Abstract: A method is disclosed for testing network devices for networks with a large traffic load utilizing one or more traffic load amplifiers to amplify the traffic load. The load amplifiers connected to the device may receive packets of an initial traffic load, multiply or copy the received packet, alter the destination address information in the header of the copied packets to generate packets with different destination addresses, and transmit the altered packets back to the device for further routing. The altered or copied packets may then be routed via the device back to the load amplifier for further amplification. Through this amplification process, a small initial load of packets may be amplified over and over by the load amplifiers until a target traffic load is achieved at the device to test the device performance at a large traffic load.

Abstract: The present application describes a system that uses endpoint data and network data to detect an anomaly. Once an anomaly is detected, the system may determine a severity of the anomaly by comparing the anomaly to a global database of known anomalies. The system may then initiate preventative measures to address the anomaly.

Abstract: Systems and methods are provided for distributing a domain name service (DNS) response cache in a DNS resolving system on a network. The systems and methods described herein may improve response times for client queries and also protect the DNS resolving system from DNS related cyber attacks.

Abstract: A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.

Abstract: A dynamic SRMS (DSRMS) in a MPLS network generates unique segment identifiers for nodes of the network lacking segment identifiers (SIDs). The DSRMS receives network information from other nodes of the network that may include, for example, Internal Gateway Protocol (IGP) routing information, advertised prefix values for the nodes, and label values used in MPLS routing. The DSRMS analyzes the information and identifies nodes of the network that are not associated with a SID. For each identified node, the DSRMS generates a unique SID and then announces the SID to other nodes within the network. Generating the unique SID may include executing a hashing function using the IP address of the identified node as an input.

Abstract: This disclosure describes systems, methods, and devices related to analyzing data stored in a relational database. A method may include installing a structured query language (SQL) server on a host server; installing statistical analysis modules on the host server; executing the statistical analysis modules within a relational database of the SQL server to analyze data stored in the relational database; and generating outputs based on the execution of the statistical analysis modules within the relational database.

Abstract: Aspects of the present disclosure involve systems, methods, computer program products, and the like, for utilizing a CIC value field in signaling information of a communication to provide an identification of the ingress network to an egress or receiving network of a long distance telecommunications network. The system and method provides for the provisioning of a signaling CIC for an ingress trunkgroup or network to a telecommunications network for downstream signaling purposes by overriding a received CIC value with a provisioned CIC value specific to the ingress network. This provisioned CIC value identifies the ingress network to the long distance network to the egress network for use by the egress network.

Abstract: Novel tools and techniques are provided for implementing programmatical public switched telephone network (“PSTN”) trunking for cloud hosted applications. In various embodiments, a computing system may determine one or more first network interconnection characteristics associated with a first entity service provider within a call service network operated by a call network service provider. Based on the determined one or more first network interconnection characteristics associated with the first entity service provider, the computing system may cause a network provisioning application layer to establish one or more network interconnections between a first network associated with the first entity service provider and the call service network, in some cases, by establishing shared peering connections between the first network and the call service network.

Abstract: Implementations described and claimed herein provide systems and methods for intelligent node type selection in a telecommunications network. In one implementation, a customer set is obtained for a communications node in the telecommunications network. The customer set includes an existing customer set and a new customer set. A set of customer events is generated for a node type of the communications node using a simulator. The set of customer events is generated by simulating the customer set over time through a discrete event simulation. An impact of the customer events is modeled for the node type of the communications node. The node type is identified from a plurality of node types for a telecommunications build based on the impact of the customer events for the node type.

Abstract: A routing system can provide a Dynamic-Hybrid Forwarding Information Base (DHFIB). A control component of the routing system can build a routing table that includes routing information (e.g., prefixes, addresses, etc.) for use by a first routing component. The routing table can be ordered or ranked based on traffic information from the first routing component. Then, the control component can create the DHFIB from the routing table, wherein the DHFIB is a portion of the routing table and related to the first routing component. As such, the portion of the routing table selected for the DHFIB can be the set of prefixes in the routing table that represent the most frequently routed or most important prefixes in the routing table. Finally, the control component can forward the DHFIB to the first routing component to allow the routing component to route communications.

Abstract: Systems and methods for receiving information on network firewall policy configurations are disclosed. Based on the received firewall configuration information, a configuration of a firewall and/or subnet of network devices is automatically provisioned and/or configured to control network traffic to and from the subnet.

Abstract: This disclosure describes systems, methods, and devices related to automating and testing communication network topologies.

