Abstract: Machines, systems and methods for managing quality of service (QoS) in a multi-tenant virtualized computing environment, the method comprising: collecting transmission rate statistics associated with data communicated in a virtual network, wherein at least one virtual switch monitors communications initiated by at least a virtual machine (VM) executed on a host machine serviced by the virtual switch; determining, by way of the virtual switch, profile parameters associated with a first communication initiated by the VM belonging to at least a first group, wherein a connection request is submitted by the virtual switch to a traffic controller to assist in establishing the first communication; classifying the connection request for establishing the first communication according to the profile parameters associated with the first communication; determining a first aggregated transmission rate associated with the VM that initiated the first communication based on the classifying.

Abstract: Embodiments of the present systems and methods may provide techniques for finding failing components in a distributed storage system. For example a method may comprise measuring problems and health of a plurality of physical and logical components in a distributed storage system, the plurality of physical and logical components forming nodes of the distributed storage system, and generating a graph of the nodes organized in a plurality of hierarchical levels, generating, for each node in the graph, a score summarizing the measured problems and health of the node, determining a highest score at a highest hierarchical level of the graph and determining the associated node as a failing component at a most significant level.

Abstract: A method, computerized apparatus and a computer program product for anomaly detection in a distributed system. The method comprises obtaining measurements of metrics of the distributed system within a timeframe. Each measurement comprises a time-series of values to a metric associated with an action of a component of the distributed system that was measured within the timeframe. A set of percentiles of the measurements is computed, whereby a dimensionality of the sets of percentiles is larger than a dimensionality of the metrics. A multivariate anomaly detection is performed based on the weights of the percentiles to determine an anomaly in the sets of percentiles. In response to detecting an anomaly, a source of the anomaly is identified based on a subset of the percentiles having weights above a threshold, by determining common components or actions that are common to at least a portion of the subset of the percentiles.

Abstract: A method, computerized apparatus and a computer program product for anomaly detection in a distributed system. The method comprises obtaining measurements of metrics of the distributed system within a timeframe. Each measurement comprises a time-series of values to a metric associated with an action of a component of the distributed system that was measured within the timeframe. A set of percentiles of the measurements is computed, whereby a dimensionality of the sets of percentiles is larger than a dimensionality of the metrics. A multivariate anomaly detection is performed based on the weights of the percentiles to determine an anomaly in the o sets of percentiles. In response to detecting an anomaly, a source of the anomaly is identified based on a subset of the percentiles having weights above a threshold, by determining common components or actions that are common to at least a portion of the subset of the percentiles.

Abstract: Embodiments of the present systems and methods may provide techniques for finding failing components in a distributed storage system. For example a method may comprise measuring problems and health of a plurality of physical and logical components in a distributed storage system, the plurality of physical and logical components forming nodes of the distributed storage system, and generating a graph of the nodes organized in a plurality of hierarchical levels, generating, for each node in the graph, a score summarizing the measured problems and health of the node, determining a highest score at a highest hierarchical level of the graph and determining the associated node as a failing component at a most significant level.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: Machines, systems and methods for managing quality of service (QoS) in a multi-tenant virtualized computing environment, the method comprising: collecting transmission rate statistics associated with data communicated in a virtual network, wherein at least one virtual switch monitors communications initiated by at least a virtual machine (VM) executed on a host machine serviced by the virtual switch; determining, by way of the virtual switch, profile parameters associated with a first communication initiated by the VM belonging to at least a first group, wherein a connection request is submitted by the virtual switch to a traffic controller to assist in establishing the first communication; classifying the connection request for establishing the first communication according to the profile parameters associated with the first communication; determining a first aggregated transmission rate associated with the VM that initiated the first communication based on the classifying.

