Abstract: A method and system for managing resources of a computer network may be provided. A first request to detect a first event in a computer network may be received. A first element of the first event may be detected at a first computing resource of the computer network. After detecting the first element of the first event at the first computing resource, a second computing resource of the computer network may be determined. First data corresponding to the first event from the first computing resource may be provided to the second computing resource. A second element of the first event may be detected at the second computing resource.

Abstract: Systems, methods, and computer-readable media are provided for on-boarding network devices onto a private 5G network. An example method can include discovering a first private 5G network upon the network device being turned on, authenticating, at the network device, the network device, downloading a second network profile from an SM-DP+ server of a second private 5G network, and on-boarding the network device to the second private 5G network.

Abstract: In one aspect, the present disclosure is directed to a method that includes receiving, at an edge component of a cloud-based secure access service, a corresponding access designation for each of a plurality of endpoints, each access designation specifying a type of access a corresponding endpoint has to remaining ones of the plurality of endpoints and other accessible network resources; based on the corresponding access designation of each of the plurality of endpoints, updating a routing table at the edge component, to include routing information for a subset of the plurality of endpoints having access to at least one other endpoint of the plurality of endpoints or to the other accessible network resources; and enabling routing of network traffic, via the cloud-based secure access service, between any number of the plurality of endpoints based at least in part on the routing table.

Abstract: According to certain embodiments, a method by a network device includes receiving a handshake message for a traffic flow from a Software-Defined Wide-Area Network (SDWAN) and determining, from a traffic policy, whether the traffic flow should be symmetrical. In response to determining from the traffic policy that the traffic flow should be symmetrical, the method further includes performing a flow lookup on the traffic flow to determine if the network device originated the traffic flow. In response to determining that the network device did not originate the traffic flow, the method further includes determining a second network device that originated the traffic flow and sending the handshake message for the traffic flow to the second network device in order to maintain symmetry for the traffic flow.

Abstract: The present technology is directed to signaling unreachability of a network device, more specifically, a prefix of the network device in network that utilizes route summarization. A pulse trigger agent can detect an unreachability of at least one Provider Edge (PE) device in a network domain of a network and determine that a route summarization is being used within the network where the unreachability of the at least one PE device is hidden by the route summarization. A pulse distribution agent can transmit a failure message informing other PE devices of the unreachability of the at least one PE device.

Abstract: A method may include receiving monitoring data including a first monitoring event, a second monitoring event, and a third monitoring event associated with a computing system. The method may further include may determining, by a first predictive model, that the first and the second monitoring events are security-related while the third monitoring event is not security-related, a first feature set for the first monitoring event, and a second feature set for the second monitoring event. The method may further include determining, by a second predictive model, that the first and second feature sets relate to a first threat, and a third feature set that is associated with the first threat. The method may further include determining whether to perform an incident response action based on the third feature set.

Abstract: A method may include receiving, by a processor, first monitoring data from a first monitoring component and second monitoring data from a second monitoring component. The method may further include determining, by the processor, that the first monitoring data represents a first activity pattern of a computing entity in a first period. The method may further include determining, by the processor, that the second monitoring data represents a second activity pattern of the computing entity in the first period. The method may further include determining, by the processor, first feedback data based on the first monitoring data. The method may further include determining, by the processor, second feedback data based on the second monitoring data. The method may further include providing, by the processor, the first feedback data to the second monitoring component and the second feedback data to the first monitoring component.

Abstract: A selection of a Pairwise Master Key (PMK) caching method in a wireless deployment may be provided. One or more PMK caching methods that are supported by a wireless infrastructure may be advertised. A selection of a PMK caching method based on the advertised one or more PMK caching methods may be received from a first station. The first station may be authenticated in the wireless infrastructure. In response to authenticating, a PMK entry in a cache store associated with the PMK caching method may be created for the first station based on the selection.

Abstract: Disclosed is an apparatus, including an isolator wavelength division multiplexer (IWDM). A signal-fiber is optically coupled to a first side of the WDM-Isolator core. The signal-fiber is configured to propagate signal light. A pump-fiber defines an expanded tip optically coupled to the WDM-Isolator core. The pump-fiber is configured to propagate pump light. A common-fiber is optically coupled to the WDM-Isolator core. The common-fiber is configured to propagate a combination of the signal light and the pump light. The WDM-Isolator core is configured to transmit the signal light to the common-fiber and to reflect the pump light into the common-fiber.

