Abstract: In one embodiment, a device obtains input features for a neural network-based model. The device pre-defines a set of neurons of the model to represent known behaviors associated with the input features. The device constrains weights for a plurality of outputs of the model. The device trains the neural network-based model using the constrained weights for the plurality of outputs of the model and by excluding the pre-defined set of neurons from updates during the training.

Abstract: In one embodiment, a device identifies a plurality of online applications accessible via a network for which a prediction model was trained to predict their application experiences. The device makes a determination as to whether a particular online application is behaviorally similar to any of the plurality of online applications. The device obtains, based on the determination, application experience metrics for the particular online application, when the particular online application is not behaviorally similar to any of the plurality of online applications. The device trains, using the application experience metrics for the particular online application, the prediction model to predict an application experience of the particular online application in addition to those of the plurality of online applications, when the particular online application is not behaviorally similar to any of the plurality of online applications.

Abstract: In one embodiment, a device obtains characteristics of a first anomaly detection model executed by a first distributed learning agent in a network. The device receives a query from a second distributed learning agent in the network that requests identification of a similar anomaly detection to that of a second anomaly detection model executed by the second distributed learning agent. The device identifies, after receiving the query from the second distributed learning agent, the first anomaly detection model as being similar to that of the second anomaly detection model, based on the characteristics of the first anomaly detection model. The device causes the first anomaly detection model to be sent to the second distributed learning agent for execution.

Abstract: Systems, methods, and computer-readable media for an integrated Wi-Fi Access Point and cellular network Radio Unit (RU) include a communication system interfacing with a wired network for communicating Wi-Fi traffic and cellular network traffic, the communication system integrating a Wi-Fi Access Point (AP) with a cellular network Radio Unit (RU). The Wi-Fi traffic and cellular network traffic can be processed in the communication system. The communication system can interface with at least one programmable Radio Frequency (RF) front end configured for wireless communication over one or more frequency bands for Wi-Fi traffic and one or more frequency bands for cellular network traffic (e.g., 5G, LTE, Wi-Fi).

Abstract: Various implementations disclosed herein provide a mechanism for determining that a configuration status of a compliant device is too far out-of-date, and subsequently bridging the configuration status of the compliant device to the up-to-date configuration data and instructions in response. In various implementations, determination of the configuration status of the compliant device is possible using a single request from the compliant device, which in turn reduces the amount of network traffic and utilization of network resources needed to update the compliant device with the up-to-date configuration data and instructions.

Abstract: In one embodiment, a method comprises: establishing, from an agent hub device, a tunnel to a remote vantage point device; generating, by the agent hub device, test traffic to appear as though the test traffic originates from the remote vantage point device; encapsulating, by the agent hub device, the test traffic into the tunnel to the remote vantage point device to cause the remote vantage point device to decapsulate the test traffic and send the test traffic as though the test traffic originated from the remote vantage point device; receiving, at the agent hub device, one or more returned test responses in response to the test traffic; and producing, by the agent hub device, test results based on the one or more returned test responses.

Abstract: Disclosed are systems, apparatuses, methods, and computer-readable media to implement circuit-style network with co-routed bidirectional network paths. A method includes receiving a request for a circuit policy between a source node and a destination node, the circuit policy defining a co-routed bidirectional policy between the source node and the destination node; requesting a path compute service to identify a path between the source node and the destination node that satisfies the circuit policy through a first network; receiving a path identifying a first set of network nodes that satisfy the circuit policy; configuring each node in the first set of network nodes within the first network with the circuit policy; and establishing a connection using the path that satisfies the circuit policy between the source node and the destination node.

Abstract: Route exchange in a plurality of network controller appliances on a per-tenant basis is disclosed. In one aspect, a method includes receiving, from a network management system and at a first network controller appliance, a designation of at least two tenants to be hosted on the first network controller appliance, the first network controller appliance being one of a plurality of network controller appliances in a SD-WAN; sending, from the first network controller appliance to other network controller appliances of the plurality of network controller appliances, a tenant list query message to obtain a corresponding tenant list of each of the other network controller appliances; and receiving a corresponding response from each of the other network controller appliances indicating the corresponding tenant list of each of the other network controller appliances, the corresponding response being used to update the tenant list on the first network controller appliance.

Abstract: Various embodiments herein disclose coordinating frequencies for an access point (AP). A corresponding method comprises evaluating a performance profile for the AP, the performance profile comprising a first part related to a first network generated by a first radio of the AP and a second part related to a second network generated by a second radio of the AP. The method also comprises selecting first channels on which the AP generates the first network based on the performance profile and spectral regrowth profiles for transmission power levels of the first radio. The method additionally comprises selecting second channels on which the AP generates the second network based at least in part on the performance profile and the spectral regrowth profiles. Furthermore, the method comprises enabling communications between a first set of devices on the first channels and enabling communications between a second set of devices on the second channels.

Abstract: A method includes determining whether a first access point of a plurality of access points and a second access point of the plurality of access points should communicate simultaneously over a shared channel in a first network and in response to determining that one of the plurality of access points won contention of a transmission opportunity for the shared channel, dividing the transmission opportunity into a plurality of time slots. The method also includes scheduling transmissions of the first and second access points into the plurality of time slots according to the determination whether the first and second access points should communicate simultaneously over the shared channel and communicating, to the second access point and over a wired network or a second network different from the first network, an indication of whether the second access point should communicate during a first time slot of the plurality of time slots.

