Abstract: A transmitted transport communication protocol (TCP) packet in an established TCP connection is intercepted and resent with a modified IP layer to determine network nodes within a network path. No new connection is required, and the data may be transmitted to its intended location as part of the existing connection, bypassing firewalls and other obstacles commonly affecting ping commands. The change to the IP layer may include a modified TTL value. Address location and response time may be determined for each node in a network path.

Abstract: Per-port performance optimization may be provided. First, performance data may be received corresponding to each of a plurality of ports. Then it may be determined that performance of at least one of the plurality of ports can be improved based on the received performance data corresponding to the least one of the plurality of ports. Next, in response to determining that the performance of the at least one of the plurality of ports can be improved, at least one of a plurality of components may be adjusted corresponding to the at least one of the plurality of ports to improve performance of the least one of the plurality of ports.

Abstract: A process for implementing temporary rules for network devices is described. In one embodiment, the process includes a controller receiving a manufacturer usage description (MUD) identifier from a first device. The controller retrieves a MUD file associated with the MUD identifier. The controller registers a device identifier associated with the first device with a delegated controller determined based on the MUD file. The delegated controller is configured to generate a dynamic policy for the first device. The controller receives a dynamic policy from the delegated controller for the first device. The dynamic policy may be configured to permit a communication session between the first device and a second device. The controller forwards the dynamic policy to an access control device in communication with the first device to enable the access control device to permit the communication session between the first device and the second device.

Abstract: A wireless network system that provides for seamless roaming of client devices is described. The wireless network system includes a plurality of access points. One access point is designated as the primary access point that is responsible for handling encrypted communication with the client device. The primary access point has access to the necessary encryption key(s) for encrypted communication. The primary access point receives broadcast updates from the other access points that includes connection scores. When a connection score for a second access point exceeds the connection score of the current primary access point, the current primary access point designates the second access point as the new primary access point and sends the new primary access point the encryption key(s) for encrypted communication. The handoff is seamless and does not require a new handshake between the new primary access point and the client device.

Abstract: In one embodiment, a system includes a processor, and a memory to store data used by the processor, wherein the processor is operative to detect a personalized content request or a personalized content capture attempt from at least one image of a video captured by a camera of a collaboration end-point during a collaboration event, visually identify a participant making the personalized content request or the personalized content capture attempt based on an image of the participant in the at least one image, and issue an instruction to send a content item or a link to the content item to a personalized collaboration space of the identified participant, the content item being a response to the personalized content request or the personalized content capture attempt. Related apparatus and methods are also described.

Abstract: Presented herein are priority route based techniques for mitigation of slow drain devices in a Fibre Channel (FC) fabric comprising a plurality of FC switches. In accordance with examples presented herein, a first FC switch in a FC fabric receives an indication that a first computing device attached to the FC fabric has entered a slow drain condition. The first FC switch is configured to prepare and install a priority route for packet flows directed to the first computing device.

Abstract: A method including: in a network element that includes one or more hardware memory resources of fixed storage capacity for storing data used to configure a plurality of networking features of the network element and a utilization management process running on the network element, the utilization management process performing operations including: obtaining a plurality of entries of the one or more hardware memory resources representing utilization of the one or more hardware memory resources by network traffic passing through the network element; sorting the plurality of entries of the one or more hardware memory resources by statistics associated with the network traffic passing through the network element to produce sorted entries; and sending the extracted to a network management application for display is disclosed. An apparatus and one or more non-transitory computer readable storage media to execute the method are also provided.

Abstract: In one embodiment, a device provides data indicative of a domain name system (DNS) query volume time series for a first network domain for display by an electronic display. The device receives a time series modification to the displayed time series. The device identifies one or more other network domains based on the received time series modification. The device provides data indicative of the identified one or more other network domains for display by the electronic display.

Abstract: In one embodiment, a segment routing and tunnel exchange provides packet forwarding efficiencies in a network, including providing an exchange between a segment routing domain and a packet tunnel domain. One application includes the segment routing and tunnel exchange interfacing segment routing packet forwarding (e.g., in a Evolved Packet Core (EPC) and/or 5-G user plane) and packet tunnel forwarding in access networks (e.g., replacing a portion of a tunnel between an access node and a user plane function for accessing a corresponding data network). In one embodiment, a network provides mobility services using a segment routing data plane that spans segment routing and tunnel exchange(s) and segment routing-enabled user plane functions. One embodiment uses the segment routing data plane without any modification to a (radio) access network (R)AN (e.g., Evolved NodeB, Next Generation NodeB) nor to user equipment (e.g., any end user device).

