Abstract: In one embodiment, a device maintains a journal of uncommitted changes to a file system of the device in a layer that is hot-swappable with a writable container layer. The device augments the journal with metadata regarding a particular uncommitted change to the file system of the device. The device applies, within a sandbox environment of the device, a machine learning-based anomaly detector to the particular uncommitted change to the file system and the metadata regarding the change, to determine whether the particular uncommitted change to the file system is indicative of a destruction of service attack on the device. The device causes performance of a mitigation action when the machine learning-based anomaly detector determines that the particular uncommitted change to the file system is indicative of a destruction of service attack on the device.

Abstract: Steering for location-assisted inter-set roaming, between different networks of the same or different types is provided by: identifying a first station connected to a first wireless network in an environment; identifying a direction of travel of the first station; identifying a second wireless network and a third wireless network as candidate roaming targets, based on the second wireless network and the third wireless network neighboring the first wireless network in the direction of travel, wherein the second wireless network and the third wireless network are different from the first wireless network; modifying a neighbor list for the first station to include an Access Point (AP) included in the third wireless network based on environmental knowledge; removing APs included in the second wireless network based on the environmental knowledge; and transmitting the neighbor list to the first station.

Abstract: Method and apparatus for performing a database query using a bitmap index in a data-base having a plurality of bitmap vectors, the method comprising the steps of: upon receipt of a query containing a selection condition, creating a filter bitmap based on the query input; performing a bitmap scan for the filter bitmap in order to determine at least one value of an existing matching data-base entry; determining a bitmap of the determined at least one value; creating a filtered bitmap by combining the filter bitmap with the bitmap of the determined at least one value; determining all entries in the database matching the filtered bitmap; sub-tracting the filtered bitmap from the filter bitmap, thus creating a new filter bitmap; repeating the steps, starting with the step of performing a bitmap scan based on the new filter bitmap, until the step of sub-tracting results in an empty bitmap.

Abstract: In one embodiment, a supervisory device for a software defined networking (SDN) fabric predicts a failure in the SDN fabric using a machine learning-based failure prediction model. The supervisory device identifies a plurality of traffic flows having associated leaves in the SDN fabric that would be affected by the predicted failure. The supervisory device selects a subset of the identified plurality of traffic flows and their associated leaves. The supervisory device disaggregates routes for the selected subset of traffic flows and their associated leaves, to avoid the predicted failure.

Abstract: The present disclosure provides for dynamic host configuration across multiple sites in software defined networks, by: receiving, from a host, a DHCP (Dynamic Host Configuration Protocol) discover message at an edge network device of a site; adding to the DHCP discover message a sender border network device IP (Internet Protocol) address for a border network device of the site; transmitting the DHCP discover message, from the border network device to a DHCP server located externally of the site to instruct the DHCP server to return a DHCP offer packet including a destination border network device IP address for a destination border network device of a destination site; receiving the DHCP offer packet; and in response to determining that the destination border network device IP address matches the sender border network device IP address, forwarding the DHCP offer packet to the edge network device to perform DHCP forwarding.

Abstract: In one embodiment, a service obtains wireless network connectivity data for a plurality of vehicles. The service clusters the plurality of vehicles into clusters based on the network connectivity data. The service determines an update schedule for the plurality of vehicles by assigning the clusters to timeslots of the schedule. The service pushes a firmware or software update to the vehicles according to the update schedule.

Abstract: In one embodiment, an apparatus includes a fan for cooling electronics within a chassis, the fan comprising a rotor with a plurality of fan blades connected thereto for generating an axial airflow during operation of the fan, a sensor for detecting failure of the fan, and an airflow blocking device positioned at an exhaust side of the fan and configured to prevent airflow through the fan upon detection of the fan failure, wherein the airflow blocking device is stowed in a position removed from a path of the axial airflow generated by the fan during operation of the fan. A method for preventing airflow recirculation at a failed fan is also disclosed herein.

Abstract: In one embodiment, a controller determines one or more objects of a computer application to track, and instructs a monitoring system to track object state changes for the one or more objects during runtime of the computer application. As such, the controller then receives object state change information for the one or more objects tracked by the monitoring system, in addition to receiving application performance metrics related to the computer application during runtime from the monitoring system. The controller may then determine one or more application performance metric change events based on the received application performance metrics. According to the techniques herein, the controller may then correlate one or more particular object state changes of the object state change information with one or more correspondingly affected application performance metric change events, and may perform one or more reactive actions based on the correlating.

Abstract: Dynamic roaming partner prioritization based on service quality feedback may be provided. First, a server associated with an enterprise may receive performance data and location data for each of a plurality of service provider networks from a plurality of end use devices associated with the enterprise. Next, the server may assign a ranking to a plurality of service providers by location based upon information. The information may comprise the received performance data and the location data corresponding to each of the plurality of service provider networks. The server may then push the ranking to a first end use device.

Abstract: Offloading of location computation from a location server to an access point through the use of projections on base phase vectors may be provided. First, an Access Point (AP) may receive a set of two or more base phase vectors from a location server. Next, the AP may measure a measured phase vector for a first signal from a user device. Then, the AP can determine projection values based on a comparison of the measured phase vector to each base phase vector. From these comparisons, the AP can determine a subset of base phase vectors with the highest projection values. The AP can then send the projection values and the subset of base phase vectors to the location server, wherein the location server determines the device location from these projection values and subset of base phase vectors.

