Abstract: Technology related to managing network services using multipath protocols is disclosed. In one example, a method includes intercepting a multipath protocol request from a requesting host for a connection to a service. The multipath protocol request is intercepted by an intermediary server. A target host different than the intermediary server can be selected to provide the service. A multipath protocol packet can be sent from the intermediary server to the requesting host. The multipath protocol packet can add a subflow of the connection using an address of the target host. The subflow can enable a path between the requesting host and the target host that does not traverse the intermediary server.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with allocating a traffic load through heterogenous topology of a network includes extracting a header of each of a plurality of received packets of a traffic flow. Each of the headers comprises fields. Next, the network traffic manager apparatus executes a hashing function over the fields of each of the headers, applies a load balancing function to determine one of a plurality of endpoints to send each of the received packets based on one or more endpoint characteristics, and maps the index for each corresponding one of the received packets to the corresponding selected one of the endpoints. The received packets are not evenly divided among the plurality of endpoints. Lastly, the network traffic manager apparatus sends the received packets selected endpoint based on the mapping from the load balancing policy.

Abstract: Technology related to near-realtime O-Cloud optimization requirements by extending O-Cloud Near-RT and Non-RT functionality. In one example, a method includes receiving, via an interface between the O-Cloud orchestrator and the near-realtime RAN intelligent controller, policies related to O-Cloud workload optimization. It further includes determining, one or more policy scenarios have occurred. Then transmitting, from the near-realtime RAN intelligent controller to the O-Cloud, instructions for one or more corrective actions. The method further includes executing, via one or more XApps on the O-Cloud, one or more corrective actions consistent with the received instructions. Finally, transmitting, from the one or more Xapps on the O-Cloud, confirmation of the execution of the one or more corrective actions.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems includes receiving a plurality of network packets. Metadata comprising state information for the received plurality of network packets is generated. The generated metadata is inserted into the received plurality of network packets or a cloned version of the plurality of network packets. A network diagnostic operation is performed on the received plurality of network packets based on the inserted metadata into the received plurality of network packets or the cloned version of the plurality of network packets.

Abstract: A method, non-transitory computer readable medium, and device that assists with improving web scanner accuracy includes receiving a sitemap document associated with a webpage from an application security manager apparatus. The received sitemap document associated with the webpage is scanned. Next, one or more vulnerabilities are identified in the scanned sitemap associated with the webpage. A report including the identified one or more vulnerabilities is provided.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with providing adaptive authentication for federated environment includes receiving a request to access an application from a client. Next, one of a plurality of web application servers in which the requested application is executing is identified and data associated with the requesting client is obtained. An authentication request comprising an index based on the identified web application server and the obtained client data is generated. The requesting client using the generated authentication request including the index is authenticated.

Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems include inspecting a plurality of incoming packets to obtain packet header data for each of the incoming packets. The packet header data is filtered using one or more filtering criteria. At least one of a plurality of optimized DMA behavior mechanisms for each of the incoming packets are selected based on associating the filtered header data for each of the incoming packets with stored profile data. The incoming packets are disaggregated based on the corresponding selected one of the optimized DMA behavior mechanisms.

Abstract: A method, non-transitory computer readable medium and device that assists with managing L7 network classification includes receiving a request to access a service by a mobile computing device. Next, application layer network traffic from the requesting mobile computing device is classified based on mobile data associated with the requesting mobile computing device. One or more actions are performed based on the classification.

Abstract: Technology related to a network application firewall is disclosed. In one example, a method includes intercepting a response from a network application and destined for a client. The response can be associated with a user identifier. A modified response can be forwarded to the client. The modified response can include a honeytrap embedded within the intercepted response. Engagement with the honeytrap can be detected in a subsequent request to the network application. In response to detecting the engagement with the honeytrap, an indication that the user identifier is malicious can be stored.

Abstract: A method for multi-source cloud-infrastructure vulnerability management includes receiving cloud-element information related to a cloud-based element in a cloud environment. The method also includes receiving first vulnerability information from a first vulnerability source and receiving second vulnerability information from a second vulnerability source. Cloud-element context information is also received about the cloud-based element from the cloud environment. A multiple-source vulnerability database is then generated from both the first vulnerability information and from the second vulnerability information. The cloud-element information and the cloud-element context information are then evaluated using the multiple-source vulnerability database to generate a vulnerability assessment.

Abstract: A method, non-transitory computer readable medium, and device for analyzing network traffic and enforcing network policies includes analyzing network traffic data based on one or more network traffic rules. An attack on the network such as a current or predicted attack is determined based on the analysis. Next, one or more policy changes to a plurality of existing network policies are identified when the current or predicted attack on the network is determined to be present. The identified one or more policy changes are enforced on one or more client computing devices causing the determined current or the predicted attack on the network.