Abstract: Energy savings through adjustment of link speed may be provided. A utilization of a port may be monitored. The port may be configured to run at a plurality of speeds. Based on monitoring the utilization of the port, it may be determined that the utilization of the port has dropped, for a first predetermined time period, below a supported speed lower than a current port speed. Energy consumed by the port may be lowered, in response to determining that the utilization of the port has dropped, for the first predetermined time period, below a supported speed lower than the current port speed. Lowering the energy consumed by the port may comprise re-configuring the port to run at a second speed comprising a supported speed below the current speed. When the utilization of the port exceeds a predefined threshold over a second predetermined time period, the port speed may be increased.

Abstract: This disclosure describes techniques for mapping local device identifiers used in monitoring data from different sources to a common global identifier to enable correlation of monitoring events related to the same device. The techniques can be used in the context of an Extended Detection and Response (XDR) system architecture for advanced threat detection and response in a computer system. In some cases, the XDR system ingests security data from various monitoring components like Endpoint Detection and Response (EDR), Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), firewall engines, and email security systems.

Abstract: This disclosure describes techniques for mapping local device identifiers used in monitoring data from different sources to a common global identifier to enable correlation of monitoring events related to the same device. The techniques can be used in the context of an Extended Detection and Response (XDR) system architecture for advanced threat detection and response in a computer system. In some cases, the XDR system ingests security data from various monitoring components like Endpoint Detection and Response (EDR), Intrusion Detection Systems (IDSs), Intrusion Prevention Systems (IPSs), firewall engines, and email security systems.

Abstract: Technologies for systems, methods and computer-readable storage media for solving complex distributed congestion in a 5G network by using traffic engineering data to redirect sessions. Specifically, involving anchoring a network node to a User Plane (UP) entity based on traffic engineering data and subscribing to traffic engineering data associated with requested parameters to push particular policies and/or select alternate application functions to correct congestion.

Abstract: The present disclosure is directed to a centralized control policy for multicast replicator selection.

Abstract: Embodiments herein describe preventing a pluggable module from connecting to a chassis until ensuring there is no damage on the pluggable module, the chassis, or both. In one embodiment, the chassis includes a blocking element that prevents or blocks the pluggable module from mating with the chassis. The chassis can also include a camera for capturing an image of the pluggable module to determine whether there is damage to its connection elements (e.g., pins). If not, the chassis can release the locking pin to permit the pluggable module to mate with connection elements on the chassis.

Abstract: In one embodiment, an apparatus comprises an input power interface for receiving input power, a power control system for transmitting DC (Direct Current) pulse power on multiple phases over a cable to a plurality of powered devices and verifying cable operation during an off-time of pulses in the DC pulse power, and a cable interface for delivery of the DC pulse power on the multiple phases and data over the cable to the powered devices. A method for transmitting multiple phase pulse power is also disclosed herein.

Abstract: Presented herein are techniques to conserve power by network devices in a software define wide area network (SDWAN). A method includes monitoring operations of a software defined wide area network including a network device in the software defined wide area network, based on results of the monitoring, generating a usage model for the network device, determining, based on the usage model, a power management scheme for a multi-core network processing unit operating on the network device, and causing the multi-core network processing unit operating on the network device to execute the power management scheme.

Abstract: Systems and methods are described herein for logging system events within an electronic machine using an event log structured as a collection of tree-like cause and effect graphs. An event to be logged may be received. A new event node may be created within the event log for the received event. One or more existing event nodes within the event log may be identified as having possibly caused the received event. One or more causal links may be created within the event log between the new event node and the one or more identified existing event nodes. The new event node may be stored as an unattached root node in response to not identifying an existing event node that may have caused the received event.

Abstract: In one embodiment, a service that monitors a network obtains file characteristic data of a file stored on a first endpoint in the network. The service infers characteristics of encrypted content within encrypted traffic in the network between the first endpoint and a second endpoint, by applying a machine learning-based classifier to traffic data regarding the encrypted traffic session. The service compares the file characteristic data of the file to the inferred content characteristics of the encrypted content within the encrypted traffic, to detect the file within the encrypted traffic. The service enforces a network policy in the network, based on the detection of the file within the encrypted traffic.

Abstract: Techniques are described for storing and processing network data for responding to queries for such network data. Operational network data is separated from configuration network data so that they can be processed and stored separately. A sliding window cache is used to continually, temporarily store network data objects having time stamps falling within the time range of the sliding window cache. Network data objects stored within the sliding window cache are then moved to computer memory for storage and later retrieval. In response to a query for network data, network data objects can be retrieved from the sliding window cache and also from the computer memory based on time stamps of the network data objects and on the time range of the query.