Abstract: This disclosure describes techniques for setting and/or adjusting a security policy associated with a device based on the physical locations of endpoint devices exchanging data with the device. An example method includes performing, at a first time, a first authentication of a first device connecting to a service; determining addresses of second devices exchanging data with the first device; determining physical locations of the second devices based on the addresses; and defining a reauthentication interval based on the physical locations of the second devices. At a second time that is after the first time by the reauthentication interval, the example method further includes disconnecting the first device from the service; and based on disconnecting the first device from the service, triggering a second authentication of the first device.

Abstract: In one embodiment, an apparatus includes a first member, a second member configured for coupling with the first member, an authentication module integrated into one of the first or second member, and a locking device operable to lock the second member to the first member, and unlock the second member from the first member upon receiving input from the authentication module. The authentication module is operable to authenticate an unlock request received from an external source.

Abstract: In one embodiment, a service chain data packet is instrumented as it is communicated among network nodes in a network providing service-level and/or networking operations visibility. The service chain data packet includes a particular header identifying a service group defining one or more service functions, and is a data packet and not a probe packet. A network node adds networking and/or service-layer operations data to the particular service chain data packet, such as, but not limited to, in the particular header. Such networking operations data includes a performance metric or attribute related to the transport of the particular service chain packet in the network. Such service-layer operations data includes a performance metric or attribute related to the service-level processing of the particular service chain data packet in the network.

Abstract: Embodiments include a photonic device with a compensation structure. The photonic device includes a waveguide with a refractive index which changes according to the thermo-optic effect as a temperature of the photonic device fluctuates. The compensation structure is positioned on the photonic device to counteract or otherwise alter the thermo-optic effect on the refractive index of the waveguide in order to prevent malfunctions of the photonic device.

Abstract: Automated activation of unsolicited probe responses may be provided. Probe traffic data may be received. Then, based on the probe traffic data, a plurality of probe traffic cost metrics may be determined. Each one of the plurality of probe traffic cost metrics may be respectively associated with a plurality of Unsolicited Probe Response (UPR) modes. An Access Point (AP) may then be operated in a one of the plurality of UPR modes that has a respective probe traffic cost metric that indicates a lowest probe traffic cost of the plurality of probe traffic cost metrics.

Abstract: Disclosed are systems and methods for providing policy selection in a software defined network. An example method includes registering, by an enterprise controller on an enterprise domain, in a shared mapping system on a service provider domain, one or more entries specifying one or more services for one or more classes of traffic to yield registered entries, reading, by a service provider controller, from the shared mapping system, the registered entries, posting, by the service provider controller, the one or more entries to one or more routing tables at a software-defined wide area network of the service provider domain and receiving a request, by a mobile node on the enterprise domain, of a specific service for a particular class of packets according to a classification of the particular class of packets based on a particular label defined in the registered entries for the specific service.

Abstract: Techniques for automating the provisioning, configuring, and onboarding of network devices into a cloud management platform. The cloud management platform can be used to manage network devices that are provisioned in on-premise environments, cloud environments, and/or hybrid environments. However, it can be a cumbersome and error-prone process for a user to manually configure each of the network devices with connectivity settings needed to be managed by the cloud management platform. The techniques described herein provide an automated process to distribute connectivity information to the network devices to allow them to be managed by the cloud management platform. Once connected to the cloud management platform, the techniques described herein further include automating the process for attaching the network devices with the appropriate user account registered with the cloud management platform.

Abstract: In one embodiment, a method includes determining, by a router, a common prefix pool from a transport interface associated with a transport virtual private network (VPN). The method also includes identifying, by the router, a prefix associated with a service VPN and generating, by the router, an IPv6-to-IPv6 Network Address Translation (NAT66) prefix translation using the common prefix pool and the prefix. The NAT66 prefix translation includes a predetermined prefix length. The method further includes automatically installing, by the router, the NAT66 prefix translation into a translation table.

Abstract: A first connection is established between a meeting server and a first endpoint device associated with a user. At least one multimedia stream for an online collaborative session is provided from the meeting server to the first endpoint device. The meeting server obtains an indication that a first strength of a first short-range wireless communication connection between an audio device and the first endpoint device is less than a second strength of a second short-range wireless communication connection between the audio device and a second endpoint device associated with the user. A second connection is established between the meeting server and the second endpoint device. The at least one multimedia stream is provided from the meeting server to the second endpoint device via the second connection in response to obtaining the indication.

Abstract: A method includes, at a media bridge configured to distribute a plurality of media streams among a plurality of client devices connected to the media bridge over a network, receiving the plurality of media streams from the plurality of client devices via the media bridge. The media bridge connects the plurality of client devices. The method further includes assigning a pair of names for each of the plurality of media streams. The pair of names include a contribution name and a distribution name. The method further includes presenting a first list to the plurality of client devices. The first list including a plurality of the distribution names for the plurality of media streams received from the plurality of client devices. The method further includes providing an indication of a current active speaker within the plurality of media streams via a signaling process.

