Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that optimizes routing of a message are disclosed. The method includes obtaining a message comprising a header, wherein the header has a parameter with a value indicating one of a plurality of transmission priorities for the message. Based on the value in the parameter within the header, the method further includes identifying the one of the transmission priorities for the message. Based on the identified transmission priority of the message, the method further includes determining a target network entity for the message. The method further includes transmitting the message to the target network entity.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with generating insights with TLS parameters includes receiving a request from a client for establishing a TLS connection to a server. In some examples, the request comprises parameters for the TLS connection. Next, the network traffic manager apparatus determines an identity of the client based on the TLS parameters in the request unique to the client and executes an action based on the TLS parameters which alters a handling of the request.

Abstract: Methods, network traffic management devices, non-transitory computer readable media, and network traffic management systems that identify a device user based on a user-related metrics analysis include retrieving, in response to a received request requiring identification of a user at a client, user profile data associated with a user. A user confidence score is calculated based on a determined baseline user profile score for the user based on prior values associated with metrics in categories obtained from the retrieved user profile data and a determined current user profile score for the user based on current values associated with metrics in categories obtained from the retrieved user profile data. The calculated user confidence score is compared against a stored threshold range comprising minimum and maximum threshold scores. An action with respect to the user is executed in response to the request based on the comparison.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with generating client-executable actions with TLS parameters includes receiving a request from a client for establishing a TLS connection to a server, wherein the request comprises TLS parameters for the TLS connection. An identity of the client is determined based on the TLS parameters in the request unique to the client. A recommended client-executable action is generated based on the TLS parameters. The recommended client-executable action is an adjustment of a characteristic of a system of the client. The recommended client-executable action is transmitted to the client.

Abstract: Methods, non-transitory computer readable media, network traffic management devices and network traffic management systems that provide protection of 5G core networks are illustrated. With this technology, the user plane status can be received from a network repository function indicating whether a user plane restarted. Then the system can determine whether an amount of error messages flowing from the user plane to a gNodeB for a source exceeds a predetermined threshold. In response to determining the amount of error messages exceeds a predetermined threshold and determining that the user plane was not restarted, all messages flowing to the gNodeB for the source can be blocked. Lastly, in response to determining the amount of echo messages from the user plane to the gNodeB is below a second predetermined threshold and that the user plane did not restart, the source can be stored as a bad actor.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with selectively routing packets includes receiving a domain name system request from a client. The domain name system request can comprise a configuration for registration of an adapter and then, based on the configuration of the domain name system request, a server can be determined to send the domain name system request. The configuration can comprise an adapter type and the server is determined at least in part based on the adapter type of the configuration. Then the domain name system request can be transmitted to the determined server.

Abstract: Technology related to application deployment across network devices including smart network interface cards. In one example, a method includes distributing an application across a plurality of locally connected computing subdomains. The subdomains can include a mixture of general and special purpose computing subdomains, such as for example, a main computer and an associated smart network interface devices or systems, such as for example a smart network interface card (NIC). The subdomains can each run hypervisors that are bridged to allow a single virtual machine to operate across the subdomains. The application can include multiple portions. For example, an application can be split by different functionalities. The application portions can be tagged to indicate which subdomain they are to be executed within. If the chosen subdomain has available the requisite resources, the application can be detached and distributed to the chosen subdomain.

Abstract: A cloud-based operating-system-event and data-access monitoring method includes collecting event information from a monitored cloud-based element. One or more structured event payloads based on the event information is then generated. The structured event payloads that produce one or more validated event collections are then validated. The one or more validated event collections are then serialized and filtered to remove redundant structured event payload data. The filtered validated structured event payloads are then de-serialized to produce a time-sequenced, ordered event stream. The time-sequenced, ordered event stream is de-duplicated to remove duplicate structured event payloads. The time-sequenced ordered event stream is then processed to generate processed information security results.

Abstract: Technology related to orchestrating a configuration of a programmable accelerator is disclosed. In one example, a method includes executing a service within a container runtime. The service can include a software application and an orchestrator application, where the orchestrator application is adapted to configure a programmable hardware accelerator and the software application adapted to interoperate with the programmable hardware accelerator. The orchestrator application, executing within the container runtime, can be used to retrieve a system image from a file repository. The system image can include configuration data for the programmable hardware accelerator. The orchestrator application, executing within the container runtime, can be used to configure the programmable hardware accelerator.

