Abstract: With a controller coupled to a first multicast domain and a second multicast domain having incompatible multicast profiles, source and group (S,G) state information may be extracted from a plurality of nodes of the first multicast domain and the second multicast domain, A first interdomain border node may be within the first multicast domain. A second interdomain border node may be defined within the second multicast domain. The (S,G) state information may be transmitted to the first interdomain border node and the second interdomain border node. The multicast traffic may be transmitted between the first multicast domain and the second multicast domain via the first interdomain border node and the second interdomain border node based at least in part on the (S,G) state information.

Abstract: Crest Factor Reduction (CFR) parameters are determined for a dual band Power Amplifier (PA). A first band of the dual band PA is associated with a first Multi-Link Operation (MLO) link and a second band of the dual band PA is associated with a second MLO link. Determining the CFR parameters comprises determining based on a configuration of the first MLO link and the second MLO link. A first portion of the CFR parameters is provided to a first crest factor reduction block. First portion of the CFR parameters comprises a first clipping threshold associated with the first band and first filter coefficients associated with the first band. A second portion of the CFR parameters is provided to a second crest factor reduction block. The second portion of the CFR parameters comprises a second clipping threshold associated with the second band and second filter coefficients associated with the second band.

Abstract: In one embodiment, a device instruments an application to generate OpenTelemetry trace data during execution of the application. The device identifies, based on where the application was instrumented, a particular method of the application. The device determines that a circuit breaker is to be inserted for the particular method of the application. The device inserts a circuit breaker for the particular method.

Abstract: According to certain embodiments, a system includes one or more processors and one or more computer-readable non-transitory storage media comprising instructions that, when executed by the one or more processors, cause one or more components to perform operations including executing a software process of a secondary instance, the secondary instance running in parallel with a primary instance and associated with a plurality of cores including a bootstrap core, registering a non-maskable interrupt for the bootstrap core in the secondary instance, determining whether the secondary instance is in a fault state, wherein, if the secondary instance is in the fault state, halting the plurality of cores associated with the secondary instance, without impact to the primary instance, and recovering the bootstrap core by switching a context of the bootstrap core from the secondary instance to the primary instance via the non-maskable interrupt.

Abstract: Methods are provided in which a collaboration server connects at least two participants via respective user devices to a collaboration session. The collaboration server further distributes, to the respective user devices, media stream data and one or more customized graphical items that are distinguishably displayed in the collaboration session. The one or more customized graphical items are displayed in a foreground or a background associated with a collaboration space of first participant of the at least two participants. The collaboration server further detects a selection, by one of the respective user devices, of a graphical item from the one or more customized graphical items displayed in the collaboration space and performs at least one action associated with the graphical item during the collaboration session based on detecting the selection of the graphical item.

Abstract: Techniques to adaptively support/enable a wireless network feature for certain wireless client devices without hampering the performance or connectivity of wireless client devices which do not support that wireless network feature. An access point or wireless network controller adaptively enables a wireless network feature without advertising support for the wireless network feature in a wireless network-standard compliant manner to allow one or more wireless clients that support the wireless network feature to use the wireless network feature when associated to the access point while enabling association of one or more wireless clients that do not support the wireless network feature.

Abstract: In one embodiment, a control tower device obtains, first state information from sensing or reporting systems or devices at a particular location via a first communication channel. The control tower device makes, based on the first state information, an evaluation regarding the particular location using one or more digital twins representing one or more entities of the particular location. The control tower device obtains second state information from one or more trusted verifiers for the particular location via a second communication channel. The control tower device verifies, based on the second state information, the evaluation regarding the particular location.

Abstract: Techniques for expressing, communicating, de-conflicting, and enforcing consistent access policies between an IBN architecture and a Cloud-Native architecture. Generally, network administrators and/or users of a Cloud-Native architecture and an IBN architecture express access policies independently for the two different domains or architectures. According to the techniques described herein, a Network Service Endpoint (NSE) of the Cloud-Native architecture may exchange access policies with a network device of the IBN architecture. After exchanging access policies, conflicts between the sets of access policies may be identified, such as differences between allowing or denying communications between microservices and/or applications. The conflicts may be de-conflicted using various types of heuristics or rules, such as always selecting an access policy of the IBN architecture when conflicts arise.

Abstract: Techniques for user identity-based security policy enforcement. The techniques may include sending, to an edge device associated with a network, a networking policy associated with a user. The techniques may also include receiving, from an identity provider, an IP address associated with the user. Additionally, the techniques may include sending, to the edge device, an indication to associate the IP address with the user such that the edge device applies the networking policy to packets that include the IP address.

