Abstract: Disclosed is a method of customizing an appliance. The method includes steps of pre-storing a public key in the appliance; connecting the appliance to an external storage device; and booting up the appliance to automatically proceed with the following customization process: obtaining a customization file from the external storage device; authenticating the customization file with the public key; and executing customization with the customization file if the authentication succeeds.

Abstract: Embodiments provide a system and method for network tracking. Through various methods of packet encapsulation or IP option filling, one or more packets of information can be tagged with a unique security tag to prevent unauthorized access. A user agent can be validated by an authentication server through acceptance of one or more user credentials. The authentication server can generate a security token that can be transmitted to the user agent. The user agent can generate a keystream from the security token, and portions of that keystream can be attached to the packets as the security tag. The tagged packets can be forwarded to an authenticator, who can recreate the keystream from a copy of the security token provided by the authentication server. If the tags generated from the authenticator match the tags on the tagged packet, the authenticator can strip the tag from the tagged packet and forward the packet on to its next network address.

Abstract: Embodiments provide a system and method for network tracking. Through various methods of packet encapsulation or IP option filling, one or more packets of information can be tagged with a unique security tag to prevent unauthorized access. A user agent can be validated by an authentication server through acceptance of one or more user credentials. The authentication server can generate a security token that can be transmitted to the user agent. The user agent can generate a keystream from the security token, and portions of that keystream can be attached to the packets as the security tag. The tagged packets can be forwarded to an authenticator, who can recreate the keystream from a copy of the security token provided by the authentication server. If the tags generated from the authenticator match the tags on the tagged packet, the authenticator can strip the tag from the tagged packet and forward the packet on to its next network address.

Abstract: A computer program product for transmitting data flow in a network between two resources using a processing circuit to perform a method which includes obtaining a data record from a first resource, storing the data record and an associated data record identifier in a first memory, transmitting the data record from a first network to a second network, storing the data record and an associated data record identifier in a second memory, determining by an inline service provider whether the data record is suitable for transmission from a first resource to a second resource; based on determining that the data record is suitable for transmission by the inline service provider transmitting only the data record identifier stored in the second memory to the first switch and retrieving the data record stored in the first memory associated with the data record identifier for transmission to the second resource.

Abstract: Selecting a receive side scaling (RSS) key is provided. It is determined whether a defined time interval expired. In response to determining that the defined time interval has expired, it is determined whether one or more keys in a set of randomly generated candidate RSS keys have a higher packet distribution score than an active RSS key. In response to determining that one or more keys in the set of randomly generated candidate RSS keys have a higher packet distribution score than the active RSS key, an RSS key having a highest packet distribution score is selected from the one or more keys in the set of randomly generated candidate RSS keys that have a higher packet distribution score than the active RSS key. The RSS key having the highest packet distribution score is used to distribute incoming network packets across a plurality of processors.

Abstract: Selecting a receive side scaling (RSS) key is provided. It is determined whether a defined time interval expired. In response to determining that the defined time interval has expired, it is determined whether one or more keys in a set of randomly generated candidate RSS keys have a higher packet distribution score than an active RSS key. In response to determining that one or more keys in the set of randomly generated candidate RSS keys have a higher packet distribution score than the active RSS key, an RSS key having a highest packet distribution score is selected from the one or more keys in the set of randomly generated candidate RSS keys that have a higher packet distribution score than the active RSS key. The RSS key having the highest packet distribution score is used to distribute incoming network packets across a plurality of processors.

Abstract: Methods, systems, and computer program products for enabling network services in a multi-tenant IaaS environment are provided. A service portal is deployed in the IaaS environment. In one embodiment, tenant packet associated with a first tenant of the IaaS environment is received by the service portal. The tenant packet is analyzed to identify one or more services to which to transmit the tenant packet. The tenant packet is distributed to the identified services for processing. A processed tenant packet is received from one or more of the identified services. The processed tenant packet is transmitted to a destination.

Abstract: Embodiments pertain to facilitation of live migration of a virtual machine in a network system. During live migration, a first appliance is cloned and state information directed to a first network flow is obtained. The state information is utilized by the cloned appliance to re-direct operations associated with the first network flow. At such time as the first network flow is terminated, the cloned is removed.

Abstract: Embodiment pertain to facilitation of live migration of a virtual machine in a network system. The network system includes a first host, a second host, a first appliance for providing service to the first host, a second appliance for providing service to the second host, and a third appliance. At least one virtual machine is disposed on the first host and has an ongoing first network flow. The first appliance has generated state information about the first network flow. During the migration of the at least one virtual machine to the second host, the third appliance obtains a copy of the state information about the first network flow; and the third appliance takes over from the first appliance to serve the first network flow during the migration of the at least one virtual machine, until the first network flow is terminated.