Abstract: Methods, non-transitory computer readable media, attack mitigation apparatuses, and network security systems that improve network security for web applications are illustrated. With this technology, a web application resource associated with a protected web application is obtained from a server following receipt of a request for the web application resource from a client. A determination is made when the client is suspicious, and when the determination indicates the client is suspicious. The web application resource is modified by injecting a honeypot into source code of the resource. The honeypot comprises a conviction trap that can be engaged by the client. The modified web application resource is then sent to the client in a response to the request for the web application resource. Subsequently the client can be convicted as malicious if it is determined that the honeypot is engaged, thereby providing a more effective and accurate identification of manual attackers.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with detecting a flood attack of a server includes receiving an echo request with a request id for checking connectivity to a server from a source. Next, the method determines whether the request id of the echo request matches a request id of one of a plurality of malicious received requests within a plurality of prior received requests. The comparison of the request ids is conducted to determine whether the request is a legitimate request. Then, the echo request is transmitted to the server when the comparing fails to identify the match. Lastly, an echo response can be sent to the source after sending the echo request to the server.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with filtering content includes receiving a domain name system request from a client. Then, sending an address from the domain name system request to a policy server. The policy server can retrieve a filter id associated with the client. The method then includes sending the domain name system request with the filter id to an oblivious server. After, the method includes receiving a response with filtered content based on the domain name system request with the filter id from the oblivious server. The oblivious server can then generate a subscriber content filtering policy configuration based on the filter id and generate the response with the filtered content based on the subscriber content filtering policy configuration. Lastly, the methods includes sending the response to the domain name system request with filtered content to the client.

Abstract: Technology related to accessing security hardware keys is disclosed. In one example, a method includes receiving an initial request to perform a first cryptographic operation using a key stored in security hardware circuitry. In response to servicing the initial request, a persistent attribute of the key can be used to query the security hardware circuitry to receive a volatile attribute of the key. The volatile attribute of the key can be stored external to the security hardware circuitry to enable subsequent requests to perform cryptographic operations on the security hardware circuitry without querying the security hardware circuitry for the volatile attribute of the key. A subsequent request referencing the key can be received. The subsequent request can be serviced by using the security hardware circuitry and identifying the key using the stored volatile attribute of the key without querying the security hardware circuitry for the volatile attribute of the key.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with network packet switching based on packet data includes receiving a plurality of network packets. Next, header data and payload data is separated for each of the plurality of received network packets. Next, digest data is created from the separated header data for each of the plurality of network packets. One or more network actions are identified for each of the plurality of network packets based on the corresponding created digest data. The identified one or more network actions are performed on the separated header data and the payload data.

Abstract: Technology related to managing network services using multipath protocols is disclosed. In one example, a method includes intercepting a multipath protocol request from a requesting host for a connection to a service. The multipath protocol request is intercepted by an intermediary server. A target host different than the intermediary server can be selected to provide the service. A multipath protocol packet can be sent from the intermediary server to the requesting host. The multipath protocol packet can add a subflow of the connection using an address of the target host. The subflow can enable a path between the requesting host and the target host that does not traverse the intermediary server.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with allocating a traffic load through heterogenous topology of a network includes extracting a header of each of a plurality of received packets of a traffic flow. Each of the headers comprises fields. Next, the network traffic manager apparatus executes a hashing function over the fields of each of the headers, applies a load balancing function to determine one of a plurality of endpoints to send each of the received packets based on one or more endpoint characteristics, and maps the index for each corresponding one of the received packets to the corresponding selected one of the endpoints. The received packets are not evenly divided among the plurality of endpoints. Lastly, the network traffic manager apparatus sends the received packets selected endpoint based on the mapping from the load balancing policy.

Abstract: Technology related to near-realtime O-Cloud optimization requirements by extending O-Cloud Near-RT and Non-RT functionality. In one example, a method includes receiving, via an interface between the O-Cloud orchestrator and the near-realtime RAN intelligent controller, policies related to O-Cloud workload optimization. It further includes determining, one or more policy scenarios have occurred. Then transmitting, from the near-realtime RAN intelligent controller to the O-Cloud, instructions for one or more corrective actions. The method further includes executing, via one or more XApps on the O-Cloud, one or more corrective actions consistent with the received instructions. Finally, transmitting, from the one or more Xapps on the O-Cloud, confirmation of the execution of the one or more corrective actions.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems includes receiving a plurality of network packets. Metadata comprising state information for the received plurality of network packets is generated. The generated metadata is inserted into the received plurality of network packets or a cloned version of the plurality of network packets. A network diagnostic operation is performed on the received plurality of network packets based on the inserted metadata into the received plurality of network packets or the cloned version of the plurality of network packets.

Abstract: A method, non-transitory computer readable medium, and device that assists with improving web scanner accuracy includes receiving a sitemap document associated with a webpage from an application security manager apparatus. The received sitemap document associated with the webpage is scanned. Next, one or more vulnerabilities are identified in the scanned sitemap associated with the webpage. A report including the identified one or more vulnerabilities is provided.

Abstract: Methods, non-transitory computer readable media, network traffic manager apparatuses, and systems that assist with providing adaptive authentication for federated environment includes receiving a request to access an application from a client. Next, one of a plurality of web application servers in which the requested application is executing is identified and data associated with the requesting client is obtained. An authentication request comprising an index based on the identified web application server and the obtained client data is generated. The requesting client using the generated authentication request including the index is authenticated.