Abstract: A system receives a request from a requestor for a service performed by a network device, establishes an encrypted session with the requestor, and utilizes a temporary process to determine whether the requestor is authorized for the service. If the requestor is authorized, the system redirects the service request to the service, and provides the service to the requestor.

Abstract: A device applies synchronous clocking across a first component and a second component of the device, and designates a particular serial link, from a group of serial links, as a master serial link. The device also designates the remaining serial links as slave serial links, provides, via the master serial link, an encoded data stream, and provides, via the slave serial links, un-encoded and scrambled data streams.

Abstract: A network system includes a provider backbone bridged network (PBBN) and a multi-homed provider bridge network (PBN) having a plurality of L2 switches that operate as backboned edge bridges (BEBs) to bridges L2 packets between the PBN and the PBBN. A first one of the L2 switches is configured to bridge L2 packets from a first backbone VLAN (B-VLAN) to the PBN when a physical link of the multi-homed PBN is operational. The L2 switch is further configured to shunt the L2 packets from the first backbone VLAN to a second one of the L2 switches operating as a secondary BEB of the multi-homed PBN via a second B-VLAN when the physical link is non-operational.

Abstract: A system may define a first region that includes a first colored link of a multiprotocol label switching (MPLS) network, and may define a second region that includes a second colored link of the MPLS network. The system may define a boundary between the first and second regions based on the first colored link and the second colored link.

Abstract: A system provides congestion control and includes multiple queues that temporarily store data and a drop engine. The system associates a value with each of the queues, where each of the values relates to an amount of memory associated with the queue. The drop engine compares the value associated with a particular one of the queues to one or more programmable thresholds and selectively performs explicit congestion notification or packet dropping on data in the particular queue based on a result of the comparison.

Abstract: A system selectively drops data from queues. The system includes a drop table that stores drop probabilities. The system selects one of the queues to examine and generates an index into the drop table to identify one of the drop probabilities for the examined queue. The system then determines whether to drop data from the examined queue based on the identified drop probability.

Abstract: An endpoint integrity system controls access to resources of a protected network for endpoint devices attempting to access the protected network. The system may include a number of evaluation modules that communicate with an endpoint device. The evaluation modules generate policy results for the endpoint device, in which each of the policy results assume one of three or more states, called a multi-state policy result. The multi-state policy results are combined to produce a combined Boolean policy result.

Abstract: A resource recovery system may maintain a counter in memory that indicates a number of times one or more threads of execution, which use shared resources, have crashed. The system may associate a first value of the counter with a resource allocated to a thread of the one or more threads, and may set an indicator associated with the thread to indicate whether the thread has crashed. The system may determine whether to re-allocate the resource to the thread based on the first value of the counter associated with the resource and based on the indicator associated with the thread.

Abstract: A method includes appending, by a network device, a first layer 1 frame header to a first payload to form a first layer 1 frame and a second layer 1 frame header to a second payload to form a second layer 1 frame and outputting the first layer 1 frame and the second layer 1 frame in a same format to a network. The first payload may include first layer 2 data. The first layer 1 frame header may include a first protocol identifier that indicates that the first layer 2 data is associated with a first protocol. The second payload may include second layer 2 data. The second layer 1 frame header may include a second protocol identifier that indicates that the second layer 2 data is associated with a second, different protocol.

Abstract: A device receives, from a managed device, endpoint information associated with an unmanaged device connected to the managed device in a network. The device also receives unmanaged device information that partially identifies the unmanaged device, and completely identifies the unmanaged device based on the endpoint information and the unmanaged device information.

Abstract: A call admission control technique allowing flexible and reliable call admissions at an ATM switch in the case of an ATM network including both QoS-specified and QoS-unspecified virtual connections is disclosed. In the case where a QoS (Quality of Service) specified connection request occurs, an estimated bandwidth is calculated which is to be assigned to an existing QoS-unspecified traffic on the link associated with the QoS-specified connection request. A call control processor of the ATM switch determines whether the QoS-specified connection request is accepted, depending on whether a requested bandwidth is smaller than an available bandwidth that is obtained by subtracting an assigned bandwidth and the estimated bandwidth from a full bandwidth of the link.

Abstract: A method and apparatus stores media content in a variety of storage devices, with at least a portion of the storage devices having different performance characteristics. The system can deliver media to a large number of clients while maintaining a high level of viewing experience for each client by automatically adapting the bit rate of a media being delivered to a client using the client's last mile bit rate variation. The system provides clients with smooth viewing of video without buffering stops. The client does not need a custom video content player to communicate with the system.

