Abstract: Techniques for cloud network automation for IP address and DNS record management are disclosed. In some embodiments, a system, process, and/or computer program product for cloud network automation for IP address and DNS record management includes receiving at a cloud platform appliance (e.g., a virtual or physical IP address and/or DNS management appliance) a cloud request related to a resource (e.g., a virtual or physical resource) in a cloud environment from a global cloud manager; and processing the cloud request at the cloud platform appliance to determine whether to proxy the cloud request to another cloud platform appliance or a grid master or to locally process the cloud request, wherein a storage of infrastructure metadata information for IP address and/or DNS record management is updated based on the cloud request.

Abstract: Techniques for providing an API gateway for network policy and configuration management with public cloud are disclosed. In some embodiments, a system, process, and/or computer program product for an API gateway for network policy and configuration management with public cloud includes receiving a native or extended public cloud application programming interface (API) request at the API gateway; processing the public cloud API request; extracting data from the request for use in other API calls; and, in some cases, translating the public cloud API request into a native public cloud API request with or without adding parameters or properties to and/or substituting new values for parameters in the public cloud API request (e.g., in some cases modifying the public cloud API request can include inserting additional parameters/properties, such as instance IP address that was not present in the initial API request); and sending the native public cloud API request to the public cloud environment.

Abstract: Techniques for an exponential moving maximum (EMM) filter for predictive analytics in network reporting are disclosed. In some embodiments, a process for predictive analytics in network reporting using an EMM filter includes pre-processing network-related data by performing exponential moving maximum (EMM) filtering on the network-related data; and determining predictive analytics based on the EMM filtered network-related data.

Abstract: Processing infrastructure metadata information about a virtual resource of a virtual cloud is disclosed. Infrastructure metadata information is collected. The collected metadata information is about a virtual resource of a virtual cloud. A storage of infrastructure metadata information is updated. The updating of the storage of infrastructure metadata information is performed using the collected information.

Abstract: Provisioning an Internet Protocol address is disclosed. A request to provision an Internet Protocol address to a virtual resource is received. An Internet Protocol address is automatically determined to allocate to the virtual resource. The determined Internet Protocol address was selected from a group of Internet Protocol addresses potentially available to be assigned to the virtual resource of the received request.

Abstract: New and improved techniques for a behavior analysis based DNS tunneling detection and classification framework for network security are disclosed. In some embodiments, a platform implementing an analytics framework for DNS security is provided for facilitating DNS tunneling detection. For example, an online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis.

Abstract: Flux domain is generally an active threat vector, and flux domain behaviors are continually changing in an attempt to evade existing detection measures. Accordingly, new and improved techniques are disclosed for flux domain detection. In some embodiments, an online platform implementing an analytics framework for DNS security is provided for facilitating flux domain detection. For example, the online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis, disclosed herein with respect to various embodiments.

Abstract: In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.

Abstract: Techniques for configuring a network based on a Domain Name System (DNS) or network metadata policy for network control are disclosed. In some embodiments, a system, process, and/or computer program product for a DNS or network metadata policy for network control includes receiving a DNS or network metadata update at a DNS server (e.g., an authoritative or recursive DNS server) or an IP Address Management (IPAM) server, in which the DNS or network metadata update is determined to be relevant to the DNS or network metadata policy for network control; and sending the DNS or network metadata update to a network controller for a network, in which the network controller configures a plurality of network devices on the network based on the DNS or network metadata policy for network control.

Abstract: Replicating data in a distributed database having a plurality of nodes is disclosed. Replicating includes receiving a semantic command at a local version of the database at a node, interpreting the semantic command, and applying the semantic command to the local version of the database.

Abstract: In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.

Abstract: Provisioning an Internet Protocol address is disclosed. A request to provision an Internet Protocol address to a virtual resource is received. An Internet Protocol address is automatically determined to allocate to the virtual resource. An Internet Protocol Address Management appliance is used to automatically allocate the determined Internet Protocol address to the virtual resource.

Abstract: Techniques for providing DHCP updates are provided. In various embodiments, a DHCP notification is received from a DHCP server, the notification includes a network address and a unique device identifier combination of a device. A second notification is generated in response to receiving the first notification, the second notification includes the network address and the unique device identifier combination.

Abstract: Techniques for an exponential moving maximum (EMM) filter for predictive analytics in network reporting are disclosed. In some embodiments, a process for predictive analytics in network reporting using an EMM filter includes pre-processing network-related data by performing exponential moving maximum (EMM) filtering on the network-related data; and determining predictive analytics based on the EMM filtered network-related data.

Abstract: Visualization for managing multiple IP address management systems is provided. In some embodiments, visualization for managing multiple IP address management systems for an IP address management manager system includes communicating with a plurality of IP address management systems to determine IP address management information managed by each of the IP address management systems; and generating a graphical visualization of an IP address space managed by the plurality of IP address management systems based on the IP address management information managed by each of the IP address management systems, in which the graphical visualization of the IP address space managed by the plurality of IP address management systems indicates any gaps or overlaps in the IP address space managed by the plurality of IP address management systems.

Abstract: Processing infrastructure metadata information about a virtual resource of a virtual cloud is disclosed. Infrastructure metadata information is collected. The collected metadata information is about a virtual resource of a virtual cloud. A storage of infrastructure metadata information is updated. The updating of the storage of infrastructure metadata information is performed using the collected information.

Abstract: Making data available from a database is disclosed. Making data available includes specifying a query function having a query function name, wherein the query function includes a structure and a member, determining the structure and the member included in the query function, wherein the query function has a query function name and includes the structure and the member, creating an index for the structure on the member, and compiling the query function to be available to a user by invoking the query function name without the user having to specify the structure and the member. Retrieving data from a database is disclosed. Retrieving includes invoking a query function that specifies a plurality of structures and a value, accessing a cross index of the plurality of structures, and using the cross index to access the data.

Abstract: Techniques for associating text strings with numeric numbers for IP address management are provided. In some embodiments, various techniques for an IPAM device for associating text strings with numeric numbers for IP address management are disclosed. In some embodiments, system, method, and/or computer program product for an Internet Protocol Address Management (IPAM) system for managing an Internet Protocol (IP) address space for an enterprise network, includes associating a text string with a substring of a network address; and storing the text string in association with the substring of the network address in the IPAM system for managing the IP address space for the enterprise network.

Abstract: In some embodiments, a security device controller (SDC) is provided. In some embodiments, a security device controller includes receiving a configuration policy in a vendor neutral language; and automatically configuring a plurality of security devices on a heterogeneous network based on the configuration policy. For example, the plurality of security devices can include physical, virtual, or software defined network (SDN) based routers and/or firewalls, and the heterogeneous network can include security devices from a plurality of different vendors.

Abstract: Flux domain is generally an active threat vector, and flux domain behaviors are continually changing in an attempt to evade existing detection measures. Accordingly, new and improved techniques are disclosed for flux domain detection. In some embodiments, an online platform implementing an analytics framework for DNS security is provided for facilitating flux domain detection. For example, the online platform can implement an analytics framework for DNS security based on passive DNS traffic analysis, disclosed herein with respect to various embodiments.