Abstract: Systems, methods and computer-readable storage media are provided for determining critical flow characteristics and predicting the network resources to compute time-based p-routes that satisfy different SLAs. Critical flows within a set of nodes organized in a DODAG are monitored and assessed according to applicable SLAs and relevant networking KPIs to generate a forecast of the traffic flow and the overall SLAs for these critical flows. These overall SLAs, KPIs, and the generated forecast are used by a PCE associated with the network to compute p-routes through the set of nodes in the DODAG that satisfy the overall SLAs for the critical flows.

Abstract: In various implementations, a client device includes a dashboard rendering framework that processes a dashboard definition. A search query in the dashboard definition is associated with smart source tokens corresponding to lifecycle events of the search query being executed. A dynamic data source transmits the search query to retrieve field values and a token management system automatically sets the smart source tokens to be updated. As the search query is being executed, and the token management system receives updated data values and updates the smart source tokens. The dashboard rendering framework retrieves events with the applicable values for the smart source tokens and renders the dashboard according to the dashboard definition by substituting smart source tokens with the corresponding values. The dashboard rendering framework then updates one or more visualizations in real time as the token management system updates the smart source tokens in real-time.

Abstract: In one embodiment, a device obtains telemetry data associated with an online application accessible via a network. The device trains, based on the telemetry data, a machine learning model to determine whether a given address in the network is associated with the online application. The device uses the machine learning model to generate a listing of network addresses associated with the online application. The device provides the listing of network addresses for use by an application detection service in the network to determine that an initial packet of a traffic flow is associated with the online application based on a match between a destination address of that packet and a network address in the listing of network addresses.

Abstract: Various implementations of the present application set forth a computer-implemented method comprising obtaining, by a low-power hub device, a first set of data published by an edge device, where the low-power hub device subscribes to at least a subset of data published by the edge device, generating, by the low-power hub device, a second set of data from the first set of data by inputting the first set of data into a machine learning (ML) model executing on the low-power hub device, and transmitting the second set of data to a remote server computer system.

Abstract: In one embodiment, a device determines a criticality of each of a plurality of endpoints in a network, based on network telemetry data regarding the network. The device translates a plurality of anomaly detection models available for deployment to the network and their metadata into a set of adjustable resources. The device generates an anomaly detection deployment strategy for the network by selecting a set of one or more of the plurality of anomaly detection models for deployment to one or more execution points in the network, based on the criticality of each of the plurality of endpoints and on the set of adjustable resources. The device causes the set to be deployed to the one or more execution points in the network, in accordance with the anomaly detection deployment strategy.

Abstract: A system monitors a network or web application provided by one or more distributed applications and provides data for each and every method instance in an efficient low-cost manner. Agents may monitor the performance of the distributed application by the web services and report monitoring data as runtime data to the remote server, for example a controller. The controller may analyze the data to identify one or more performance issues or “hot spot” methods based on current or past performance, functionality, content, or business relevancy. Instructions and/or configuration information may be transmitted by the controller to the agents that correspond to a particular business transaction portion associated with a hot spot. The portions are then monitored to collect data associated with the hot spot and the hot spot data is reported back to the controller.

Abstract: Techniques for varying locations of virtual networks associated with endpoints using Network Address Translation (NAT), Mobile Internet Protocol (MIP), and/or other techniques in conjunction with Domain Name System (DNS). Rather than having DNS provide a client device with an IP address of an endpoint device, such as a server, the DNS instead returns a virtual IP (VIP) address that is mapped to the client device and the endpoint device. The VIP address may be selected based on a number of factors (e.g., power usage, privacy requirements, virtual distances, etc.). In this way, IP addresses of servers are obfuscated by a virtual network of VIP addresses that can be periodically rotated and/or load balanced. The client device may then communicate data packets to the server using the VIP address as the destination address, and a virtual network service that works in conjunction with DNS can convert the VIP address to the actual IP address of the server using NAT and forward the data packet onto the server.

Abstract: In Wi-Fi 8, backscatter devices (BKDs) may be viewed as part of the 802.11 wireless local area network (WLAN). BKDs in a WLAN have limited transmission interactions with a Wi-Fi access point (AP). Onboarding BKDs to the WLAN is described, which allows for the AP and BKD to participate as elements of the same local network, with security controls. The onboarding of the BKD to a WLAN may occur after discovery of the BKD at an AP and includes replacing an Initial Device Identifier (IDevID) on the BKD with a Local Device Identifier (LDevID) in order to provide for secure communications between the BKD and the WLAN.

Abstract: Techniques for automating traffic optimizations for egress traffic of an application orchestration system that is being sent over a network to a remote service. In examples, the techniques may include receiving, at a controller of the network, an egress traffic definition associated with egress traffic of an application hosted on the application orchestration system, the egress traffic definition indicating that the egress traffic is to be sent to the remote service. Based at least in part on the egress traffic definition, the controller may determine a networking path through the network or outside of the network that is optimized for sending the egress traffic to the remote service. The controller may also cause the egress traffic to be sent to the remote service via the optimized networking path.

Abstract: Embodiments are directed towards a system and method for a cloud-based front end that may abstract and enable access to the underlying cloud-hosted elements and objects that may be part of a multi-tenant application, such as a search application. Search objects may be employed to access indexed objects. An amount of indexed data accessible to a user may be based on an index storage limit selected by the user, such that data that exceeds the index storage limit may continue to be indexed. Also, one or more projects can be elastically scaled for a user to provide resources that may meet the specific needs of each project.