Abstract: Energy-aware configurations can be utilized to operate a network based on sustainability-related metrics. In many embodiments, a suitable device includes a processor, a memory commutatively coupled to the processor, a plurality of elements, a communication port, and an energy-aware topology logic configured to collect topology data from one or more network devices, wherein each of the one or more network devices include a plurality of elements. The energy-aware topology logic can receive power source data and power usage data related to plurality of elements and generate an element energy coefficient (EEC) for a plurality of elements. Subsequently, the energy-aware topology logic can also generate an energy-aware configuration for at least one of the one or more network devices, and then pass the generated energy-aware configuration to the at least one network device, wherein the energy-aware configuration is configured to steer traffic based on at least one sustainability-related metric.

Abstract: The present technology provides a system and method for implementing targeted collection of in-situ Operation, Administration and Maintenance data from select nodes in a Segment Routing Domain. The selection is programmable and is implemented by setting an iOAM bit in the function arguments field of a Segment Identifier. In this way only the nodes associated with local Segment Identifiers (Function field of a Segment Identifier) with an iOAM argument bit are directed to generate iOAM data. The iOAM data generated by target nodes may be stored in TLV field of the segment routing header. The Segment Routing packet is then decapsulated at a Segment Routing egress node and the Header information with the collected iOAM data is sent to a controller entity for further processing, analysis and/or monitoring.

Abstract: In one embodiment, a device identifies a potential change in user experience of an online application. The device selects, based on the potential change in user experience, a set of one or more users of the online application. The device obtains, from the set of one or more users of the online application, feedback regarding their experience with the online application. The device uses the feedback obtained from the set of one or more users of the online application to make a routing decision in a network regarding traffic of the online application.

Abstract: In one embodiment, a device obtains page load information corresponding to a loaded web application. The device detects, based on the page load information, an anomalous feature of the loaded web application. The device identifies a type of the anomalous feature based on a number of resource anomalies within the loaded web application, wherein the type of the anomalous feature is selected from a group consisting of: a page anomaly; a resource anomaly; and a domain anomaly. The device performs one or more mitigation actions according to the type of the anomalous feature.

Abstract: In one embodiment, a method by an apparatus of a Border Gateway Protocol (BGP) network includes accessing an attestation token for the apparatus. The method further includes encoding the attestation token in a BGP signaling message. The method further includes sending the BGP signaling message with the encoded attestation token to a second apparatus of the BGP network.

Abstract: A receiver is provided that includes a plurality of sub-rate receiver lanes each of which is configured to receive an analog receive signal from an analog front-end and produce digital sub-rate receiver data. The receiver includes one or more first digital-to-analog converters (DACs) (also referred to herein as “average” DACs) shared across the plurality of sub-rate receiver lanes, and one or more second DACs (also referred to herein as “mismatch cancellation” DACs) for each sub-rate receiver lane of the plurality of sub-rate receiver lanes. The one or more second DACs of a respective sub-rate receiver lane provide output to be combined with an output of a corresponding one of the one or more first DACs during processing of the analog receive signal in the respective sub-rate receiver lane to account for a sub-rate receiver lane specific offset with respect to a corresponding one of the one or more first DACs.

Abstract: Disclosed are methods, systems and non-transitory computer readable mediums for estimating bandwidth over packet data networks, for example, 5G networks. The methods, systems and non-transitory computer readable mediums can include modifying a buffer status report (e.g., via application programming interface) and reporting, to an eNodeB, the modified buffer status report. The methods, systems and non-transitory computer readable mediums can also include calculating the required throughput to satisfying transmitting a data amount stored at a regular buffer, receiving, from the eNodeB, uplink grants and transmitting, data from the regular buffer.

Abstract: A method includes receiving, at a home controller of a home domain and from a first device in the home domain, a first message concerning a user device that is anchored to the home domain and that has roamed from the home domain to a visitor domain. The method also includes, in response to determining that the first device is a router, opening a tunnel between the home controller and a visitor controller of the visitor domain and communicating the first message to the user device through the tunnel. The method further includes receiving, at the home controller and from a second device in the home domain, a second message concerning the user device and in response to determining that the second device is not a router, communicating, to the second device, a proxy response to the second message.

Abstract: In one embodiment, a management service for a network that is executed by one or more devices establishes a trust relationship with an entity associated with an endpoint in the network. The management service receives, via a Manufacturer Usage Description (MUD) file for the endpoint, an indication that the entity desires remote access to the endpoint in the network. The management service configures, based on the indication, the network to provide a remote access connection between the entity and the endpoint in the network. The management service provides, to the entity, credentials to the entity for the remote access connection.

Abstract: Techniques are described herein for network sliced based billing. In one example, a control center obtains, from a charging system, a charging data record that includes an indication of a network slice associated with a chargeable telecommunications event. Based on the indication of the network slice, the control center identifies a charging rate for the chargeable telecommunications event and applies the charging rate to the chargeable telecommunications event.