Abstract: The present application describes a system and method for utilizing a tunnel in a networking routing protocol to provide a network segment access to additional servers when certain load balancing trigger events are detected.

Abstract: A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

Abstract: A method is disclosed for testing network devices for networks with a large traffic load utilizing one or more traffic load amplifiers to amplify the traffic load. The load amplifiers connected to the device may receive packets of an initial traffic load, multiply or copy the received packet, alter the destination address information in the header of the copied packets to generate packets with different destination addresses, and transmit the altered packets back to the device for further routing. The altered or copied packets may then be routed via the device back to the load amplifier for further amplification. Through this amplification process, a small initial load of packets may be amplified over and over by the load amplifiers until a target traffic load is achieved at the device to test the device performance at a large traffic load.

Abstract: The present application describes a system that uses endpoint data and network data to detect an anomaly. Once an anomaly is detected, the system may determine a severity of the anomaly by comparing the anomaly to a global database of known anomalies. The system may then initiate preventative measures to address the anomaly.

Abstract: A dynamic SRMS (DSRMS) in a MPLS network generates unique segment identifiers for nodes of the network lacking segment identifiers (SIDs). The DSRMS receives network information from other nodes of the network that may include, for example, Internal Gateway Protocol (IGP) routing information, advertised prefix values for the nodes, and label values used in MPLS routing. The DSRMS analyzes the information and identifies nodes of the network that are not associated with a SID. For each identified node, the DSRMS generates a unique SID and then announces the SID to other nodes within the network. Generating the unique SID may include executing a hashing function using the IP address of the identified node as an input.

Abstract: A metal hand tool including a handle attached to a blade piece and method of construction. The blade piece includes a blade opposite an elongated tang. The handle is made up of two, welded, symmetrical handle halves, each handle half having an opening for receiving a hang hole piece and a notched distal end for forming a handle opening to receive the blade piece elongated tang. In an embodiment, the handle includes a curved distal end accommodating a curved welded connection between the blade piece and the handle. The hand tool further includes a hang hole piece configured for placement through the hang hole openings in the handle and for welded connection to the handle. In an embodiment, the elongated tang includes a hang hole opening through which the hang hole extends. Some embodiments further include one or more tang guide pieces welded to the interior of the handle.

Abstract: Novel tools and techniques are provided for implementing application programming interface (“API”)-based concurrent call path (“CCP”) provisioning. In various embodiments, in response to receiving a CCP provisioning request, a computing system may determine whether such a request would affect a set of trunk groups assigned to a customer based at least in part on network utilization data. If not, the computing system may cause the nodes in the network to increase or decrease, in near-real-time, the number of CCPs in at least one trunk group assigned to the customer based on the CCP provisioning request. If so, the computing system may cause the nodes in the network to increase or decrease, in near-real-time, the number of trunk groups assigned to the customer and may cause the nodes in the network to increase or decrease, in near-real-time, the number of CCPs in the updated number of trunk groups.

Abstract: A field device, including: a processor; and memory including instructions that, when executed by the processor, cause the processor to: login to a local node device physically connected to the field device; enable a common command protocol on the local node device; solicit information to configure the local node device; generate a command set in the enabled common command protocol according to the solicited information; and execute the command set to automatically commission the local node device to communicate with one or more other node devices commissioned in a first network.

Abstract: This disclosure describes systems, methods, and devices related to activating services and devices in a telecommunications network. A method may include receiving a user request for a service facilitated by a telecommunications network; identifying, based on the service, a device or port to which the user connects to access the telecommunications network; sending, based on the device or port, discovery commands to retrieve information from one or more additional devices in the telecommunications network; retrieving, based on the discovery commands, the information from the one or more additional devices; identifying, based on the information, a second device to which the device or port may connect to generate a path to an endpoint of the telecommunications network; generating, based on the device or port and the second device, a path from a location of the user to the endpoint; and provisioning the service for the user based on the path.

Abstract: Automatic testing/analysis of local loops of telecommunications networks includes obtaining bits-per-tone data for a local loop of a telecommunications network and generating a bit value string from the bits-per-tone data. The bit value string is then analyzed to determine whether it includes a bit pattern indicative of an impairment of the local loop. Further approaches for automatically testing local loops of telecommunications networks include obtaining attenuation data for multiple tones carried by the local loop and determining whether the attenuation data falls below thresholds for providing a service using the local loop.

Abstract: This disclosure describes systems, methods, and devices related to automating and testing communication network topologies.

