fork the first user to be a participant in the second text communication session.

Abstract: The present disclosure provides for process and temperature compensation in a transimpedance amplifier (TIA) using a dual replica via monitoring an output of a first TIA (transimpedance amplifier) and a second TIA; configuring a first gain level of the first TIA based on a feedback resistance and a reference current applied at an input to the first TIA; configuring a second gain level of the second TIA and a third TIA based on a control voltage; and amplifying a received electrical current to generate an output voltage using the third TIA according to the second gain level. In some embodiments, one or both of the second TIA and the third TIA include a configurable feedback impedance used in compensating for changes in the second gain level due to a temperature of the respective second or third TIA via the configurable feedback impedance of the respective second or third TIA.

Abstract: In one embodiment, an illustrative method herein may comprise: listening, by an agent process, to a discovery-based execution of an application; determining, by the agent process, a plurality of transition locations during the discovery-based execution of the application; recording, by the agent process, the plurality of transition locations into a recorded file; and providing, by the agent process, the recorded file to cause injection of instrumentation into the plurality of transition locations during runtime of the application based on the recorded file.

Abstract: A method includes configuring serving cells for UE, the serving cells including at least six serving cells configurable for the UE; receiving PUCCH format configuration information for transmitting uplink control information associated with the configured serving cells, the PUCCH format configuration information including configuration information of PUCCH format 4; determining a total number of HARQ-ACK bits, SR bits, and periodic CSI bits to be transmitted in a subframe; selecting, at least based on the determined total number, a PUCCH format to transmit at least one of HARQ-ACK, SR, and periodic CSI, the selected PUCCH format being one of PUCCH formats including the PUCCH format 4 and PUCCH format 3; and transmitting the uplink control information associated with the configured serving cells in the subframe using the selected PUCCH format, the uplink control information associated with the configured serving cells including the at least one of HARQ-ACK, SR, and periodic CSI.

Abstract: Presented herein are methodologies in which packets or events are selected statistically to update a counter of a network device. The updated value that is stored in the counter also reflects a number of packets (or corresponding bytes) that were not selected to update the counter. The methodology includes receiving, at a network device, a first packet followed by a second packet, probabilistically selecting the second packet to update a value of a counter of the network device while probabilistically not selecting the first packet to update the value of the counter, and updating the value of the counter to account for both the first packet and the second packet.

Abstract: Techniques are provided for an “on demand” or event-triggered end user monitoring/remote user monitoring (EUM/RUM) solution that is activated when the user has requested it, or an event (conditions of which are set by a user) occurs that triggers activation of the EUM/RUM solution. This EUM/RUM may be completely integrated into an enterprise IT Help Desk system, whereby support “tickets” are automatically generated when the monitoring solution is instantiated.

Abstract: Techniques for maintaining geographic-based data privacy rules in networked environments. An example method includes receiving a request from a user device; generating, based on the request, a query for data associated with fulfilling the request; transmitting, to a data controller, the query; transmitting, to the data controller, an indication of a geographic region in which at least one device implementing the entity is located; and receiving, from the data controller, a portion of the data associated with fulfilling the request.

Abstract: In various embodiments, a device obtains a set of device classification rules. Each device classification rule specifies one or more attributes from a set of attributes and being configured to assign a device type to an endpoint in a network when the endpoint exhibits the one or more attributes specified by that rule. The device forms a graphical representation of the set of attributes. The device performs an analysis of the graphical representation of the set of attributes. The device provides a result of the analysis to a user interface.

Abstract: Dynamic Open Radio Access Network Radio Unit (O-RU) sharing between multiple tenant Open RAN Distributed Units (O-DU) may be provided. A Near Real Time RAN Intelligent Controller (nRT-RIC) may receive tenant policies for a first tenant and a second tenant. The nRT-RIC may then determine initial sharing templates for the first tenant and the second tenant based on the tenant policies. The nRT-RIC may send the initial sharing templates to a first tenant Distributed Unit (DU) and a second tenant DU. The nRT-RIC may receive operating metrics from the first tenant DU and the second tenant DU. The nRT-RIC may then determine operational factors based on the operating metrics. The nRT-RIC may alter an allocation of resources between the first tenant and the second tenant based on the operational factors. Finally, the nRT-RIC may send the altered allocation of resources to the first tenant DU and the second tenant DU.