Abstract: A method performed by network devices that includes operating in a normal mode, where the network devices form a virtual chassis that corresponds to a single logical network device; detecting when a failure within the virtual chassis occurs; executing a splitting process to form one or more new virtual chassis in correspondence to the failure; determining whether one of the one or more new virtual chassis operates as a functioning virtual chassis based on whether at least one of a set of criteria is satisfied, where the functioning virtual chassis operates according to resources configured for the virtual chassis; and operating as a nonfunctioning virtual chassis when it is determined that the one of the one or more virtual chassis does not satisfy the at least one of the set of criteria, where the nonfunctioning virtual chassis operates in a pass-through mode.

Abstract: A technique for associating clients with APs in an advantageous manner may involve local balancing of clients across APs. This may involve providing instructions to APs to disable client association. Alternatively, this technique may involve load balancing across controllers.

Abstract: A device provides a flow table. The device receives a data unit, determines a data flow associated with the data unit, determines whether the flow table includes an entry corresponding to the data flow, determines a current utilization of a group of output ports of the device, selects an output port, of the group of output ports, for the data flow based on the current utilization of the group of output ports when the flow table does not store an entry corresponding to the data flow, and stores the data unit in a queue associated with the selected output port.

Abstract: A network device includes a main storage memory and a queue handling component. The main storage memory includes multiple memory banks which store a plurality of packets for multiple output queues. The queue handling component controls write operations to the multiple memory banks and controls read operations from the multiple memory banks, where the read operations for at least one of the multiple output queues alternates sequentially between the each of the multiple memory banks, and where the read operations and the write operations occur during a same clock period on different ones of the multiple memory banks.

Abstract: A profiler may analyze processes being run by a processor. The profiler may include logic to periodically sample a value of an instruction pointer that indicates an instruction in the first process that is currently being executed by the processor and logic to update profile data based on the sampled value. The profiler may additionally include logic to determine, in response to a context switch that includes the operating system switching the active process from the first process to another of the plurality of processes, whether the first process executes for greater than a first length of time; logic to stop operation of the profiler when the first process executes for greater than the first length of time; and logic to clear the profile data when the first process fails to execute for greater than the first length of time.

Abstract: An enhanced, flooding-based link state routing protocol is described that provides pruning of link state data and, when needed, rate-controlled refresh of the pruned link state data from other routers of the flooding domain. A routing device comprises a network interface to send and receive packets over a layer-two (L2) communication medium. The routing device includes a control unit coupled to the network interface, and a flooding-based link state routing protocol executing on a processor of the control unit. The link-state routing protocol establishes an adjacency with a peer router. A database of the routing device includes entries that store a plurality of link state messages for a flooding domain of the link state routing protocol, wherein at least one of the entries in the database stores a partial link state message having a header portion and a payload having pruned link state data.

Abstract: An ATM multiplexing apparatus of the present invention is the apparatus for selectively performing cell discard processing in the case of congestion on the basis of a use state of the same connection formed by cells from the side of an ATM switching unit and subscribers without installing UPC units, and the ATM multiplexing apparatus, which is connected to the ATM switching unit and each of plural subscribers through ATM communication lines and performs multiplexing processing to ATM cells sent from the plural subscribers, comprises: detection means 118 for detecting a level of a congestion state corresponding to the received ATM 157 from the subscribers; and discard means (111, 115 and 117) for selectively discarding the received ATM cells from the subscribers on the basis of a communication state determined by the received ATM cells 155 from the ATM switching unit and the received ATM cells from the subscribers and a level value of a warning signal 129 indicating the detected congestion state.

Abstract: Feedback indicates low signal-to-noise ratio (SNR) conditions for a wireless communications link between a transmitter device and a receiver device. After attempting to achieve a target packet error rate (PER) by increasing transmission power for the wireless communications link, the transmitter device receives feedback that indicates a current PER, for data transmitted using an initial automatic repeat request (ARQ) block size, is above the target PER for the receiver device, and changes, based on the feedback, the current ARQ block size to a different ARQ block size for the wireless communications link. The different ARQ block size may be adaptively selected to provide a maximum PDU size that achieves the target PER at the receiver device under the low SNR conditions.