Abstract: Disclosed are various examples of device and management service integration using a device connector service that acts as a proxy. The device connector service can receive a device communication that is relayed by a device connector client executed on an edge device. The device communication includes device connector authentication data, and a device identifier for a device. The device communication is modified into a modified device communication that includes management service authentication data, and a management unique device identifier (UDID) that is different from the device identifier. The device connector service transmits the modified device communication to a management service.

Abstract: A processor may detect a risk on a local machine. The processor may determine that the risk warrants a heightened-level remediation. The processor may connect the local machine to a cloud-based desktop environment. The processor may perform the heightened-level remediation on the local machine. The processor may merge data from the cloud-based desktop environment to the local machine in response to the heightened-level remediation being performed.

Abstract: Techniques for monitoring enterprise networks with endpoint agents are disclosed. In some embodiments, a system, process, and/or computer program product for monitoring enterprise networks with endpoint agents includes deploying a plurality of endpoint agents to a plurality of endpoint devices; collecting test results from each of the plurality of endpoint agents, wherein the test results are based on tests executed on each of the plurality of endpoint devices for monitoring network activity; and generating a graphical visualization of an application delivery state for one or more application delivery layers based on the test results, generating an alert based on the test results, or generating a report based on the test results.

Abstract: An account protection service to prevent user login or other protected endpoint request abuse. In one embodiment, the service collects user recognition data, preferably for each login attempt (e.g. data about the connection, session, and other relevant context), and it constructs a true user profile for each such user over time, preferably using the recognition data from successful logins. The profile evolves as additional recognition data is collected from successful logins. The profile is a model of what the user “looks like” to the system. For a subsequent login attempt, the system then calculates a true user score. This score represents how well the current user recognition data matches the model represented by the true user profile. The user recognition service is used to drive policy decisions and enforcement capabilities. Preferably, user recognition works in association with bot detection in a combined solution.

Abstract: A server system sends, via a linearly ordered communication orbit, to computational machines at a first subset of nodes in a computer network, a set of local environment verification tests and a set of mappings that map results of the local environment verification tests into a set of risk scores. Requests sent by the server system cause the computational machines at the plurality of nodes to: locally evaluate the set of local environment verification tests to produce test results, and locally map the test results using the set of mappings into a set of risk scores. Queries sent by the server cause the computational machines at the plurality of nodes to return to the server system at least a portion of the test results and risk scores. The server, identifies, based on the received test results and risk scores, computational machines and/or control categories having risk scores satisfying predefined criteria.

Abstract: A computing device may be configured to provide a shared N4 termination function for a plurality of Session Management Function (SMF) instances of an SMF Set and interface with one or more User Plane Function (UPF) instances. To achieve this, the computing device may operate a server configured with a Remote Procedure Call (RPC)-based protocol (e.g. gRPC Remote Procedure Call or “gRPC”) for a Packet Forwarding Control Protocol (PFCP) message service for serving a plurality of client stubs respectively situated at the plurality of SMF instances. The server may perform processing associated with each client stub by receiving an RPC-based protocol message which indicates a request, unpacking the RPC-based protocol message for obtaining PFCP message request data, and operating or interfacing with a PFCP message handling client for sending a PFCP message having the PFCP message request data to an indicated one of the UPF instances.

Abstract: The invention relates to a computer-implemented system for security monitoring of Member accounts in a cloud environment. The Member accounts are provided as instances of cloud services in one or more monitored clouds by one or more cloud service providers. The system is programmed to automatically deploy software agents to the Member accounts. The software agents are configured to monitor activities in the Member accounts and to push security and operations data to a SIEM platform. The security and operations data may comprise alerts and activity logs for the Member accounts, public internet protocol (IP) addresses used by the Member accounts, and identifying information for individuals and information technology (IT) assets associated with the Member accounts. The system includes a user interface to define customized alerts based on the security and operations data, and the system generates and sends the customized alerts to a system administrator or security analyst.

Abstract: Described herein are systems, methods, and software to manage replay windows in multipath connections between gateways. In one implementation, a first gateway may receive a packet directed toward a second gateway and identify a path from a plurality of paths to the second gateway. Once identified, the first gateway may increment a sequence number associated with the path and encapsulate the packet with a unique identifier for the path in the header with the incremented sequence number. The first gateway the communicates the encapsulated packet to the second gateway.

Abstract: Systems and methods are described for backing up confidential data using user devices on the same local network. In an example, a first user device can download a data file from a server. The first user device can connect to the server on the same local network as a second user device. A user can select to delete the file from the first user device. The first user device can send the data file to the second user device using a local Internet Protocol (“IP”) address of the second user device. The second user device can store the data file on its local storage. If the user chooses to retrieve the data file to the first user device again, and if the user devices are on the same local network, the first user device can retrieve the data file from the second user device instead of the server.