Abstract: System, methods, and computer-readable media for a Neutral Host (NH) operation of a 5G radio, whereby a NH operator receives feedback from hosts and determines to partition Physical Resource Block (PRB) resources. Thus, a NH system is provided that enables a third-party to independently operate other channels, whereby individual physical random access channels (PRACH) are operated by independent hosts. The NH system is able to indicate partitioned resources to individual hosts, including PRACH definition and mutually exclusive set of PRBs partitioned between tenants. The hosts operating in the NH system may be operable to implement their own independent schedulers, incorporating host specific logic, that can be configured with the partitioned resources but which may further operate independently of each other.

Abstract: Presented herein are removable pull tabs that are configured to be detachably coupled to pluggable modules in a manner that facilitates removal of the pull tabs from the module without disassembling the modules. In particular, a removable pull tab may comprise a handle, first and second substantially parallel attachment arms extending from the handle, and a reinforcement line embedded in the handle and first and second attachment arms. The first and second attachment arms comprise first and second attachment mechanisms, respectively, disposed at a distal end of the respective attachment arm. The first and second attachment mechanisms are configured to detachably couple to first and second apertures, respectively, of a pluggable module.

Abstract: The disclosed technology provides solutions for performing rapid authentication and authorization for distributed containerized microservices. In some aspects, a process of the technology can include steps for: associating a service type with a set of microservices or service pods, detecting deployment of a first microservice on a first host, and receiving an authentication and authorization state from a first virtual network edge (VNE) of the first host. In some aspects, the process can further include steps for distributing the authentication state to a second VNE on a second host, wherein the authentication state is configured to facilitate authentication of one or more subsequent microservices instantiated on the second host by the second VNE. Systems and machine readable media are also provided.

Abstract: Embodiments herein describe a computing system which is reconfigurable into different server configurations that have different numbers of sockets. For example, the computing system may include two server nodes which can be configured into either two independent servers (i.e., two 2S servers) or a single server (i.e., one 4S server). In one embodiment, the computing system includes a midplane which is connected to processor buses on the server nodes. When configured as a single server, the midplane connects the processor bus (or buses) on one of the server nodes to the processor bus or buses on the other server node. In this manner, the processors in the two server nodes can be interconnected to function as a single server. In contrast, the connections between the server nodes in the midplane are disabled when the server nodes operate as two independent servers.

Abstract: Techniques for tunneling Layer 2 ethernet frames over a connection tunnel using the MASQUE protocol are described herein. The MASQUE protocol may be extended to include a new entity, configured to proxy ethernet frames using a MASQUE proxy connection, and an associated CONNECT method, CONNECT-ETH. Using the extended MASQUE protocol, an Ethernet over MASQUE (EoMASQUE) tunnel may then be established between various networks that are remote from one another and connected to the internet. An EoMASQUE tunnel, established between separate remote client premises, and/or between a remote client premise and an enterprise premise, may tunnel ethernet packets between the endpoints. Additionally, a first EoMASQUE tunnel, established between a first client router provisioned in a first remote client premise and an EoMASQUE proxy node, and a second EoMASQUE tunnel, established between a second client premise and the EoMASQUE proxy node, may tunnel ethernet packets between the first and second client premise.

Abstract: A method includes analyzing, via a first capturing agent, packets processed in a first environment associated with a first host to yield first data. The method includes analyzing, via a second capturing agent, packets processed by a second environment associated with a second host to yield second data, collecting the first data and the second data at a collector to yield aggregated data, transmitting the aggregated data to an analysis engine which analyzes the aggregated data to yield an analysis. Based on the analysis, the method includes identifying first packet loss at the first environment and second packet loss at the second environment.

Abstract: An example method according to some embodiments includes receiving flow data for a packet traversing a network. The method continues by determining a source endpoint group and a destination endpoint group for the packet. The method continues by determining that a policy was utilized, the policy being applicable to the endpoint group. Finally, the method includes updating utilization data for the policy based on the flow data.

Abstract: Disclosed are systems, methods, and non-transitory computer-readable storage media for monitoring application health via correctable errors. The method includes identifying, by a network device, a network packet associated with an application and detecting an error associated with the network packet. In response to detecting the error, the network device increments a counter associated with the application, determines an application score based at least in part on the counter, and telemeters the application score to a controller. The controller can generate a graphical interface based at least in part on the application score and a timestamp associated with the application score, wherein the graphical interface depicts a trend in correctable errors experienced by the application over a network.