Abstract: In one example embodiment, a first network device is determined to have insufficient storage to perform a task. A second network device is identified with available storage, and data is transferred from the first network device to the second network device to provide sufficient storage for the task on the first network device. The task is performed on the first network device, and the data is restored to the first network device from the second network device after completion of the task.

Abstract: Techniques for detecting and/or confirming a Man-in-The-Middle (MiTM) attack using Fine Timing Measurement (FTM) are provided. In one aspect, a FTM exchange is initiated between a second station and a first station to detect or confirm a MiTM attack in a network in which a MiTM is positioned between the first station and a third station. The MiTM attack is detected or confirmed, or both, based at least in part on FTM information determined during the FTM exchange.

Abstract: Techniques for dynamic TID mapping are provided. A network device creates an Internet-of-things (IoT) traffic identifier (TID) for IoT traffic. The network device determines a first operational spectrum for the IoT TID. The network device maps the IoT TID to access one or more links operating on the first operational spectrum, between the network device and the IoT device. The network device communicates the TID and the one or more links to the IoT device.

Abstract: Systems and methods for providing adaptive probe responses may be provided. An Access Point (AP) may receive a new probe response configuration, and compare the new probe response configuration to an old probe response configuration. The AP may determine that AP is operating in an ignore, a duplicate, or a hybrid mode based on the comparison of the new probe response configuration to the old probe response configuration. The AP may determine one or more probe response structures using the new probe response configuration and/or the old probe response configuration based on the mode the AP is operating in. When the AP receives a probe request from a Station (STA), the AP may send one or more probe responses in the probe response structures based the mode the AP is operating in.

Abstract: Disclosed are methods, controllers, and network devices that reduce the impact of an out of resource event for a network device. In one example, a controller can analyze routing information to determine which of a plurality of prefixes are dispensable based on several factors, such as the specificity of the prefix, the frequency of use of the prefix, the geographic area through which the prefix passes, and the extent to which upstream network devices rely on the prefix. Thereafter, the controller can remove the dispensable prefixes to resolve the out of network condition. In another example, the network device itself performs the analysis of which prefixes are dispensable and communicates that information to the controller. In either scenario, the controller can reduce micro-loops and sub-optimal forwarding during an out of resource condition for the network device by removing prefixes that have a lesser impact on the network as a whole.

Abstract: In one implementation, a method is disclosed comprising: determining, by a process, a network topology of a particular computer network and capabilities of particular devices within the network topology; determining, by the process, a logical framework of the particular computer network; mapping, by the process, access control and segmentation features of the particular devices to the logical framework based on the capabilities of the particular devices; and causing, by the process, mapped access control and segmentation features to be implemented to enforce the logical framework within the network topology.

Abstract: Systems and techniques for dynamically optimizing a wireless network topology to minimize energy consumption while preserving user quality of experience (QoE) are described. An example technique includes determining a set of applications that have a target service level agreement (SLA). Network traffic is monitored from the set of applications being executed by one or more client STAs within a network. A topology of the network is dynamically adapted to reduce an amount of energy consumption in the network while maintaining a threshold amount of the network traffic that satisfies the target SLA, based on monitoring the network traffic.

Abstract: This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

Abstract: Systems and methods for creating user defined network in a network environment is provided. Users are able to create user defined networks which as private logical groups that extend across different wired and wireless networking constructs. A user may use an endpoint (e.g., mobile phone) to create a user defined network, to associate one or more endpoints with the user defined network, and to invite other users to add their endpoints to the user defined network. The user may create a policy for endpoints in the user defined network such as only allowing endpoints associated with the user defined network or restricting types of traffic that can be communicated to endpoints in the user defined network. The user defined network, and associated policies, may be enforced by the infrastructure devices in the network environment.

Abstract: In one embodiment, a process observes a communication network with automated systems for packet relative arrival times between a pair of devices having stable or periodic communications within the communication network. The process performs a spectral analysis on the packet relative arrival times between the pair of devices to determine a periodicity of communications between the pair of devices. When a change in the periodicity of communications between the pair of devices is detected based on continued inference observing, the process may then mitigate the change in the periodicity of communications between the pair of devices.

Abstract: Implementations of this disclosure provide an anomaly detection system and methods of performing anomaly detection on a time-series dataset. Some implementations are directed to performing health status checks on the time-series that results in a predicted health status of the time-series dataset. Following performance of one or more health status checks, a report or flag may be generated. In some instances, the report or flag indicates the predicted health status. In other instances, the flag or report indicates which of the one or more health status checks that were failed by the time-series dataset. In some implementations, the one or more health checks include deployment of a trained machine learning model configured to determine and classify a predicted health score of the time-series data set.

