Abstract: A network element include one or more modules each supporting one or more pluggable modules; and a first manifold and a second manifold each configured to connect to a conduit associated with a coldplate, wherein one of the first manifold and the second manifold is an inlet manifold and the other is an outlet manifold for a cooling fluid that flows through the conduit to cool the one or more pluggable modules. The one or more pluggable modules can be each a pluggable optical module that is one of compliant to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD and have a housing that has dimensions similar to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD.

Abstract: Transparently providing a virtualization feature to an unenlightened guest operating system (OS). A guest partition, corresponding to a virtual machine, is divided into a first guest privilege context and a second guest privilege context. A compatibility component executes within the first guest privilege context, while a guest OS executes within the second guest privilege context. The compatibility component is configured to intercept input/output (I/O) operations associated with the guest operating OS. Based on the compatibility component intercepting an I/O operation associated with the guest OS, the compatibility component processes the I/O operation using a virtualization feature that is unsupported by the guest OS. Examples of the virtualization feature include accelerated access to a hardware device and virtual machine guest confidentiality.

Abstract: A container includes an outer box and an insert sized to fit inside the outer box. The insert includes a bottom wall, a first lateral end coupled to the bottom wall, and a second lateral end coupled to the bottom wall. The first lateral end opposes the second lateral end. The first lateral end may include a first outer wall and a first cradle wall spaced apart from the first outer wall. The first cradle wall may include a first cutout shaped to receive a flange at a first end of a spool of material. The second lateral end may include a second outer wall and a second cradle wall spaced apart from the second outer wall. The second cradle may include a second cutout opening shaped to receive a second end of the spool of the material. The insert may be formed from a rigid material.

Abstract: Methods, systems, and computer program products for direct assignment of physical devices to confidential virtual machines (VMs). At a first guest privilege context of a guest partition, a direct assignment of a physical device associated with a host computer system to the guest partition is identified. The guest partition includes the first guest privilege context and a second guest privilege context, which is restricted from accessing memory associated with the first guest privilege context. The guest partition corresponds to a confidential VM, such that a memory region associated with the guest partition is inaccessible to a host operating system. It is determined, based on a policy, that the physical device is allowed to be directly assigned to the guest partition. Communication between the physical device and the second guest privilege context is permitted, such as by exposing the physical device on a virtual bus and/or forwarding an interrupt.

Abstract: A contact hearing device includes a chassis, sulcus platform and umbo platform wherein the chassis is formed as a single continuous material, the sulcus platform is formed as a single continuous material, and the umbo platform is formed as a single continuous material. The chassis may include a receiver mount, a motor mount pocket and a central frame. The sulcus platform includes one or more registration features adapted to mate with at least a portion of the chassis, the umbo platform includes a drive post landing pad, the drive post landing pad including at least one alignment feature.

Abstract: Data-at-rest protection for virtual machines includes operating a data protection component within a first privilege context of a guest partition, and operating a guest operating system (OS) within a second privilege context of the guest partition. The data protection component participates in data input/output operations of the guest OS. Based on a data output operation of the guest OS, the data protection component applies a first data protection operation to first data associated with the data output operation; and initiates storage of a first result of the first data protection operation to a data storage device. Based a data input operation of the guest OS, the data protection component applies a second data protection operation to second data associated with the data input operation; and, based on applying the second data protection operation to the second data, communicates an outcome of the data input operation to the guest OS.

Abstract: A network element include one or more modules each supporting one or more pluggable modules; and a first manifold and a second manifold each configured to connect to a conduit associated with a coldplate, wherein one of the first manifold and the second manifold is an inlet manifold and the other is an outlet manifold for a cooling fluid that flows through the conduit to cool the one or more pluggable modules. The one or more pluggable modules can be each a pluggable optical module that is one of compliant to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD and have a housing that has dimensions similar to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD.

Abstract: Isolating resources of a virtual machine (VM) guest from a host operating system. A computer system receives an acceptance request from a guest partition corresponding to an isolated VM. The acceptance request identifies a guest memory page that is mapped into a guest physical address space of the guest partition, and a memory page visibility class. The computer system determines whether a physical memory page that is mapped to the guest memory page meets the memory page visibility class. The computer system sets a page acceptance indication for the guest memory page from an unaccepted state to an accepted state based on the physical memory page meeting the memory page visibility class.

Abstract: This document describes, among other things, systems and methods for more efficiently resuming a client-to-origin TLS session through a proxy layer that fronts the origin in order to provide network security services. At the time of an initial TLS handshake with an unknown client, for example, the proxy can perform a set of security checks. If the client passes the checks, the proxy can transmit a ‘proxy token’ upstream to the origin. The origin can incorporate this token into session state data which is passed back to and stored on the client, e.g., using a TLS session ticket extension field, pre-shared key extension field, or other field. On TLS session resumption, when the client sends the session state data, the proxy can recover its proxy token from the session state data, and upon successful validation, bypass security checks that it would otherwise perform against the client, thereby more efficiently handling known clients.

