Abstract: In one embodiment, a network node automatically cycles among packet traffic flows and subjects the currently selected packet flows to varying drop probabilities in a packet network, such as, but not limited to in response to congestion in a device or network. Packets of the currently selected packet traffic flows are subjected to a drop or forward decision, while packets of other packet traffic flows are not. By cycling through all of these packet traffic flows, all of these packet flows are subjected to the drop or forward decision in the long term approximately uniformly providing fairness to all packet traffic flows. In the short term, only packets of a currently selected flow are targeted for possible dropping providing unfairness to the currently selected flows, while possibly providing communication efficiencies by affecting the currently selected, but not all flows.

Abstract: In one embodiment, an apparatus includes a non-volatile memory, a one-time programmable (OTP) memory, and a processor operative to write data values to the non-volatile memory and then initiate programming of a first bit of the OTP memory, the first bit being associated with locking the non-volatile memory from further data being written thereto, and after the non-volatile memory has been locked from further data being written thereto, initiate programming of the second bit of the OTP memory in order to lock the non-volatile memory from further data being erased therefrom.

Abstract: In one embodiment, a method includes receiving ultrasound frequency sweeps in a sound receiving device. Each of the plurality of ultrasound frequency sweeps is centered on one of at least two predetermined frequencies. The method also includes converting the ultrasound frequency sweeps into an ultrasound message based on a central frequency of each of the ultrasound frequency sweeps received, and placing the ultrasound message into a receive buffer. Then at least a network address is extracted from the ultrasound message, and the network address is used to establish a communication session over a data network with a telecommunications device.

Abstract: In one example embodiment, an integration system obtains, based on data from a wireless location system, location data of a wireless device in a spatial area. The integration system determines location data of a person in the spatial area based on at least one image of the person captured by a camera. Based on the location data of the wireless device and the location data of the person, the integration system calculates a proximity parameter representing a spatial relationship between the wireless device and the person. Based on the proximity parameter, the integration system computes a probability of association between the wireless device and the person and determines, based on the probability of association, whether the person is a user of the wireless device.

Abstract: A method is provided in one example and includes receiving a data signal, receiving an interference signal, wherein the interference signal is copied to create a reference data interference signal, combining the data signal and the interference signal to create a combined signal, using an analog echo cancellation engine on the combined signal to create an analog echo cancellation signal, and using a digital echo cancellation engine on the analog echo cancellation signal to create a data with echo cancellation signal. The data with echo cancellation signal can be communicated using a coaxial cable.

Abstract: The present system uses quorum based aggregator failure detection in which a failed aggregator is detected and configured. Rather than repair and roll-up of all metrics for a period of time associated with the failed aggregator, only the specific metrics that were to be processed by the failed aggregator are repaired. Once the failed aggregator is identified, the time range for the downed aggregator and keys processed by the aggregator are identified. Keys for replica aggregators associated with the identified time ranges and key values are then pulled, provided to a batch processor, and processed. At cluster roll-up task completion, a time rollup task for cluster rollup is then started.

Abstract: An ingress node inserts into a header of a packet service level agreement information and forwards the packet. At an egress node of the network, the packet is received and the service level agreement information is obtained from the header of the packet. The egress node verifies whether there is conformance to a service level agreement based on at least one parameter associated with reception of one or more packets at the egress node and the service level agreement information.

Abstract: An arrangement for improving adhesive attachment of micro-components in an assembly utilizes a plurality of parallel-disposed slots formed in the top surface of the substrate used to support the micro-components. The slots are used to control the flow and “shape” of an adhesive “dot” so as to quickly and accurately attach a micro-component to the surface of a substrate. The slots are formed (preferably, etched) in the surface of the substrate in a manner that lends itself to reproducible accuracy from one substrate to another. Other slots (“channels”) may be formed in conjunction with the bonding slots so that extraneous adhesive material will flow into these channels and not spread into unwanted areas.

Abstract: Flow data can be augmented with features or attributes from other domains, such as attributes from a source host and/or destination host of a flow, a process initiating the flow, and/or a process owner or user. A network can be configured to capture network or packet header attributes of a first flow and determine additional attributes of the first flow using a sensor network. The sensor network can include sensors for networking devices (e.g., routers, switches, network appliances), physical servers, hypervisors or container engines, and virtual partitions (e.g., virtual machines or containers). The network can calculate a feature vector including the packet header attributes and additional attributes to represent the first flow. The network can compare the feature vector of the first flow to respective feature vectors of other flows to determine an applicable policy, and enforce that policy for subsequent flows.

Abstract: Disclosed is an apparatus and method for segment routing using a remote forwarding adjacency identifier. In one embodiment, a first node in a network receives a packet, wherein the packet is received with a first segment-ID and another segment ID attached thereto. The first node detaches the first and the other segment IDs from the packet. Then the first node attaches a first label to the packet. Eventually, the first node forwards the packet with the attached first label directly to a second node in the network. In one embodiment, the other segment ID corresponds to a forwarding adjacency or tunnel label switched path between the first node and another node.