Abstract: Systems, methods, and computer-readable media for managing compromised sensors in multi-tiered virtualized environments. In some embodiments, a system can receive, from a first capturing agent deployed in a virtualization layer of a first device, data reports generated based on traffic captured by the first capturing agent. The system can also receive, from a second capturing agent deployed in a hardware layer of a second device, data reports generated based on traffic captured by the second capturing agent. Based on the data reports, the system can determine characteristics of the traffic captured by the first capturing agent and the second capturing agent. The system can then compare the characteristics to determine a multi-layer difference in traffic characteristics. Based on the multi-layer difference in traffic characteristics, the system can determine that the first capturing agent or the second capturing agent is in a faulty state.

Abstract: Techniques for a Software-Defined Networking (SDN) controller associated with a multisite network to implement jurisdictional data sovereignty polices in a multisite network, route network traffic flows between user sites and destination services over one or more provider sites, and/or perform a routing operation on the network traffic flow(s) based on the jurisdictional data sovereignty policies. The jurisdictional data sovereignty polices may be implemented using destination group tags (DGTs) and/or source group tags (SGTs). A secure access service edge (SASE) associated with the network controller may generate, store, and distribute the DGTs to provider sites and/or the SGTs to user sites. Based on the SGT and/or DGT associated with a network traffic flow, one or more services may be applied to the network traffic flow, and the network traffic flow may be routed through a particular region of a software-defined access (SDA) transit.

Abstract: A method for communicating in a digital conversation is implemented on a computing device and includes: receiving an interactive contextual emoji from a first digital conversation participant to post in the digital conversation with at least a second digital conversation participant, where the interactive contextual emoji is pre-defined to indicate at least a current availability status associated with the first digital conversation participant, requesting the current availability status from a status application based on at least an indication of the interactive contextual emoji, where the status application maintains the current availability status, receiving the current availability status from the status application, and displaying the interactive contextual emoji in the digital conversation with at least an indication of the current availability status.

Abstract: A multilayer printed circuit board having a stackup including an upper half of the stackup and a lower half of the stackup, the multilayer printed circuit board having a top exposed surface and a bottom exposed surface, a first trace and via structure, having one portion disposed on the top exposed surface and another portion disposed within the upper half of the stackup, a second trace and via structure, having one portion disposed on the top exposed surface and another portion disposed within the upper half of the stackup, and first electrical components and second electrical components disposed on the top exposed surface of the multilayer printed circuit board and associated, respectively, with the first trace and via structure and the second trace and via structure, wherein the first electrical components are mounted orthogonally with respect to the second electrical components.

Abstract: A method and system for implementing security policies for a user device based on one or more user device parameters. When a user device joins a domain, the security policy agent determines one or more security policies for the user device based on one or more parameters of the user device. The user parameters may include the type of user device, a user group, an application to be used, etc. The security polies are sent to the user device. The user device generates a data packet having metadata indicating the one or more device parameters. The data packet is sent to a remote security service where security policies are implemented based on the metadata.

Abstract: In one embodiment, a device may determine a compliance status of a communication of a type of data between a first workload and a second workload based on a data compliancy policy and a verified node location of at least one of the first workload and the second workload. The device may send, based on the compliance status of the communication, an instruction for handling the communication to at least one of a node executing the first workload and a node executing the second workload.

Abstract: According to one or more implementations of the disclosure, a device initiates probing of a path in a network during which one or more probe packets are sent along the path. A hop along the path modifies the one or more probe packets to include energy source information regarding one or more energy sources available to that hop. The device receives results of the probing of the path that include the energy source information. The device generates, based on the results of the probing, a visual representation of the path and those one or energy sources available to different hops along the path. The device provides the visual representation of the path to a user interface for display.

Abstract: A method for implementing a privacy-preserving automatic speech recognition system using federated learning. The method includes receiving, from respective client devices, at a cloud server, local acoustic model weights for a neural network-based acoustic model of a local automatic speech recognition system running on the respective client devices, wherein the local acoustic model weights are generated at the respective client devices without labelled data, updating a global automatic speech recognition system based on (a) the local acoustic model weights received from the respective client devices and (b) global acoustic model weights of the global automatic speech recognition system derived from labelled data to obtain an updated global automatic speech recognition system, and sending the updated global automatic speech recognition system to the respective client devices to operate as a new local automatic speech recognition system.

Abstract: In one embodiment, a device determines one or more key-value pairs associated with observability data for an online application, and searches the observability data for events corresponding to the one or more key-value pairs. The device also builds a responsive event list with the events corresponding to the one or more key-value pairs within the observability data and sorts the responsive event list by associated timestamps to provide the responsive event list as a sequence of transactional milestones reached by one or more users of the online application.

Abstract: Techniques are presented herein to facilitate the monitoring of occupancy of a buffer in a network device. Packets are received at a network device. Information is captured describing occupancy of the buffer caused by packet flow through the buffer in the network device. Analytics packets are generated containing the information. The analytics packets from the network device for retrieval of the information contained therein for analysis, replay of buffer occupancy, etc.