Abstract: Methods, apparatuses and systems directed to a network traffic synchronization mechanism facilitating the deployment of network devices in redundant network topologies. In certain embodiments, when a first network device directly receives network traffic, it copies the network traffic and transmits it to at least one partner network device. The partner network device processes the copied network traffic, just as if it had received it directly, but, in one embodiment, discards the traffic before forwarding it on to its destination. In one embodiment, the partner network devices are operative to exchange directly received network traffic. As a result, the present invention provides enhanced reliability and seamless failover. Each unit, for example, is ready at any time to take over for the other unit should a failure occur.

Abstract: A system and method for determining flow quality statistics for real-time transport protocol (RTP) data flows is disclosed. Generally, a first endpoint is connected to a second endpoint, wherein the first endpoint comprises a transceiver, software stored within the first endpoint defining functions to be performed by the first endpoint, and a processor. The processor is configured by the software to perform the steps of, determining latency for the RTP data flows, determining jitter for the RTP data flows, and/or determining lost packets for the RTP data flows. Latency is determined by the first endpoint transmitting a test data packet to the second endpoint; the second endpoint looping the test data packet back to the first endpoint; comparing when the test data packet was received by the first endpoint to when the test data packet was sent to the second endpoint, to determine a round trip time; and, dividing the round trip time in two, resulting in the latency.

Abstract: A system and method for dynamically controlling aggregate and individual packet flow characteristics within a compressed logical data tunnel. A logical data tunnel is formed and includes one or more packet flows. Each packet flow includes individual packets having a shared destination address. Bandwidth allocated to control an aggregated flow of packets routed through the logical data tunnel. A transfer rate is assigned to control each packet flow transiting within the logical data tunnel.

Abstract: The present invention relates to telecommunications devices, systems and methods for providing improved performance over long latency communications links. Some embodiments selectively pre-fetch and transmit information over the link using improved protocol and pre-fetch mechanisms. One system includes a first gateway (430) adapted to communicate with a client (410), the first gateway including a processor coupled to a storage medium. The storage medium includes code for receiving a request for retrieving a web object, code for forwarding the request to a second gateway (440) over the long latency link, and code for receiving a pre-fetch announcement and response data for the web object from the second gateway. The pre-fetch announcement is received prior to receiving the response data.

Abstract: In one embodiment, a router is deployed on a local area network (LAN) in addition to any routers deployed on a wide area network (WAN) coupled with the LAN having the router. A service management device is coupled between the two routers. The service management device provides management processing, for example, quality of service (QoS) processing, traffic shaping, type of service (ToS) processing, or class of service (CoS) processing. For messages between devices both coupled to the WAN router, the WAN router sends the messages to the LAN router. The LAN router then routes the messages back to the WAN router through the service management device, which provides management processing. The WAN router then sends the processed message to the destination device.

Abstract: Methods, apparatuses and systems allowing for the transparent intermediation of network traffic over connection-based authentication protocols. In one embodiment, the present invention allows a proxy to be placed into an NTLM or HTLMv2 environment and have it transparently ensure that NTLM transactions are handled appropriately, such that the proxy can interact (optimize/accelerate) with the authenticated content without breaking the authentication scheme. Embodiments of the present invention provide a proxy solution that is easily deployed and transparently fits into an existing NTLM environment.

Abstract: A method for on-demand power management monitors a processing demand in a processing system operating at a first set of voltages and frequencies and generates a second set of voltages and frequencies in response to the processing demand. The method switches from the first set of voltages and frequencies to the second set of voltages and frequencies without halting the processing system.

Abstract: A system and method allocates ranges of addresses that are reachable by more than one border router to one of the border routers capable of reaching those ranges of addresses and advertises those addresses as being reachable only by the border router to which each such range of addresses were assigned.

Abstract: Methods, apparatuses and systems facilitating the concurrent classification and control of tunneled and non-tunneled data flows in a packet-based computer network environment. As discussed in more detail below, embodiments of the present invention allow for the “intra-tunnel” classification of data flows and, based on the classification, the deterministic and intelligent application of aggregate bandwidth utilization controls on data flows corresponding to a given tunnel. Embodiments of the present invention allow for the allocation of bandwidth on an application-level basis between tunneled and non-tunneled traffic, as well as between applications within a given tunnel. Other embodiments of the present invention can be configured to provide a differentiated security model for non-tunneled and tunneled traffic. In addition, embodiments of the present invention can be further configured to implement a layered security model for tunneled traffic.

Abstract: Methods, apparatuses and systems allowing for dynamic bandwidth management schemes responsive to the state of a plurality of access links in redundant network topologies. In one embodiment, the present invention provides a bandwidth management device that periodically queries routing systems associated with access links, conceptually grouped into a virtual access link, to monitor that load of the access links and, depending on the detected load, adjust the configuration of the bandwidth management device to avoid overloading one or more of the access links. Embodiments of the present invention increases network efficiency and help network traffic to flow more smoothly with higher throughput. In one embodiment, the dynamic link control functionality is invoked when any given access link reaches a threshold capacity level.