Abstract: In one embodiment, a process determines how often client devices roam from a given access point (AP) to each particular neighbor AP of a plurality of neighbor APs of the given AP, and correspondingly determines a roaming distance from the given AP to each particular neighbor AP, the roaming distance being shorter for neighbor APs roamed to more often, and longer for neighbor APs roamed to less often, within a given interval. Successful but temporary roams to the plurality of neighbor APs may also be detected and removed from consideration in the roaming distance to that particular neighbor AP. The process then generates a proximity list of one or more of the neighboring APs having the shortest roaming distances, and feeds the proximity list to the given AP to cause the given AP to provide the proximity list to client devices for optimized client roaming.

Abstract: A plurality of pages of code executing via a container host operating system are monitored. The plurality of pages of code include pages of code from a plurality of container applications configured to utilize the container host operating system. A determination is made that a page of code of the plurality of pages of code violates a security policy configured to apply security within the container host operating system. A container application of the plurality of container applications is identified as a source of the page of code of the plurality of pages of code. The security policy is applied to the container application of the plurality of container applications in response to identifying the container application of the plurality of container applications as the source of the page of code.

Abstract: Methods and systems are provided for link health forecasting to determine potential link failures such that remedial action may be taken prior to any data loss or degradation. DDM/DOM information may be used in conjunction with OAM protocols to monitor and predict link health degradation for faster failovers or self healing.

Abstract: A method is provided in one example embodiment and includes receiving a data packet transported on a backhaul link at a first network element; de-capsulating the data packet; identifying whether the data packet is an upstream data packet; identifying whether the data packet matches an internet protocol (IP) access control list (ACL) or a tunnel endpoint identifier; and offloading the data packet from the backhaul link. In more specific embodiment, the method can include identifying that the data packet does not match the IP ACL or the tunnel endpoint identifier; and communicating the data packet to a second network element. In other examples, the method can include identifying that the data packet is a downstream data packet; identifying a service to be performed for the data packet that cannot be performed at the first network element; and communicating the data packet to a second network element.

Abstract: Techniques are provided for implementing clustering services in a virtual data center or other virtualized infrastructure in a manner that allows packets to be directed to a particular service engine of a service engine cluster.

Abstract: A process executing on a network connected device provides distinct Internet Protocol addresses to a plurality of workload applications. The process determines that a first of the plurality of workload applications will not be providing in-situ Operations, Administration and Management (iOAM) data in packets processed by the first of the plurality of workload applications. The process receives a packet processed by the first of the plurality of workload applications. The process inserts iOAM data for the first of the plurality of workload applications into the packet.

Abstract: In one embodiment, an operating system (on a computer device in a network of computer devices) interfaces with a distributed graph database that is distributed across the network of computer devices, and executes an application that has one or more parent data constructs that reference one or more child objects within the distributed graph database. Specifically, the one or more child objects each have a location-independent object identifier (OID) having at least: a) an OID-identifier (OID-ID) assigned upon creation to each particular child object by a data source of the location-independent OID; b) an OID-source structure that uniquely identifies the data source of the location-independent OID within the network of computer devices; and c) an OID-pointer indicative of a relative location of the particular child object in a memory mapped region. Accordingly, the operating system accesses the child objects (e.g., for an application) based on the location-independent OID.

Abstract: In one embodiment, a device determines that location accuracy performance of an indoor positioning system deployment is below a predefined threshold. The device obtains characteristic data for the indoor positioning system deployment. The device identifies, by using the characteristic data as input to a machine learning model, one or more contributing factors from the characteristic data for the location accuracy performance of the indoor positioning system deployment being below the predefined threshold. The device initiates a remediation action based on the identified one or more contributing factors for the location accuracy performance of the indoor positioning system deployment being below the predefined threshold.

Abstract: Embodiments herein describe a fog drone that selects, organizes, monitors, and controls a plurality of drones in a fleet. The fog drone receives a job to be completed from a dispatcher and identifies the resources for accomplishing the job such as the amount of material (e.g., fiber optic cable) or the type of drones (e.g., drones with RF antennas or digging implements) needed to execute the job. Using the identified resources, the fog drone estimates the number of drones needed to complete the job and can recruit available drones to form the fleet. Once the fleet is formed, the fog drone determines a number of drones to place on standby to replace active drones if those drones need to recharge or malfunction.

Abstract: An interface for communicating the status of a distributed business transaction using widgets is provided. The widgets may be dynamically identified and automatically created such that they are useful and of interest to a user of the dashboard. The location of the widgets within the dashboard may be dynamically positioned such that the most important widgets are provided to preferred locations for particular user.

Abstract: Elastic capacity management of remote physical layer (R-PHY) nodes with a cloud Cable Modem Termination System (cCMTS) may be provided. First, a cCMTS instance may be spawned by an orchestrator. Next, the cCMTS instance may be synchronized with states of a physical Cable Modem Termination System (pCMTS). Underlay routing may then be configured between a plurality of remote physical layer (R-PHY) nodes and the cCMTS instance. Then a plurality of R-PHY node connections respectively corresponding to the plurality of R-PHY nodes may be switched from the pCMTS to the cCMTS instance.