Abstract: In one embodiment, a method comprises: establishing, from an agent hub device, a tunnel to a remote vantage point device; generating, by the agent hub device, test traffic to appear as though the test traffic originates from the remote vantage point device; encapsulating, by the agent hub device, the test traffic into the tunnel to the remote vantage point device to cause the remote vantage point device to decapsulate the test traffic and send the test traffic as though the test traffic originated from the remote vantage point device; receiving, at the agent hub device, one or more returned test responses in response to the test traffic; and producing, by the agent hub device, test results based on the one or more returned test responses.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: In one embodiment, a method comprises: establishing, from an agent hub device, a tunnel to a remote vantage point device; generating, by the agent hub device, test traffic to appear as though the test traffic originates from the remote vantage point device; encapsulating, by the agent hub device, the test traffic into the tunnel to the remote vantage point device to cause the remote vantage point device to decapsulate the test traffic and send the test traffic as though the test traffic originated from the remote vantage point device; receiving, at the agent hub device, one or more returned test responses in response to the test traffic; and producing, by the agent hub device, test results based on the one or more returned test responses.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: Techniques are described for generating an end-to-end distributed trace in connection with a cloud or datacenter environment. In one example, a server obtains target application telemetry data and external telemetry data associated with one or more correlation identifiers included in one or more network communications provided to a target application in the cloud or datacenter environment. The server aggregates the target application telemetry data and the external telemetry data based on the one or more correlation identifiers to generate an end-to-end distributed trace associated with the one or more network communications.

Abstract: In one embodiment, a method comprises: establishing, from an agent hub device, a tunnel to a remote vantage point device; generating, by the agent hub device, test traffic to appear as though the test traffic originates from the remote vantage point device; encapsulating, by the agent hub device, the test traffic into the tunnel to the remote vantage point device to cause the remote vantage point device to decapsulate the test traffic and send the test traffic as though the test traffic originated from the remote vantage point device; receiving, at the agent hub device, one or more returned test responses in response to the test traffic; and producing, by the agent hub device, test results based on the one or more returned test responses.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: The present disclosure discloses a method and network device for providing tiered network access based on user actions. Specifically, a network device can identify a social action performed by a user, where the social action is performed while the user is logged into a social network application. Furthermore, the network device can select a network access level of a plurality of network access levels based on the social action. Accordingly, the network device grants a client device corresponding to the user access to a network based on the selected network access level. Note that the network access level is selected from the plurality of network access levels based on a plurality of social actions performed by the user.

Abstract: Example implementations relate to network authentication system extensions. For example, network authentication system extensions may be installed and executed using a system. The system may comprise a processing resource and a memory resource storing readable instructions. The instructions may cause the processing resource to initiate an extension system and initiate an application programming interface (API) to manage a plurality of installed extensions in the extension system, where the installed extensions operate on a network authentication system. The instructions may also cause the processing resource to define a particular instance of an installed extension among the plurality of installed extensions and execute installed extensions on the network authentication system.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: Example implementations relate to network authentication system extensions. For example, network authentication system extensions may be installed and executed using a system. The system may comprise a processing resource and a memory resource storing readable instructions. The instructions may cause the processing resource to initiate an extension system and initiate an application programming interface (API) to manage a plurality of installed extensions in the extension system, where the installed extensions operate on a network authentication system. The instructions may also cause the processing resource to define a particular instance of an installed extension among the plurality of installed extensions and execute installed extensions on the network authentication system.

Abstract: The present disclosure discloses a method and network device for providing tiered network access based on user actions. Specifically, a network device can identify a social action performed by a user, where the social action is performed while the user is logged into a social network application. Furthermore, the network device can select a network access level of a plurality of network access levels based on the social action. Accordingly, the network device grants a client device corresponding to the user access to a network based on the selected network access level. Note that the network access level is selected from the plurality of network access levels based on a plurality of social actions performed by the user.

Abstract: The present disclosure discloses a method and network device for providing tiered network access based on user actions. Specifically, a network device can identify a social action performed by a user, where the social action is performed while the user is logged into a social network application. Furthermore, the network device can select a network access level of a plurality of network access levels based on the social action. Accordingly, the network device grants a client device corresponding to the user access to a network based on the selected network access level. Note that the network access level is selected from the plurality of network access levels based on a plurality of social actions performed by the user.

Abstract: A non-transitory computer readable medium storing instructions which, when executed on one or more processors, cause performance of operations. The operations include: receiving a first message from a device; determining, in response to the first message, a media access control (MAC) address of the device; and transmitting, in response to the first message, a second message comprising the MAC address to the device.

Abstract: The present disclosure discloses a system and method for providing multi-factor authorization for IEEE 802.1x-enabled networks. Specifically, a network device authenticates a client device to obtain access to network resources in a network via a network authentication protocol. The network device then detects a device quarantine trigger indicating an increased level of suspicion that a current user of the client device is a non-authenticated user. In response to the device quarantine trigger, the network device temporarily places the client device from an authenticated state to a quarantined state pending completion of a particular workflow by the current user. The client device has limited access to the network resources while in the quarantined state regardless of a previous successful user and/or device authentication.

Abstract: According to one embodiment of the invention, a method for controlling access to a network by a network device comprises returning a message prompting connectivity to a captive portal that is different from a HTTP Source Code redirect. The message is an HTML document such as a frameset.