Abstract: A method and system for storing content includes determining candidate locations for pre-positioning a content at a content distribution system within a network. The method further includes communicating probe signals to the candidate locations, generating acknowledgement signals at candidate locations comprising storage availability data and compute data, selecting a real-time communication of the content or a pre-positioning communication of the content to form a selected communication based on dormant network capacity and at least one of a likelihood of consumption, the likelihood of consumption relative to a cost of storage, a cost of compute, and comparison of a cost of serving the content in real-time and a cost of serving the content using pre-positioning, selecting a selected content storage location for the content based on the storage availability data and compute data from the acknowledgment signals. The content is communicated to and stored at the selected content storage location.

Abstract: Edge clusters execute in a plurality of regional clouds of a cloud computing platforms, which may include cloud POPs. Edge clusters may be programmed to control access to applications executing in the cloud computing platform. Edge clusters and an intelligent routing module route traffic to applications executing in the cloud computing platform. Cost and latency may be managed by the intelligent routing module by routing requests over the Internet or a cloud backbone network and using or bypassing cloud POPs. The placement of edge clusters may be selected according to measured or estimated latency. Latency may be estimated using speed test servers and the locations of speed test servers may be verified.

Abstract: At a recovery manager associated with a cluster, a determination is made as to whether a replacement for a first node of the cluster can be elected by the other nodes of the cluster using a first election protocol. The recovery manager selects a second node of the cluster as a replacement for the first node, based on data item replication progress made at the node, and transmits an indication that the second node has been selected to one or more nodes of the cluster.

Abstract: The federal government requires organizations it partners with to comply with a higher level of security requirements and issues guideline detailing vulnerabilities within computer systems, assessments to be conducted, and security requirements. Previously, the security assessments required to be in compliance with the government's security requirements were mostly conducted manually, creating a labor and time intensive process. The present disclosure provides computerized systems and methods that intelligently and dynamically conduct automatic security assessments to determine security compliance for one or more applications. These systems and methods significantly improve the security assessment process and result in significant savings of time, labor, and money.

Abstract: Techniques process an access management permission. Such techniques involve: receiving, from a client, a first request for obtaining an access management permission of a file. The techniques further involve: obtaining a current score of the file, wherein the current score indicates a probability of receiving, after the access management permission is assigned to the client, a second request conflicting with the first request. The techniques further involve: assigning the access management permission to the client if it is determined that the current score is greater than or equal to a threshold score. Such techniques alleviate the need to assign, to a client, the access management permission of a file with a high probability of an access conflict, thus enhancing the performance of the server as well as the user experience.

Abstract: A system for managing storage of data in a information handling systems includes a first information handling system, and a specialized information handling system comprising an enhanced networking interface, wherein the enhanced networking interface is programmed to: obtain data to be processed by the system, perform a data sharding analysis using telemetry data to identify the first information handling system, and transmit the data to the first information handling system based on the identifying.

Abstract: An information handling system includes location sensor circuitry and a processor. The location sensor circuitry determines location data for the information handling system. The processor receives a unique session tag from a cloud server. The unique session tag is utilized to identify individuals associated with an event. The processor also provides the location data for the information handling system and the unique session tag to the cloud server. The processor receives one or more proposed destination points for the event from the cloud server. The processor receives a selection of one of the proposed destination points, and provides the selected destination point to the individuals associated with the event.

Abstract: The present disclosure provides information interaction methods, apparatuses, systems, and devices, storage media and computer programs. The method includes: publishing a remote procedure call, RPC, message to a service-side; and in response to detecting that a response message with respect to the RPC message exists on the service-side, obtaining the response message, where the response message is published to the service-side by a called device indicated in the RPC message, and the response message is acquired by the called device processing the RPC message after detecting the RPC message at the service-side.

Abstract: A method and a server device for providing an IoT platform service are provided. According to at least one aspect of the present disclosure, a method of providing an IoT platform service, which is performed by an IoT platform server apparatus, generates a shadow device corresponding to an IoT device, manages state information of the IoT device through the corresponding shadow device, and registers and administers a specification (i.e., a device descriptor) regarding common features of a plurality of devices.

Abstract: A method for updating an electronic mail (“email”) message presented to a user on a display screen of a data processing system, the email message belonging to a thread of email messages received by the data processing system, the method comprising: determining whether one or more of the email messages in the thread was received after the email message is opened on the display screen; and, if so, displaying an update message on the display screen indicating that one or more of the email messages in the thread was so received.

Abstract: When a media program hosted by a creator is played by devices of listeners, the listeners execute gestures or other interactions with user interfaces displayed on the devices. Times at which the interactions are received are tracked, and the interactions are interpreted to characterize feedback regarding media content being played at the times at which the interactions are received. Portions of the media program that are of high interest to listeners, as determined by such interactions, are identified and combined into consolidated media programs and stored. The consolidated media programs formed from such portions are available to listeners, in a prerecorded format, as condensed alternatives to the media programs.