Abstract: A method, non-transitory computer readable medium and device that assists providing a secure channel includes selecting a client-server key from a plurality of client-server keys based on an IP address of a client computing device and a time of receiving a request from the client computing device wherein the selecting further includes identifying an index value associated with the selected client-server key. Next, a context signature is generated based on the IP address of the client computing device, the time of receiving the request from the client computing device and the index value associated with the selected client-server key. Next, the generated context signature is encrypted using a stored private key. A secure channel is provided by preparing and sending a response including the selected client-server key and the encrypted context signature back to the client computing device.

Abstract: A method, non-transitory computer readable medium, and network traffic management apparatus that receives a response to a ping message from a server device in a server pool and determines a current latency value based on a time difference between when the ping message was sent to the server device and when the response to the ping message was received. A determination is made when the current latency value exceeds an adaptive threshold latency value. The adaptive threshold latency value is based on an average historical latency value and an established threshold factor value. A deficient response value is incremented and a determination is made when the deficient response value exceeds a deficiency threshold value, when the determining indicates that the current latency value exceeds the adaptive threshold latency value. A mitigation action is initiated when the determining indicates that the deficient response value exceeds the deficiency threshold value.

Abstract: A system and method for handling a request from a client device to access a service from a server. The method comprises receiving a request from a user using a client device to access a service from a server. The request is received by a network traffic management device having a local external access management (EAM) agent. The EAM agent directly communicates with an EAM server that provides authentication policy information of a plurality of users able to at least partially access the server. User credential information is sent from the EAM agent to the EAM server, whereby the EAM agent receives access policy information of the user from the EAM server. The system and method selectively controls access of the user's request to the server in accordance with the received access policy information at the network traffic management device.

Abstract: A method, apparatus, and system are directed toward managing network traffic over a plurality of Open Systems Interconnection (OSI) Level 2 switch ports. A network traffic is received over the plurality of OSI Level 2 switch ports. At least a part of the network traffic is categorized into a flow. The categorization may be based on a IP address, an OSI Level 4 port, a protocol type, a Virtual Local Area Network (VLAN) number, or the like, associated with the network traffic. One of the plurality of OSI Level 2 switch ports is selected based on a load-balancing metric. The load-balancing metric may be a priority of the flow, a congestion characteristic, a prediction of a load usage for the flow, a combination thereof, or the like. A frame associated with the flow is sent over the selected one of the plurality of OSI Level 2 switch ports.

Abstract: A method, non-transitory computer readable medium, and anomaly detection apparatus that monitors network traffic exchanged with a plurality of client devices and a plurality of server devices to obtain client-side signal data for a plurality of client-side signals and server-side signal data for a plurality of server-side signals. A determination is made when a server health anomaly or a network traffic anomaly is a false positive based at least in part on a comparison of at least a portion of the client-side signal data or at least a portion of the server-side signal data to a historical scoreboard database comprising historical data regarding one or more historical network traffic or server health anomalies. A mitigation action is initiated when the determining indicates that one or more of the server health anomaly or network traffic anomaly is not a false positive.

Abstract: A method, non-transitory computer readable medium, and network security apparatus that monitors received network traffic to obtain signal data for signals associated with the network traffic in accordance with a stored configuration. A model and configuration update(s) are generated and the stored configuration is updated based on the configuration update(s). The model includes a threshold for at least one of the signals. A determination is made when there is an anomaly in the network traffic based on the application of the model to the signal data or a match of at least a portion of the signal data to an anomalous traffic pattern received from a centralized analytic server computing device. A mitigation action is initiated, when the determining indicates that there is an anomaly in the network traffic. Accordingly, this technology facilitates dynamic and adaptive network traffic analysis and anomaly detection including improvements thereto independent of human intervention.

Abstract: Methods, non-transitory computer readable media, and traffic manager computing devices that forward a request to resolve a domain name from a client device to a Domain Name System (DNS) server device and a response from the DNS server device including an original Internet Protocol (IP) address corresponding to the domain name to the client device. Content is retrieved from a location associated with the domain name in response to a request for the content received from the client device. Classification information comprising at least a type of the retrieved content is determined. The retrieved content is sent to the client device in response to the request for the content. A determination is made when a confidence threshold has been exceeded based on the classification information. A steering endpoint IP address is sent to the DNS server device, when the determining indicates that the confidence threshold has been exceeded.

Abstract: A method, non-transitory computer readable medium, and network traffic management apparatus that receives a request for content from a client computing device. A length of the content is determined. A plurality of requests for a portion of the length of the content is sent to a plurality of server computing devices, wherein the portion of the length of the content is specified as a byte range in a range header of each of the plurality of requests. A plurality of responses to the plurality of requests is received. At least a subset of the plurality of responses is output to the client computing device.