Abstract: An apparatus for controlling switching transients including a bus interface unit and a waveform shaper coupled to the bus interface unit and a peripheral device. The bus interface unit generates a number of control signals defining the beginning and end of an operation, where each control signal includes a transition from a first value to a second value over a period of time. The bus interface unit selects a critical control signal defined as the last control signal to start the operation and/or the first control signal to end the operation. The waveform shaper receives the selected control signal and modifies the control signal by increasing the period of time of the transition. The modified control signal is received by the peripheral device and a switching transient in the peripheral device is controlled.

Abstract: A network switch assembly includes a first control entity, a second control entity, and at least one line blade. The first control entity is selectively configurable between an active state and a standby state. The second control entity is selectively configurable between a standby state and an active state. The at least one line blade communicates with at least one of the first control entity and the second control entity and has at least one port configurable to enable switching of information. One of the control entities is configured as an active control entity and another of the control entities is configured as a standby control entity. The active control entity is configured to transfer state information for the active control entity that is forwarded to the standby control entity. A method is also provided for rendering control.

Abstract: Methods, apparatuses and systems allowing for bandwidth management schemes responsive to utilization characteristics associated with individual users. In one embodiment, the present invention allows network administrators to penalize users who carry out specific questionable or suspicious activities, such as the use of proxy tunnels to disguise the true nature of the data flows in order to evade classification and control by bandwidth management devices. In one embodiment, each individual user may be accorded an initial suspicion score. Each time the user is associated with a questionable or suspicious activity (for example, detecting the set up of a connection to an outside HTTP tunnel, or peer-to-peer application flow), his or her suspicion score is downgraded. Data flows corresponding to users with sufficiently low suspicion scores, in one embodiment, can be treated in a different manner from data flows associated with other users.

Abstract: Methods apparatuses and systems allowing for an examination of the runtime performance and efficiency of traffic classification configuration associated with bandwidth management and other network devices including network traffic classification functionality. Embodiments of the present invention are operative to identify possible changes to the current traffic classification configurations that improve performance efficiency.

Abstract: A method and system for controlling network traffic with different tags within the same connection by applying policies for each tag are disclosed. A method is disclosed in which incoming traffic is received. A traffic class is assigned to the incoming traffic. A policy is assigned to the incoming traffic based on the assigned traffic class. Outgoing traffic is controlled based on the assigned policy for the incoming traffic.

Abstract: A data traffic shaping system, comprises a plurality of burst groups, each burst group having a burst group credit allocation mechanism configured to earn credit over time; a shaping engine configured to manage incoming entries of traffic and to assign each incoming entry of traffic to a selected queue of the burst group depending on the characteristics of the entry; a plurality of queues, respective queues belonging to respective burst groups; and a bandwidth allocation table including locations identifying a queue and an amount of bandwidth credit to allocate to that queue, the shaping engine being configured to traverse the locations, to determine the bandwidth earned by the queues, such credit only being made available to the queue if its assigned burst group has at least that much credit available at that instant in time, and to process an entry in that queue only if the queue has earned a predetermined minimum amount of credit, relative to the current entry on the queue in question.

Abstract: A system and method identifies the costs to be assigned to each link in a network that can more evenly balance the utilization of links in the network.

Abstract: A system for shaping traffic from a plurality of data streams comprised of a first queuing stage configured to shape traffic from the data streams and having a plurality of shaping queues; and a second queuing stage coupled to the first queuing stage and configured to manage congestion from the first queuing stage that occurs when multiple of the shaping queues become eligible to send traffic at substantially the same time.

Abstract: A system for shaping traffic from a plurality of data streams includes a queuing stage having a plurality of first-in, first-out shaping queues, the queuing stage being configured to classify incoming entries of traffic, and to assign an incoming element of traffic to a selected queue of the first queuing stage depending on characteristics of the element, the queuing stage further being configured to allocate bandwidth to each of the queues using time division multiplexing. A method for shaping traffic from a plurality of data streams includes providing a plurality of first-in, first-out queues; assigning traffic to the queues depending on the characteristics of the traffic; and controlling traffic flow out of the queues using a bandwidth allocation table.

Abstract: A system is provided for prioritizing and queuing traffic from a plurality of data streams. The system includes a queuing structure, processing circuitry, and a search engine. The queuing structure has a plurality of queues. The search engine is implemented on the processing circuitry and is configured to search and edit the queues in order to manage traffic at a given instance in time by traversing each of the queues in a predetermined manner to identify and remove eligible entries from each queue that need to be transmitted. The traffic was previously classified as to type and traffic elements were previously loaded onto selected queues with other traffic elements having a similar traffic type. A method is also provided.