Abstract: The techniques disclosed herein enable a system to configure a confidential virtual resource unit by provisioning a security component to a tenant's virtual resource unit. The system creates multiple different virtual trust layers within the confidential virtual resource unit. This creation effectively defines security boundaries between the virtual trust layers. The virtual trust layers are associated with different privileges, such that a higher privileged virtual trust layer is provided with more privileges compared to a lower privileged virtual trust layer. In one example, a lower privileged virtual trust layer may include basic virtual resource components (e.g., drivers, applications, processes, functions, workloads executing within a guest operating system) and a higher privileged virtual trust layer is the location to which a virtual security component is provisioned by the system.

Abstract: Novel compounds and compositions including the same and methods of manufacturing and using the same, particularly for inhibiting HDAC or HDAC activity, and more particularly for enhancing renal recovery following acute kidney injury (AKI), preferably through HDAC inhibition.

Abstract: Novel compounds and compositions including the same and methods of manufacturing and using the same, particularly for increasing klotho gene expression, and more particularly for increasing circulating or soluble Klotho protein levels through increasing klotho gene expression.

Abstract: A networking hardware system includes a housing; a board located in the housing and comprising a plurality of components; a liquid cooled heat exchanger; and one or more fans disposed near the liquid cooled heat exchanger and configured to provide cool airflow from the liquid cooled heat exchanger to any of the plurality of components. The housing can be substantially sealed from an external environment and includes no air intake thereon, removing a need for higher powered fans and for air filtering for dust. The housing can include a faceplate with no air intake thereon, providing increased density for ports on the faceplate.

Abstract: Systems and methods for authenticating a peripheral device prior to allowing the peripheral device access to components and data stored on user equipment. In some examples, the user equipment may include an authorization component that is configured to physically decouple a hardware interface from other components of the user equipment until the authorization component is able to authenticate the peripheral device. Both authorized peripheral devices and the user equipment may be provisioned with authorization data and/or credentials from a system outside the control of the individual users of the user equipment.

Abstract: Described herein are GPR35 modulators and methods of using these compounds in the treatment of diseases, disorders or conditions. Also described herein are pharmaceutical compositions containing such compounds.

Abstract: A system for securing electronic devices includes a processor, non-transitory machine readable storage medium communicatively coupled to the processor, security applications, and a security controller. The security controller includes computer-executable instructions on the medium that are readable by the processor. The security application is configured to determine a suspicious file from a client using the security applications, identify whether the suspicious file has been encountered by other clients using the security applications, calculate a time range for which the suspicious file has been present on the clients, determine resources accessed by the suspicious file during the time range, and create a visualization of the suspicious file, a relationship between the suspicious file and the clients, the time range, and the resources accessed by the suspicious file during the time range.

Abstract: A multi-tenant service platform provides network services, such as content delivery, edge compute, and/or media streaming, on behalf of, or directly for, a given tenant. The service platform offers a policy layer enabling each tenant to specify levels of acceptable performance degradation that the platform may incur so that the platform can use electricity with desirable characteristics to service client requests associated with that tenant. Service nodes in the platform (e.g., edge servers) enforce the policy layer at the time of a service request. Preferably, the ‘quality’ of the electricity is a measurement of source of the energy, e.g., whether it is sourced from high-carbon fossil fuels (low-quality) or low-carbon renewables (high-quality). If the desired quality of electricity cannot be achieved, the node can resort to using less electricity to handle the request, which is achieved in a variety of ways.

Abstract: A network element include one or more modules each supporting one or more pluggable modules; and a first manifold and a second manifold each configured to connect to a conduit associated with a coldplate, wherein one of the first manifold and the second manifold is an inlet manifold and the other is an outlet manifold for a cooling fluid that flows through the conduit to cool the one or more pluggable modules. The one or more pluggable modules can be each a pluggable optical module that is one of compliant to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD and have a housing that has dimensions similar to any of XFP, SFP, XENPAK, X2, CFP, CFP2, CFP4, CFP8, QSFP, QSFP+, QSFP28, OSFP, and QSFP-DD.

Abstract: A system for securing electronic devices includes a processor, non-transitory machine readable storage medium communicatively coupled to the processor, security applications, and a security controller. The security controller includes computer-executable instructions on the medium that are readable by the processor. The security application is configured to determine a suspicious file from a client using the security applications, identify whether the suspicious file has been encountered by other clients using the security applications, calculate a time range for which the suspicious file has been present on the clients, determine resources accessed by the suspicious file during the time range, and create a visualization of the suspicious file, a relationship between the suspicious file and the clients, the time range, and the resources accessed by the suspicious file during the time range.

Abstract: A steerable catheter comprises a transducer that is situated at a flexible distal end, and is coupled to the handle of the catheter via an insertion tube. The flexible distal end is controlled by a plurality of articulation pull-cables that extend from an articulation control device in the handle to the far end of the distal end, such that when one articulation pull-cable is pulled, and the opposing articulation pull-cable is slackened, the flexible distal end bends in the direction of the tensioned articulation pull-cable. To minimize pull-resistance over time, while still providing insertion-tube flexibility, inserts having pull-cable lumens are situated in the insertion tube to isolate each articulation pull-cable from each other, and from other cables that couple the transducer to the handle.