Abstract: Machines, systems and methods for managing quality of service (QoS) in a multi-tenant virtualized computing environment, the method comprising: collecting transmission rate statistics associated with data communicated in a virtual network, wherein at least one virtual switch monitors communications initiated by at least a virtual machine (VM) executed on a host machine serviced by the virtual switch; determining, by way of the virtual switch, profile parameters associated with a first communication initiated by the VM belonging to at least a first group, wherein a connection request is submitted by the virtual switch to a traffic controller to assist in establishing the first communication; classifying the connection request for establishing the first communication according to the profile parameters associated with the first communication; determining a first aggregated transmission rate associated with the VM that initiated the first communication based on the classifying.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: A learning-based computer network security system may include a service delivery controller executing on one or more of hardware processors that receives requests for transmitting network flows to one or more destination machines via a communication network. The service delivery controller may group the network flows into one or more similarity groups, and direct the network flows in a particular similarity group to a learning-based security appliance instance designated for the particular similarity group. Based on receiving feedback from the security appliance instance, the service delivery controller may regroup the similarity groups, and/or redirect the network flows, and/or redistribute the training results between the appliances, and/or modify assignment of appliances to similarity groups.

Abstract: Machines, systems and methods for managing quality of service (QoS) in a multi-tenant virtualized computing environment, the method comprising: collecting transmission rate statistics associated with data communicated in a virtual network, wherein at least one virtual switch monitors communications initiated by at least a virtual machine (VM) executed on a host machine serviced by the virtual switch; determining, by way of the virtual switch, profile parameters associated with a first communication initiated by the VM belonging to at least a first group, wherein a connection request is submitted by the virtual switch to a traffic controller to assist in establishing the first communication; classifying the connection request for establishing the first communication according to the profile parameters associated with the first communication; determining a first aggregated transmission rate associated with the VM that initiated the first communication based on the classifying.

Abstract: Machines, systems and methods for managing quality of service (QoS) in a multi-tenant virtualized computing environment, the method comprising: collecting transmission rate statistics associated with data communicated in a virtual network, wherein at least one virtual switch monitors communications initiated by at least a virtual machine (VM) executed on a host machine serviced by the virtual switch; determining, by way of the virtual switch, profile parameters associated with a first communication initiated by the VM belonging to at least a first group, wherein a connection request is submitted by the virtual switch to a traffic controller to assist in establishing the first communication; classifying the connection request for establishing the first communication according to the profile parameters associated with the first communication; determining a first aggregated transmission rate associated with the VM that initiated the first communication based on the classifying.

Abstract: A learning-based computer network security system may include a service delivery controller executing on one or more of hardware processors that receives requests for transmitting network flows to one or more destination machines via a communication network. The service delivery controller may group the network flows into one or more similarity groups, and direct the network flows in a particular similarity group to a learning-based security appliance instance designated for the particular similarity group.

Abstract: A method includes converting, by a computer, a set of context-aware data forwarding policies to a set of network configuration forwarding rules for one or more data forwarding devices in a network having a dynamic context, and conveying, to the data forwarding devices, the set of network configuration forwarding rules. Upon detecting a change in the dynamic context of the network, the set of network configuration forwarding rules ae updated based on the set of context-aware data forwarding policies and the change in the dynamic context, and the updated set of network configuration forwarding rules are conveyed to the data forwarding devices.

Abstract: A learning-based computer network security system may include a service delivery controller executing on one or more of hardware processors that receives requests for transmitting network flows to one or more destination machines via a communication network. The service delivery controller may group the network flows into one or more similarity groups, and direct the network flows in a particular similarity group to a learning-based security appliance instance designated for the particular similarity group. Based on receiving feedback from the security appliance instance, the service delivery controller may regroup the similarity groups, and/or redirect the network flows, and/or redistribute the training results between the appliances, and/or modify assignment of appliances to similarity groups.

Abstract: Embodiments of the present invention provide methods, computer program products, and systems for fulfilling a service chain request. Embodiments of the present invention can be used to collect network data of a plurality of instances of services and connections between the plurality of instances of services and redefine service chains to direct flow to an alternative instance of a service responsive to determining that an instance of a service in a service chain has become inaccessible. Embodiments of the present invention can be used to fulfill a service chain request and avoid one or more instances of services (and/or connections there between) that could cause a delay between transmitting data packets through the service chain.

Abstract: A method includes converting, by a computer, a set of context-aware data forwarding policies to a set of network configuration forwarding rules for one or more data forwarding devices in a network having a dynamic context, and conveying, to the data forwarding devices, the set of network configuration forwarding rules. Upon detecting a change in the dynamic context of the network, the set of network configuration forwarding rules ae updated based on the set of context-aware data forwarding policies and the change in the dynamic context, and the updated set of network configuration forwarding rules are conveyed to the data forwarding devices.