Abstract: An intelligent network management device including an analytic unit, conducting an analysis according to received packets in order to determine whether a given event is occurred; and a processing unit, generating and sending a control instruction to a SDN controller to change configurations of a SDN switch when the analytic unit determined the given event has been occurred.

Abstract: A computer program product for transmitting data flow in a network between two resources using a processing circuit to perform a method which includes obtaining a data record from a first resource, storing the data record and an associated data record identifier in a first memory, transmitting the data record from a first network to a second network, storing the data record and an associated data record identifier in a second memory, determining by an inline service provider whether the data record is suitable for transmission from a first resource to a second resource; based on determining that the data record is suitable for transmission by the inline service provider transmitting only the data record identifier stored in the second memory to the first switch and retrieving the data record stored in the first memory associated with the data record identifier for transmission to the second resource.

Abstract: An intelligent network management device including an analytic unit, conducting an analysis according to received packets in order to determine whether a given event is occurred; and a processing unit, generating and sending a control instruction to a SDN controller to change configurations of a SDN switch when the analytic unit determined the given event has been occurred.

Abstract: A data packet is received. The data packet is a unit of data transmitted across a packet-switched network. A determination is made whether a new connection is detected. The data packet is transmitted using the new connection. In response to determining that a new connection is detected, a connection context for the new connection is added to a current connection context in a dynamic event table. The dynamic event table includes the current connection context, one or more previous connection contexts, and a listing of one or more events. Each event of the one or more events is a malicious activity and is retrieved from a repository. A score for each event is calculated based on the current connection context. Each event in the dynamic event table is prioritized based on the calculated score for each event. The event with the highest score receives the highest priority.

Abstract: Embodiments provide a system and method for network tracking. Through various methods of packet encapsulation or IP option filling, one or more packets of information can be tagged with a unique security tag to prevent unauthorized access. A user agent can be validated by an authentication server through acceptance of one or more user credentials. The authentication server can generate a security token that can be transmitted to the user agent. The user agent can generate a keystream from the security token, and portions of that keystream can be attached to the packets as the security tag. The tagged packets can be forwarded to an authenticator, who can recreate the keystream from a copy of the security token provided by the authentication server. If the tags generated from the authenticator match the tags on the tagged packet, the authenticator can strip the tag from the tagged packet and forward the packet on to its next network address.

Abstract: As disclosed herein a method, executed by a computer, includes detecting, by an intrusion prevention system, intruder network traffic addressed to a computing device, creating a decoy virtual machine, and redirecting the intruder network traffic to the decoy virtual machine. The method further includes determining one or more attack characteristics of the intruder network traffic, and generating a new intruder signature corresponding to the attack characteristics. The method further includes validating the new intruder signature, and providing the new intruder signature to the intrusion prevention system. A computer system and computer program product corresponding to the above method are also disclosed herein.

Abstract: Methods, systems, and computer program products for enabling network services in a multi-tenant IaaS environment are provided. A service portal is deployed in the IaaS environment. In one embodiment, tenant packet associated with a first tenant of the IaaS environment is received by the service portal. The tenant packet is analyzed to identify one or more services to which to transmit the tenant packet. The tenant packet is distributed to the identified services for processing. A processed tenant packet is received from one or more of the identified services. The processed tenant packet is transmitted to a destination.

Abstract: Embodiment pertain to facilitation of live migration of a virtual machine in a network system. The network system includes a first host, a second host, a first appliance for providing service to the first host, a second appliance for providing service to the second host, and a third appliance. At least one virtual machine is disposed on the first host and has an ongoing first network flow. The first appliance has generated state information about the first network flow. During the migration of the at least one virtual machine to the second host, the third appliance obtains a copy of the state information about the first network flow; and the third appliance takes over from the first appliance to serve the first network flow during the migration of the at least one virtual machine, until the first network flow is terminated.

Abstract: Disclosed is a method of customizing an appliance. The method includes steps of pre-storing a public key in the appliance; connecting the appliance to an external storage device; and booting up the appliance to automatically proceed with the following customization process: obtaining a customization file from the external storage device; authenticating the customization file with the public key; and executing customization with the customization file if the authentication succeeds.

Abstract: An intelligent network management device including an analytic unit, conducting an analysis according to received packets in order to determine whether a given event is occurred; and a processing unit, generating and sending a control instruction to a SDN controller to change configurations of a SDN switch when the analytic unit determined the given event has been occurred.