Abstract: Examples of the present disclosure relate to an AI-supported CDN. In examples, a data processing engine processes log data of a CDN node according to a model to identify an issue. An issue indication is provided to a solution generation engine, which generates a set of solutions to automatically resolve the issue. The set of solutions is provided to a solution implementation engine, which iteratively implements solutions to resolve the issue using solution implementation information associated with a given solution. Thus, the data processing engine need not have knowledge regarding the specific hardware and/or software used within the CDN. Similarly, the solution generation engine need not have knowledge of the structure of the CDN and/or configuration of devices associated with the identified issue, such that the solution implementation engine provides a layer of abstraction between a solution and the implementation-specific details used to implement the solution within the CDN.

Abstract: Apparatuses and methods are disclosed for managing network connections. A computing device accesses a request to provision a network connection associated with a first device. The request includes a plurality of connection parameters defining desired specifications for a network connection from the first device to a second device. The connection parameters are validated against information from a database and other predetermined rules. A network connection path is generated to connect the first device with the second device. The network connection path is generated by selecting network elements for the network connection that satisfy the connection parameters. Configuration information for the network elements of the network connection path is aggregated for a configuration system. The configuration information is used to provision the network connection.

Abstract: Novel tools and techniques are provided for implementing name-based routing through networks. In various embodiments, a broker manager in each of a plurality of networks may receive a subscription request for a network device from a client device, each device being locally accessible or disposed in an upstream or downstream network. The broker manager uses its client broker to communicate with a locally accessible client device, and uses its mediator broker (and, sometimes, an intermediate device(s)) to communicate with a locally accessible network device. The broker manager otherwise uses its messaging brokers to communicate with control channels of one or more networks. Once subscription with the network device has been established, any commands and responses between the client device and the network device may be routed over pub/sub channels via the broker managers and their brokers using name-based routing, without routing based on IP address of the network device.

Abstract: Aspects of the present disclosure involve systems, methods, for encoding a firewall ruleset into one or more bit arrays for fast determination of processing of a received communication packet by a firewall device associated with a network. Through this bitmap, a number of computation operations needed to determine a processing rule for a received packet is significantly reduced compared to the traditional approach of using a hash or a longest prefix match technique. Rather, determining a processing rule for a received packet may include determining a bit value within one or more arrays. In one implementation, a firewall rule may be encoded into a 64-bit array of bit values in which each bit of the array corresponds to a particular processing rule for a particular network address. The firewall rule may be encoded into a bitmap array of bit values by asserting a particular bit within the array.

Abstract: Novel tools and techniques are provided for implementing web-based monitoring and detection of fraudulent or unauthorized use of voice calling service. In various embodiments, a computing system might receive, from a user device associated with an originating party, a request to initiate a call session with a destination party, the request comprising user information associated with the originating party and a destination number associated with the destination party; might query a database with session data (including user information) to access permission data and configuration data; and might configure fraud logic using received configuration data from the database. The computing system might analyze the session data and permission data using the configured fraud logic to determine whether the originating party is permitted to establish the requested call session with the destination party; if so, might initiate one or more first actions; and, if not, might initiate one or more second actions.

Abstract: Novel tools and techniques are provided for implementing monitoring and detection of fraudulent or unauthorized use in telephone conferencing systems or voice networks. In various embodiments, a computing system might monitor call activity through telephone conferencing system or voice network. In response to detecting use of the telephone conferencing system or voice network by at least one party based on the monitored call activity, the computing system might identify incoming and/or outgoing associated with a call initiated by the at least one party. The computing system might analyze the identified incoming and/or outgoing call data to determine whether the call initiated by the at least one party constitutes at least one of fraudulent use or unauthorized use of the telephone conferencing system or voice network. If so, the computing system might initiate one or more first actions.

Abstract: Methods and systems for reducing energy consumption. A method may include aggregating, for a prior time period, prior usage data from a plurality of computing nodes. Based on the aggregated prior usage data from the plurality of computing nodes, a usage threshold for decreasing cooling system output for the plurality of computing nodes and a local-time threshold for decreasing the cooling system output for the plurality of computing nodes are determined. Current usage data for the plurality of computing nodes is then received. When the current usage data reaches the usage threshold and the local time is after the local-time threshold, output of the cooling systems of the plurality of computing nodes is decreased.

Abstract: In an alien wave system, one or more transponders connected to a line system may be owned and operated by a different entity from the entity that owns and operates the line system. In such a situation, diagnosing and correcting faults, and achieving good performance, may be challenging. As such, a system and methods for interoperability in an alien wave system are provided.