Abstract: Methods, non-transitory computer readable media, network traffic management apparatuses, and network traffic management systems that identify when a domain name identifier in a received request matches one of a plurality of domain names stored in a whitelist domain name storage. When the identification indicates the received domain name identifier fails to match one of the plurality of domain names stored in the whitelist domain name storage, then a determination is made on whether the received request is a suspicious request. Another storage is updated when the determination indicates the received request is the suspicious request or otherwise updating the received request as a valid request.

Abstract: Technology related to processing network packets in a subscriber-aware manner is disclosed. In one example, a method includes selecting one or more subscribers to move from a first network processing node to a second network processing node. In response to the selection, subscriber data associated with the one or more subscribers can be programmed at the second network processing node. After the subscriber data associated with the one or more subscribers is programmed on the second network processing node, a software defined network (SDN) switch can be reprogrammed to forward network traffic having network addresses associated with the one or more subscribers to the second network processing node instead of the first network processing node.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with mitigating DDoS attack using a hardware device includes determining when a received network packet in an established connection between a client and a destination server includes a connection identifier cookie. A connection validation cookie is generated based on at least data in the received network packet, when the determination indicates the received network packet includes the connection identifier cookie. The connection identifier cookie is compared against the generated connection validation cookie. The received network packet is dropped when the comparison indicates the connection validation cookie fails to match the connection identifier cookie.

Abstract: Technology related to multi-device authentication is disclosed. In one example, a method can include receiving a request from a requesting client device to access a secured server. A command can be sent to an authenticating device to capture environmental information in proximity to the authenticating device. The captured environmental information can be used to verify the requesting client device and the authenticating device are near each other. The received request can be forwarded to the secured server in response to verifying the requesting client device and the authenticating device are near each other.

Abstract: Technology related to managing network traffic with sensitive data is disclosed. In one example, a method can include performing a cryptographic transformation of sensitive data of a request from a requestor for a resource. A portion of the cryptographic transformation of the sensitive data of the request can be transmitted to a sensitive data server. One or more possible matches to the cryptographic transformation of the sensitive data of the request can be received from the sensitive data server. A match to the cryptographic transformation can be identified within the one of the one or more possible matches. In response to identifying the match, an access policy for the requestor or the resource can be changed.

Abstract: A method, non-transitory computer readable medium and device that assists with preventing distributed denial of service attack includes receiving a request for a web resource from a client computing device. The received requested for the web resource is determined for presence of referrer header information. When the received request is determined to include the referrer header information, then the referrer header information is checked whether it includes a known domain and a valid cookie associated with the known domain. A distributed denial of service attack is prevented by providing a proactive challenge to the requesting client computing device when received request for the web resource does not include the referrer header information or when the referrer header information comprises the known domain and does not include the valid cookie.

Abstract: Technology related to scheduling services on a platform including configurable computing resources is disclosed. In one example, a method includes scheduling a service to execute on a first computing node based on an availability of general-purpose computing resources at the first computing node. The first computing node can be selected from a plurality of computing nodes. Network traffic transiting the first computing node can be analyzed during the execution of the service to determine a hardware accelerator of a second computing node is capable of assisting the execution of the service. The service can be scheduled to execute on the second computing node and the hardware accelerator of the second computing node can be used to assist with the execution of the service.

Abstract: Methods, non-transitory computer readable media, workload management devices, and network traffic management systems that optimize systems with idempotent workloads are illustrated. With this technology, an identification is made when a status indicates a jobs is deferred. A determination is then made when the job is preempted based on a type of the job, when the identification indicates the job is deferred and the type and an identifier of the job matches another job. Another status is adjusted to indicate the other job is deferred. The status is then modified to indicate that the job is preempted, or the job is removed, when the determination indicates the job is preempted. Accordingly, jobs are selectively preempted, such as based on idempotency of the associated workload, to achieve intended consistent states for objects faster, with increased reliability, and with reduced overhead.

Abstract: Methods, non-transitory computer readable media, and network traffic manager apparatus that assists with protecting a CPU during a DDOS attack includes monitoring network traffic data from plurality of client devices. Each of the plurality of client devices are classified as a valid device or a potential attacker device based on the monitoring. Next a determination of when CPU utilization of a network traffic manager apparatus is greater than a stored threshold value is made. The CPU utilization of the network traffic manager increases as a number of the plurality of client devices classified as the potential attacker device increases. One or more network actions are performed on the plurality of client devices classified as the potential attacker device to protect the CPU when the determination indicates the CPU utilization is greater than the stored threshold value.