Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: In one embodiment, a system for managing communication connections in a virtualization environment includes a plurality of host machines implementing a virtualization environment, wherein each of the host machines includes a hypervisor, at least one user virtual machine (user VM), and a distributed file server that includes file server virtual machines (FSVMs) and associated local storage devices. Each FSVM and associated local storage device are local to a corresponding one of the host machines, and the FSVMs conduct I/O transactions with their associated local storage devices based on I/O requests received from the user VMs. Each of the user VMs on each host machine sends each of its representative I/O requests to an FSVM that is selected by one or more of the FSVMs for each I/O request based on a lookup table that maps a storage item referenced by the I/O request to the selected one of the FSVMs.

Abstract: In one embodiment, a system for managing a virtualization environment includes a set of host machines, each of which includes a hypervisor, virtual machines, and a virtual machine controller, and a first virtualized file server configured to receive a request to access a storage item located at a second virtualized file server, determine that the storage item is designated as being accessible by other virtualized file servers, identify an FSVM of the second virtualized file server at which the storage item is located, and forward the request to the FSVM of the second virtualized file server. The storage item may be designated as being accessible by other virtualized file servers when the storage item is associated with a predetermined tag value indicating that the storage item is shared among virtualized file servers. The predetermined tag value may be stored in a sharding map in association with the storage item.

Abstract: A structural feature of a structure is identified by obtaining a global point cloud representation of the structure and obtaining a target point cloud that represents a target structural feature, wherein the target point cloud is a subset of the global point cloud representation of the structure. The global structural information and the target point cloud are supplied to a feature clustering process that produces a clustered representation of the structure, wherein the global structural information is derived from the global point cloud representation of the structure, the clustered representation is smaller than the global structural information, and the clustered representation comprises data points clustered around structural features that are similar the target point cloud. The clustered representation and the target point cloud are supplied to a feature matching process that produces one or more matching point clouds, each being a subset of the global point cloud representation of the structure.

Abstract: In one embodiment, a system for managing a virtualization environment includes host machines implementing a virtualization environment, a plurality of clusters of the host machines, a virtualized file server (VFS) comprising a plurality of file server virtual machines (FSVMs), and a VFS cluster manager (CM) configured to distribute storage items among the clusters and receive cluster storage statistics for one or more shares of the VFS. The CM is further configured to, in response to a request from a first FSVM to identify a storage location for a storage item, identify a cluster at which the storage item is to be located based on the cluster storage statistics, identify a second FSVM at which the storage item is to be located based on compute usage statistics of one or more FSVMs in the identified cluster, and send an address of the second FSVM to the first FSVM.

Abstract: A structural feature of a structure is identified by obtaining a global point cloud representation of the structure and obtaining a target point cloud that represents a target structural feature, wherein the target point cloud is a subset of the global point cloud representation of the structure. The global structural information and the target point cloud are supplied to a global registration process that produces a globally registered representation of the structure, wherein the global structural information is derived from the global point cloud representation of the structure. The globally registered representation of the structure and the target point cloud are supplied to a local registration process that produces one or more matching point clouds, wherein each of the one or more matching point clouds is a subset of the global point cloud representation of the structure.

Abstract: Nucleic acid molecules and compositions thereof targeted to fidgetin-like 2, and methods of their use in treating a wound or scar in a human subject are described.

Abstract: In one embodiment, a system for managing a virtualization environment includes host machines implementing a virtualization environment, a plurality of clusters of the host machines, a virtualized file server (VFS) comprising a plurality of file server virtual machines (FSVMs), and a VFS cluster manager (CM) configured to distribute storage items among the clusters and receive cluster storage statistics for one or more shares of the VFS. The CM is further configured to, in response to a request from a first FSVM to identify a storage location for a storage item, identify a cluster at which the storage item is to be located based on the cluster storage statistics, identify a second FSVM at which the storage item is to be located based on compute usage statistics of one or more FSVMs in the identified cluster, and send an address of the second FSVM to the first FSVM.

Abstract: A breach detection engine detects and mitigates the effects of breaches across one or more data sources. An index is generated based on one or more data sources and the index is queried using keywords indicative of potential breaches. A database of potential breaches is populated based on the query of the index. The potential breach database is queried using keywords associated with a system identity (e.g., a third party). A likelihood of a candidate breach is identified based on a set of breach criteria weights. A network node associated with a candidate breach determined to be an actual breach is identified for isolation or for the performance of one or more additional security actions.

Abstract: An operator node is configured to enable the management of nodes communicatively coupled to the operator node via a network. A selection of node objects is received by the operator node, the selected node objects including software components for inclusion within a node configuration. A configuration policy is generated based on the selected objects, the configuration policy including a set of tests (such as scripts or executables) that, when run, test for the presence of one or more of the selected node objects. A target node is scanned to determine the configuration of the target node, and the set of tests are applied to identify a set of objects identified by the policy but not installed at the target node. The target node is then re-configured to install the identified set of objects at the target node.

Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: According to aspects of the present disclosure, user-defined settings may be assigned to a dummy device in response to a first request. A device identifier of a particular electronic device may later be registered with the dummy device in response to a second request. Based on receiving data indicating an installation procedure of the particular electronic device and based on the device identifier being registered with the dummy device, user-defined settings may be transmitted to cause configuration of at least some of the user-defined settings on the particular electronic device. In some cases, the data indicating an installation procedure corresponds to a beacon from the particular electronic device (e.g., a smart home device), which includes the device identifier. Further, the user-defined settings may be provided to the particular electronic device by another electronic device (e.g., another smart home device).

Abstract: In one embodiment, a system for managing a virtualization environment includes a plurality of host machines, wherein each of the host machines comprises a hypervisor and one or more user virtual machines (user VMs), and a virtual machine controller, one or more virtual disks comprising a plurality of storage devices, a virtualized file server (VFS) comprising a plurality of file server virtual machines (FSVMs), wherein each of the FSVMs is running on one of the host machines. The VFS may be configured to receive a request for storage system information from a user and generate and send a response to the request, wherein the response is customized according to configuration information of the VFS that is specific to the user. The storage system information requested may include a total size of storage available to the user, and the user may have an associated storage quota limit.

Abstract: A breach detection engine detects and mitigates the effects of breaches across one or more data sources. An index is generated based on one or more data sources and the index is queried using keywords indicative of potential breaches. A database of potential breaches is populated based on the query of the index. The potential breach database is queried using keywords associated with a system identity (e.g., a third party). A likelihood of a candidate breach is identified based on a set of breach criteria weights. A network node associated with a candidate breach determined to be an actual breach is identified for isolation or for the performance of one or more additional security actions.

Abstract: An operator node is configured to enable the management of nodes communicatively coupled to the operator node via a network. A selection of node objects is received by the operator node, the selected node objects including software components for inclusion within a node configuration. A configuration policy is generated based on the selected objects, the configuration policy including a set of tests (such as scripts or executables) that, when run, test for the presence of one or more of the selected node objects. A target node is scanned to determine the configuration of the target node, and the set of tests are applied to identify a set of objects identified by the policy but not installed at the target node. The target node is then re-configured to install the identified set of objects at the target node.

Abstract: In one embodiment, a system for managing communication connections in a virtualization environment includes a plurality of host machines implementing a virtualization environment, wherein each of the host machines includes a hypervisor, at least one user virtual machine (user VM), and a distributed file server that includes file server virtual machines (FSVMs) and associated local storage devices. Each FSVM and associated local storage device are local to a corresponding one of the host machines, and the FSVMs conduct I/O transactions with their associated local storage devices based on I/O requests received from the user VMs. Each of the user VMs on each host machine sends each of its representative I/O requests to an FSVM that is selected by one or more of the FSVMs for each I/O request based on a lookup table that maps a storage item referenced by the I/O request to the selected one of the FSVMs.

Abstract: In one embodiment, a system for managing a virtualization environment includes a set of host machines, each of which includes a hypervisor, virtual machines, and a virtual machine controller, and a data migration system configured to identify one or more existing storage items stored at one or more existing File Server Virtual Machines (FSVMs) of an existing virtualized file server (VFS). For each of the existing storage items, the data migration system is configured to identify a new FSVMs of a new VFS based on the existing FSVM, send a representation of the storage item from the existing FSVM to the new FSVM, such that representations of storage items are sent between different pairs of FSVMs in parallel, and store a new storage item at the new FSVM, such that the new storage item is based on the representation of the existing storage item received by the new FSVM.

Abstract: An internal network can include a plurality of linked internal nodes, each internal node being configured to communicate with other internal nodes or with one or more external servers over an external network. The internal network can analyze the configuration of the internal nodes and the network traffic between internal nodes of the internal network and external servers. Based on the analysis, a network vulnerability score measuring the vulnerability of the internal network to attack can be determined. If the vulnerability score is below a threshold, the internal network can be isolated from the external network, for example by preventing internal nodes from communicating with or over the external network.

Abstract: In one embodiment, a system for managing a virtualization environment includes a set of host machines, each of which includes a hypervisor, virtual machines, and a virtual machine controller, and a virtualized file server backup system configured to identify backup data, wherein the backup data comprises data stored on the virtual disks and VFS configuration information, and the first data is identified in accordance with a backup policy, send the backup data to one or more remote sites for storage, and, in response to detection of changes in the backup data, send the changes to the remote sites in accordance with a replication policy. The backup data may be identified based on a protection domain associated with the backup policy. The data stored on the VFS may include one or more storage objects. The storage objects may include shares, groups of shares, files, or directories.

Abstract: An administration device for intravitreal administration of a fluid wherein a second actuation part of the administration device is configured to axially block a plunger rod and/or a first actuation part of the administration device, where in the second actuation part is to be actuated in order to axially release the plunger rod and/or the first actuation part such that the first actuation part can be actuated. The administration device has a securing member that is configured to block a back-movement of the plunger rod and/or the first actuation part at least in an initial position and/or in an administration position of the plunger rod and wherein the securing member is configured to block actuation of the second actuation part before reaching the administration position of the plunger rod.