Abstract: The present disclosure is directed to consolidation of STP pairs without deploying new STP pairs and without making changes at a Service Switching Point to reflect the consolidation. In one aspect, a method includes identifying a first pair of signal transfer point devices to be decommissioned from a telecommunication network; identifying a second pair of signal transfer point devices to assume, in part, functionalities of the first pair of signal transfer point devices, each signal transfer point device of the first pair and the second pair having at least one primary point code and at least one secondary point code assigning a temporary secondary point code to each signal transfer point device of the first pair; and modifying at least one secondary point code of each signal transfer point device of the second pair with a primary point code of at least one signal transfer point device of the first pair.

Abstract: A server configuration tool is presented for autonomously configuring servers located in a network. The tool may autonomously configure multiple servers in parallel based on individual states of the servers, which may be periodically and simultaneously determined. For example, the tool may determine which action to take to begin or continue configuring the server based on the present state of each server. Server states (and corresponding actions) can be edited through a user interface to alter the server configuration process without code changes. At any one time, multiple servers may be in different states requiring different configuration operations to configure the servers to be ready for use. The present systems and methods can be used to move multiple servers iteratively through different configuration actions based on the individual state of each server and to perform non-conflicting configuration operations for multiple servers in parallel.

Abstract: Novel tools and techniques are provided for implementing web-based monitoring and detection of fraudulent or unauthorized use of voice calling service. In various embodiments, a computing system might receive, from a user device associated with an originating party, a request to initiate a call session with a destination party, the request comprising user information associated with the originating party and a destination number associated with the destination party; might query a database with session data (including user information) to access permission data and configuration data; and might configure fraud logic using received configuration data from the database. The computing system might analyze the session data and permission data using the configured fraud logic to determine whether the originating party is permitted to establish the requested call session with the destination party; if so, might initiate one or more first actions; and, if not, might initiate one or more second actions.

Abstract: The present disclosure describes providing an attestation level to a received communication. The attestation level may be used to communicate a level of security to a network or a called party that receives the communication. The attestation level associated with the communication may indicate to a destination network and/or recipient that the phone number associated with the communication is secure and/or the telephone number has not been spoofed. Determining the attestation level comprises comparing information associated with the communication with stored information and assigning a code based on the comparison. The code may be translated to a tag value that is used to direct the communication to a signing server for attesting the communication at the determined attestation level.

Abstract: Authorization for a user may be dynamically tailored per application or per application function, rather than globally managed by an administrator. For example, in some embodiments, an identity access management system may generate a suitable authorization token (or authorization token information) to enable a user to login to an application or perform a particular function. The authorization token may be dynamically generated and tailored based on filtering various identity information otherwise available from an identity system, access boundaries of applicable application functions, or other factors.

Abstract: The present application describes systems and methods for filtering of malicious domain name system (DNS) queries. A DNS filter inspects a DNS query and drops the DNS query if the DNS query is deemed invalid. The DNS filter allows or drops the DNS query based on a set of rules. The set of rules includes one or more criteria for the validity or invalidity one or more DNS query attributes. The DNS filter logs the dropped DNS queries and provides them to the security analysis service for further investigation. In some examples, the DNS filter runs in a container or a virtual machine (VM) on the same system as the DNS server, or on a separate system in-line with the DNS servers.

Abstract: A network filter request arbiter is provided. An interface (e.g., user interface and/or programmatic interface, such as an application programming interface (API)), is for configuring and automatically implementing one or more filters in an internal and/or external network. The filters may be used to stop distributed denial of service (DDOS) attacks and/or prevent malicious network traffic from reaching a target network or target device(s) within the target network. Filters implemented in a target network may also be distributed to other (e.g., upstream) networks. The distributed filters may similarly be used to stop DDOS attacks and/or prevent malicious network traffic from being carried by the networks and from reaching a target network or target device(s) within the target network.

Abstract: A steam distributor for a coffee machine and a coffee machine are described. The steam distributor includes a rod-like distributor body and an outlet area for discharging steam and/or air from an interior of the distributor body into a surrounding of the distributor body. The outlet area is arranged on an outer surface of the distributor body and is configured to discharge the steam and/or the air in such a way that the steam and/or the air forms a flow which has a tangential flow direction with respect to the distributor body and flows tangentially out of the distributor body. This structure of the distributor body allows milk or a milk substitute liquid to be foamed advantageously, because a circular flow is produced in the milk or the milk substitute liquid.

Abstract: The present application describes systems and methods for secured network information transmission. A network tunnel may be established from a customer premises equipment (CPE) to a routing device at a provider site. The network tunnel may traverse over one or more networks while maintaining a secure path for data. A customer may indicate a chosen configuration for a CPE, and a device at a provider site, a customer device, and/or the CPE itself may automatically, or manually, configure the CPE based on the chosen configuration to allow and/or disallow certain customer network information from being received and/or transmitted through the network tunnel.