Abstract: An extended reality (XR) software application program executing on a processor within an XR system generates drill-down data visualizations in an XR environment. Via the XR software application program, various techniques are performed for displaying panels that include visualizations of data. In a first technique, the XR software application program generates, in response to detecting a user interaction with a portion of a first panel, a drill-down panel that includes additional visualization(s) of data associated with the portion of the first panel and is displayed in front of the first panel within the XR environment. In a second technique, the XR software application program generates and displays multiple drill-down panels that include visualization(s) of the selected data and are displayed in a tree structure within the XR environment.

Abstract: According to some embodiments, a method includes detecting a start of an OpenTelemetry span by an application and determining security information related to the start of the OpenTelemetry span. The method further includes monitoring the application for one or more application behaviors during execution of the OpenTelemetry span. The method further includes detecting an end of the OpenTelemetry span by the application, and in response, calculate a security score for the OpenTelemetry span using the security information related to the start of the OpenTelemetry span and the one or more application behaviors detected during execution of the OpenTelemetry span. The method further includes updating a status of the OpenTelemetry span to include the security score and a text string related to the calculation of the security score.

Abstract: In one embodiment, a method includes determining a replication factor and duplicating one or more original probe packets according to the replication factor, resulting in one or more replicated probe packets. The method also includes transmitting a set of probe packets to a responder device, the set of probe packets including the one or more original probe packets and the one or more replicated probe packets. The method further includes determining a count of one or more reflected probe packets received from the responder device and determining a frame loss measurement based on the count of the one or more reflected probe packets.

Abstract: Techniques for wireless network management are provided. A first set of characteristics data for a plurality of wireless networks in a common physical space is collected. A use timeline for at least a first wireless network of the plurality of wireless networks is generated based at least in part on the first set of characteristics data, where the first use timeline indicates, for a plurality of time windows, typical expected network characteristics of the first wireless network. A set of radio frequency (RF) parameter modifications is generated based on the first use timeline, and one or more of the plurality of wireless networks are instructed to implement the set of RF parameter modifications.

Abstract: A method includes causing display to a user of at least one event of a first result set from a first pipelined search on events at an event source. Each event comprises a time stamp and a portion of machine data. A selection of a command is received from the user. The selection is to extend the first pipelined search with the selected command in a second pipelined search. The system selects between the first result set and the event source for execution of the second pipelined search based on an analysis of the selected command and at least one command of the first pipelined search. Based on the selecting being of the first result set, display to the user is caused of at least one event of a second result set from the execution of the second pipelined search on the first result set.

Abstract: Field-based enterprise events created within an enterprise platform are compared to criteria to determine enterprise events of interest. These enterprise events of interest are used to create key-value based observability events which are sent from the enterprise platform to an observability platform. At the observability platform, the observability events are used to create a time series, and the observability platform analyzes the time series to create one or more reports and/or events. This may enable a compatibility between the log-based enterprise platform and the time-series based observability platform. This may also enable the automatic analysis of log-based data using a (real-time) time-series based approach, which may result in a faster response to log-based issues, which may in turn reduce an amount of damage resulting from such log-based issues (and may improve a performance of computing hardware experiencing the issues reported using log data).

Abstract: A system and method are provided for placing security operations at selected enforcement points in a distributed security fabric. The enforcement points at which the security operations are placed can be endpoints, nodes, and/or network devices within the network. The security operations can be updated by monitoring data flows through the network to generate network data, and then determining, based on the network data, one or more changes to the security operations, based on the generated network data. Recommended changes can be obtained by applying the network data to a machine-learning model that indicates suspicious data packets (e.g., disseminates packets suspected of being malicious from normal traffic) and crafts new policies to deny the suspicious data packets. Performance of the network can also be improved by analyzing the security operations for redundancies and/or inefficiencies and modifying the security operations to mitigate them.

Abstract: Apparatuses, systems, and methods for a controlled-force thermal management device installation that helps thermal management of emerging, next-generation devices are provided. An apparatus includes at least two compression interfaces, each for compressing a mounting assembly of a thermal management device to a predetermined loading point. The apparatus further includes a frame configured to apply a preload force to the at least two compression interfaces. The frame has a pivoting joint at an assembly point for each of the at least two compression interfaces to balance the preload force between the at least two compression interfaces.

Abstract: Receiver and transmitter assistance for Backscatter Devices (BKDs) may be provided. Network devices enabled to assist with management of BKDs in a network may be identified. A relative position of each of network devices may be determined with respect to an Access Point (AP) it is associated with. A first group of network devices from the network devices may be determined to relay BKD frames based on the relative position of each of the network devices and positions of the BKDs. Each APs of the network with which the first group of network devices are associated with may be caused to send a BKD relay assistance request to each of the first group of network devices. The BKD relay assistance request may include a request to detect the BKD frames backscattered by the BKDs and to relay the detected BKD frames to the AP.