Abstract: A method for deployment and upgrade of network devices in a network environment includes receiving (for example, at a switch being activated in the network environment), Dynamic Host Configuration Protocol (DHCP) information (for example, from a DHCP server in the network environment). The DHCP information includes a filename and location of a script file. The method further includes downloading the script file from a script server in the network environment and executing the script file. Executing the script file includes copying a configuration file and one or more software images to a memory element of the switch, where the configuration file includes configuration settings relevant to at least a switch identity, and a switch location in the network environment, installing the software images on the switch, rebooting the switch, applying configuration settings from the configuration file to the software images, and saving the configuration file to the memory element.

Abstract: In one embodiment, a security device identifies, from monitored network traffic of one or more users, one or more suspicious domain names as candidate domains, the one or more suspicious domain names identified based on an occurrence of linguistic units used in discovered domain names within the monitored network traffic. The security device may then determine one or more features of the candidate domains, and confirms certain domains of the candidate domains as malicious domains using a parameterized classifier against the one or more features.

Abstract: In one embodiment, a device in an anchorless network receives an update message from a first neighbor of the device. The update message indicates a movement of a node in the network to a new position in the network. The device updates a forwarding table of the device to reverse a link direction associated with the node, in response to receiving the update message. The device sends the update message to a second neighbor of the device towards a prior position of the node in the network.

Abstract: An interposer is provided that is configured to interpose into an application security protocol exchange by obtaining application session security state. The interposer does this without holding any private keying material of client or server. An out-of-band Security Assistant Key Escrow service (SAS/SAKE) is also provided. The SAKE resides in the secure physical network perimeter and holds the private keying material required to derive session keys for interposing into application security protocol. During a security protocol handshake, the interposer sends SAKE security protocol handshake messages and in return receives from the SAKE session security state that allows it to participate in application security protocol.

Abstract: In one embodiment, a device in a network identifies a set of network entities. The device determines characteristics of the network entities. The device assigns each of the set of network entities to one or more hyperedges of a hypergraph based on the characteristics. The device applies a security policy to a particular one of the network entities based on the one or more hyperedges of the hypergraph to which the particular network entity is assigned.

Abstract: A method is provided in one example embodiment and may include receiving, by a mobility management frontend, an attach request for a user equipment (UE) to attach the UE to a core network slice type for a mobile core Software Defined Network (SDN) infrastructure, wherein a plurality of core network slice types are available for the mobile core SDN infrastructure to receive traffic from a plurality of UEs; determining a particular core network slice type within the mobile core SDN infrastructure to serve the UE based on subscriber information associated with the UE; selecting a particular slice instance of the particular core network slice type to receive traffic for the UE; and forwarding traffic for the UE between a Radio Access Network (RAN) and the particular slice instance by the mobility management frontend.

Abstract: In one embodiment, a content-addressable memory has multiple blocks of content-addressable memory entries, including different first and second sets of content-addressable memory blocks. One embodiment determines the first set of content-addressable memory blocks based on a content-addressable memory profile identifier and a search key and then performs a first content-addressable memory lookup operation in each of the first set of content-addressable memory blocks, but not in the second set of content-addressable memory blocks, based on the search key. If at least one entry is match, a corresponding result is identified. Otherwise, in one embodiment, the second set of content-addressable memory blocks is determined based on the content-addressable memory profile identifier but not based on the search key, and a search is made therein to identify a matching result or that no match was determined. In one embodiment, a matching result determines how a packet is processed.

Abstract: Methods and systems are disclosed. The method comprises: designating a first plurality of links from a first stack segment to a second stack segment as a first etherchannel link; designating a second plurality of links from the first stack segment to a third stack segment as a second etherchannel link, where the second stack segment and the third stack segment are in communication with a fourth stack segment; designating the first etherchannel link and the second etherchannel link as members of a hierarchical etherchannel link; and sending a packet from the first stack segment to the fourth stack segment using the hierarchical etherchannel link.

Abstract: In one embodiment, a method includes receiving an indication at a modular electronic system of initiation of online removal for a module removably inserted into a slot of the modular electronic system, increasing a fan speed at the modular electronic system before the module is removed, monitoring an internal temperature at the modular electronic system, and providing an indication that the module is ready for removal upon reaching a specified cooling state at the modular electronic system based on the temperature monitoring. A panel on an adjacent module is opened and extends into the slot upon removal of the module to substantially block airflow bypass from the slot and maintain cooling within the modular electronic system. An apparatus and logic are also disclosed herein.

Abstract: In one embodiment, a method includes characterizing a set of compute nodes, wherein the set of compute nodes comprise a network; characterizing a set of workloads, wherein the set of workloads comprise at least one application executing on the network; for each workload of the set of workloads, attempting to assign the workload to a compute node of the set of compute nodes based on the characterizing the set of compute nodes and the characterizing the set of workloads; determining whether each one of the workloads of the set of workloads has been successfully assigned to a compute nodes of the set of compute nodes; and if each one of the workloads of the set of workloads has been successfully assigned to a compute node of the set of compute nodes, awaiting a change in at least one of the set of compute nodes and the set of workloads.