Abstract: Methods, systems, and devices are described for managing network communications. A traffic manager module may receive a script over a management plane of a packet core, interpret the script to identify a traffic management policy; and dynamically modify at least one aspect of a proxy connection over a bearer plane of the packet core at the traffic manager module based on the identified traffic management policy.

Abstract: Embodiments are directed towards upgrading hypervisors operating in hardware clusters that may be hosting one or more virtual clusters of virtual traffic managers. Virtual clusters may be arranged to span multiple computing devices in the hardware cluster. Spanning the virtual clusters across multiple hardware nodes the virtual cluster may enable the virtual clusters to remain operative while one or more hardware nodes may be upgraded. Hypervisor may include a management control plane for virtual clusters of virtual traffic managers. Hypervisors running on hardware nodes may manage the lower level networking traffic topology while the virtual traffic managers may manage the higher level network processing.

Abstract: Methods, systems, and devices are described for managing network communications. A traffic manager module configured to serve as a proxy between a plurality of client devices and a network service may receive a plurality of messages for the network service. Each message may be associated with at least one QoS parameter. The traffic manager module may transmit the plurality of messages to the network service over a connection between the traffic manager module and the network service. The QoS of the connection between the traffic manager module and the network service may be dynamically altered during the transmission of a first message of the plurality of messages based on the at least one QoS parameter associated with the first message.

Abstract: A system, medium and method of performing dictionary compression is disclosed. A first data segment received at a receiver device (RD) from a transmiter device (TD) is selected A global bloom filter of the TD is queried to determine if the RD has a stored copy of a first plurality of content data bytes and corresponding first identifier and data length information for the first data segment. A first encoded data packet is prepared and sent which includes the first identifier and data length information without the first plurality of content data bytes. The RD utilizes the received first identifier and data length information to retrieve the first plurality of content data bytes associated with the first data segment from the RD's data store and decodes the first data segment to include the first plurality of content data bytes.

Abstract: A system and method to establish and maintain access between a secured network and a remote client device communicating with different security protocols. Once the system and method verify that the remote client device had the requisite credentials to access the secured network domain, the system and method are delegated to fetch a service ticket to one or more dedicated servers on behalf of remote client device. The system and method receives a service ticket from the dedicated server and forwards the service ticket to the remote client device to use the service.

Abstract: Methods, non-transitory computer readable media and application management apparatuses, and application management systems that secure one or more entitlement grants includes transmitting a registration license request encrypted with a first public key to a license server. The registration license request comprises a registration identifier and a second public key. A registration license response is received from the license server. The registration license response comprises one or more license entitlement grants, the second public key, and a first secure signature encrypted with a first private key. The one or more license entitlement grants are authenticated when the first decrypted secure signature matches the first check signature.

Abstract: A method, non-transitory computer readable medium, and device that identifies network traffic characteristics to correlate and manage one or more subsequent flows includes transmitting a monitoring request comprising one or more attributes extracted from an HTTP request received from a client computing device and a timestamp to a monitoring server to correlate one or more subsequent flows associated with the HTTP request. The HTTP request is transmitted to an application server after receiving an acknowledgement response to the monitoring request from the monitoring server. An HTTP response to the HTTP request is received from the application server. An operation with respect to the HTTP response is performed.

Abstract: A method for maintaining server persistency, including: (a) receiving, by an intermediate entity, a first session request from client to receive a service from a server out of a plurality of servers that are connected to the intermediate entity; (b) selecting a server out of the plurality of servers and directing to the selected server information indicative of the first session request; (c) receiving a response of the selected server to the information indicative of the first session request; (d) analyzing the response of the selected server, to provide an analysis result indicative whether the response includes code to be executed by the client and includes at least one instruction that facilitates sending, by the client, another request, to receive a service from a server out of the plurality of servers; (e) modifying, based on the analysis result, the code by adding information that will cause the client to send a selected server identifier in association to the sending of the other request; and (f) sendi

Abstract: Embodiments are directed towards employing a traffic management system (TMS) that is enabled to deploy component virtual machines (CVM) to the cloud to perform tasks of the TMS. In some embodiments, a TMS may be employed with one or more CVMs. In at least one embodiment, the TMS may maintain an image of each CVM. Each CVM may be configured to perform one or more tasks, to operate in specific cloud infrastructures, or the like. The TMS may deploy one or more CVMs locally and/or to one or more public and/or private clouds. In some embodiments, deployment of the CVMs may be based on a type of task to be performed, anticipated resource utilization, customer policies, or the like. The deployment of the CVMs may be dynamically updated based on monitored usage patterns, task completions, customer policies, or the like.

Abstract: A method, computer readable medium, and device for providing authenticated domain name service includes forwarding at a traffic management device a request for a domain name from a client device to one or more servers coupled to the traffic management device. The traffic management device receives a first response comprising at least a portion of the domain name from the one or more servers. The traffic management device attaches a first signature to the first response when the first response is determined by the traffic management device to be an unauthenticated response, and provides the first response with the first signature to the client device.