Abstract: Differentiated sidecars in a service mesh may be provided. A first routing rule includes a first plurality of weights to be associated with a first plurality of data paths of a first microservice instance may be received. Next, first mapping between a first set of features associated with the first microservice instance and the first plurality of weights may be determined. Then a second microservice instance may be detected and a second set of features associated with the second microservice instance may be detected. A second routing rule comprising a second plurality of weights to be associated with a second plurality of data paths of the second microservice instance may be determined. The second plurality of weights may be determined such that a second mapping between the second set of features and the second plurality of weights imitates the first mapping.

Abstract: Determining a device's location in a space in real time is computing intensive. To offload some of the workload in conducting this hyperlocation, the access points in the network conduct some of process in determining the location of a device. The cloud determines a restricted AoA search area based on previous client locations. After this determination, a three-dimensional (3D) AoA search is conducted by each AP in the restricted area (restricted by a range of azimuth directions) for a device. Finally, each AP reports a location(s) for the device, which comprises weights for selected angular sectors. The cloud can then construct a probability heat map for location computation from the weights provided from each AP for the device.

Abstract: In one embodiment, a Segment Routing network node provides efficiencies in processing and communicating Internet Protocol packets in a network. This Segment Routing node typically advertises (e.g., using Border Gateway Protocol) its Segment Routing processing capabilities, such as Penultimate Segment Pop (PSP) and/or Ultimate Segment Pop (USP) of a Segment Routing Header (including in the context of a packet that has multiple Segment Routing Headers). Subsequently, an Internet Protocol Segment Routing packet having multiple Segment Routing Headers is received. The packet is processed according to a Segment Routing function, with is processing including removing a first one of the Segment Routing Headers and forwarding the resultant Segment Routing packet. The value of the Segments Left field in the first Segment Routing Header identifies to perform PSP when the value is one, to perform USP when the value is zero, or to perform other processing.

Abstract: In one embodiment, a device obtains telemetry data indicative of channel usage by a plurality of Bluetooth Low Energy (BLE) tags. The device also obtains tag characteristic data indicative of one or more characteristics of the BLE tags. The device determines that usage of a particular channel by the BLE tags exceeds a predefined threshold, based on the obtained telemetry data. The device selects a subset of the plurality of BLE tags, based on their one or more characteristics indicated by the obtained tag characteristic data. The device instructs, for each of the selected subset of BLE tags, the selected BLE tag to increase an interval of time between BLE advertisements sent by the selected BLE tag.

Abstract: Embodiments herein describe using a dual assess point (AP) to establish two access points that both are established by two individual radios (e.g., two 5 GHz radios). Generally, APs experience highly degraded performance when two co-located radios operate within the same band. In one embodiment, AP devices can deploy same band radios using a macro-micro cell approach. Thus, the AP may intelligently hand off client devices between the micro and macro cell in a way that optimizes the system for overall throughput and low packet latency while creating minimal oscillation of clients between cells. The embodiments in this disclosure disclose techniques that direct clients in a manner that optimizes these factors.

Abstract: Presented herein are techniques for monitoring packets in a container networking environment. A method includes receiving a packet at a network node, the packet having been routed to the network node in accordance with instructions from a container orchestration system, inserting an additional field in the packet that is configured to record a path of the packet within a first POD of the host device that includes at least one container, forwarding the packet to the first POD of the host device in accordance with the instructions from the container orchestration system, updating the additional field with container networking path information as the packet transits the first POD and the at least one container therein, storing the container path information in an analytics node of the network node, removing the additional field from the packet, and transmitting the packet from the network node to the network.

Abstract: In general, embodiments of the invention relate managing the interaction of applications with one or more file systems and/or data managed by the file systems. More specifically, embodiments of the invention relate to providing applications with access to an overlay file system (OFS) and then servicing OFS operations using a file system module and one or more underlay file systems (UFSes) that are not directly accessible to the applications.

Abstract: In one embodiment, a supervisory device for a software defined networking (SDN) fabric predicts characteristics of a new traffic flow to be admitted to the fabric, based on a set of initial packets of the flow. The supervisory device predicts an impact of admitting the flow to the SDN fabric, using a heatmap-based saturation model for the SDN fabric. The supervisory device admits the flow to the SDN fabric, based on the predicted impact. The supervisory device uses reinforcement learning to adjust one or more call admission control (CAC) parameters of the SDN fabric, based on captured telemetry data regarding the admitted flow.

Abstract: In one embodiment, a device in a network detects an encrypted traffic flow associated with a client in the network. The device captures contextual traffic data regarding the encrypted traffic flow from one or more unencrypted packets associated with the client. The device performs a classification of the encrypted traffic flow by using the contextual traffic data as input to a machine learning-based classifier. The device generates an alert based on the classification of the encrypted traffic flow.

Abstract: In one embodiment, a network assurance service that monitors a network receives telemetry data regarding monitored characteristics of the network. The service identifies, using a machine learning-based pattern analyzer, a pattern of the monitored characteristics that are associated with failures experienced by one or more networking devices in the network. The service groups networking devices by software version. The service determines probabilities of the pattern being observed concurrently with failures of the grouped network networking devices. A particular probability is associated with a particular group of the networking devices executing a particular software version. The service provides, based on the determined probabilities, data regarding the identified pattern and software versions for display.