Abstract: Described are methods of dephosphorylation. Methods of dephosphorylation include contacting a phosphate containing substrate with one or more CeO2 nanocrystal. Also described is modifying the pH of the dephosphorylation reaction to affect the amount and rate of dephosphorylation. Further described are methods of making CeO2 nanocrystals of the present disclosure.

Abstract: Dialysis is enhanced by using nanoclay sorbents to better absorb body wastes in a flow-through system. The nanoclay sorbents, using montmorillonite, bentonite, and other clays, absorb significantly more ammonium, phosphate, and creatinine, and the like, than conventional sorbents. The montmorillonite, the bentonite, and the other clays may be used in wearable systems, in which a dialysis fluid is circulated through a filter with the nanoclay sorbents. Waste products are absorbed by the montmorillonite, the bentonite, and the other clays and the dialysis fluid is recycled to a patient's peritoneum. Using an ion-exchange capability of the montmorillonite, the bentonite, and the other clays, waste ions in the dialysis fluid are replaced with desirable ions, such as calcium, magnesium, and bicarbonate. The nanoclay sorbents are also useful for refreshing a dialysis fluid used in hemodialysis and thus reducing a quantity of the dialysis fluid needed for the hemodialysis.

Abstract: Various systems, devices, storage media, and methods are discussed for performing secured access service edge (SASE) processing in a network potentially having multiple SASE processing capable devices.

Abstract: The present disclosure provides methods of producing a preparation of fibroadipogenic progenitors (FAPs) from a cell mixture. In certain embodiments, the present disclosure provides a method of producing a preparation of human FAPs from a skeletal muscle biopsy sample for later use.

Abstract: Various embodiments provide embodiments provide systems and methods for performing edge processing using selectively suspended network security processing.

Abstract: Various embodiments provide embodiments provide systems and methods for performing edge processing using selectively suspended network security processing.

Abstract: When a mobile device such as a smart phone comes within range of a location device, the mobile device inputs a location token from the location device and a travel token is created from a mobile device token and the location token. The mobile and location tokens may include data elements indicating not only identity, but also such other characteristics as an authorization or infection risk level. Tokens may be digitally signed, preferably with an independently verifiable signature that also encodes time. Mobile and location devices may be created and issued by a tracking service provider, which may also store tokens, analyze travel tokens with respect to a location's risk level, and update mobile device and location tokens to change a status of the mobile or location device.

Abstract: Systems, devices, and methods are discussed for treating a number of network security devices in a cooperative security fabric as a unified object for configuration purposes.

Abstract: When a mobile device such as a smart phone comes within range of a location device, the mobile device inputs a location token from the location device and a travel token is created from a mobile device token and the location token. The mobile and location tokens may include data elements indicating not only identity, but also such other characteristics as an authorization or infection risk level. Tokens may be digitally signed, preferably with an independently verifiable signature that also encodes time. Mobile and location devices may be created and issued by a tracking service provider, which may also store tokens, analyze travel tokens with respect to a location's risk level, and update mobile device and location tokens to change a status of the mobile or location device.

Abstract: When a mobile device such as a smart phone comes within range of a location device, the mobile device inputs a location token from the location device and a travel token is created from a mobile device token and the location token. The mobile and location tokens may include data elements indicating not only identity, but also such other characteristics as an authorization or infection risk level. Tokens may be digitally signed, preferably with an independently verifiable signature that also encodes time. Mobile and location devices may be created and issued by a tracking service provider, which may also store tokens, analyze travel tokens with respect to a location's risk level, and update mobile device and location tokens to change a status of the mobile or location device.

Abstract: When a mobile device such as a smart phone comes within range of a location device, the mobile device inputs a location token from the location device and a travel token is created from a mobile device token and the location token. The mobile and location tokens may include data elements indicating not only identity, but also such other characteristics as an authorization or infection risk level. Tokens may be digitally signed, preferably with an independently verifiable signature that also encodes time. Mobile and location devices may be created and issued by a tracking service provider, which may also store tokens, analyze travel tokens with respect to a location's risk level, and update mobile device and location tokens to change a status of the mobile or location device.

Abstract: Methods and systems are provided for an improved cluster-based network architecture. According to one embodiment, an active connection is established between a first interface of a network device and an enabled interface of a first cluster unit of an HA cluster of network security devices. The HA cluster is configured to provide connectivity between network devices of an internal and external network. A backup connection is established between a second interface of the network device and a disabled interface of a second cluster unit. While the first cluster unit is operational and has connectivity, it receives and processes all network traffic from the network device that is destined for the external network. Upon determining the first cluster unit has failed or has lost connectivity, then all subsequent network traffic originated by the network device that is destined for the external network is directed to the second cluster unit.

Abstract: Systems and methods for implementing a cooperative security fabric (CSF) protocol are provided. According to one embodiment, an NSD of multiple NSDs participates in the dynamic construction of a CSF interconnecting the NSDs in a form of a tree, having multiple nodes each representing one of the NSDs, based on hierarchical interconnections between the NSD and directly connected upstream and downstream NSDs. A communication channel is established by a backend daemon of the NSD with a directly connected upstream node of the NSD within the CSF through which queries and replies are communicated and through which periodic keep-alive messages and responses are exchanged between the upstream node and the NSD. A CSF protocol is enforced by a forward daemon of the NSD that limits issuance of query messages to those originated by a source NSD representing an upstream node and directed to a destination NSD representing a downstream node.

Abstract: Systems and methods for monitoring compliance with security goals by a network or part thereof are provided. According to one embodiment, a topology of a network segment of a private network is discovered by a network security device associated with the private network. Security policies implemented by one or more network security devices that form part of the network segment are learned by the network security device. Compliance with a security goal associated with the network segment is then determined by the network security device by: (i) analyzing traffic passing through the network segment; (ii) analyzing respective system configurations of the one or more network security devices; and (iii) evaluating performance of the security policies based on the traffic.

Abstract: Systems and methods are described for analysing, sharing and comparing security configurations. According to one embodiment, a security metric for a network segment of a private network is generated based on determination and analysis of network assets, network topology, and one or more defined security criteria representing security features being implemented by one or more network security devices that form part of the network segment, wherein the scoring metric is a quantitative representation of protection level and/or exposure level of the network segment. In an embodiment, the security metric can be shared and compared with security metrics of other network segments.

Abstract: Systems and methods are provided for notifying users within a protected network about various events and information. According to one embodiment, a method includes receiving, by a filtering device, a request originated by an application running on a client device. The method further includes making a determination, by the filtering device, whether the request is to be blocked or allowed, based on the one or more policies. If the request is to be blocked, a notification is provided to a user of the client device regarding the determination by causing the application to display a predefined message.

Abstract: Systems and methods for implementing a cooperative security fabric (CSF) protocol are provided. According to one embodiment, an NSD of multiple NSDs participates in the dynamic construction of a CSF interconnecting the NSDs in a form of a tree, having multiple nodes each representing one of the NSDs, based on hierarchical interconnections between the NSD and directly connected upstream and downstream NSDs. A communication channel is established by a backend daemon of the NSD with a directly connected upstream node of the NSD within the CSF through which queries and replies are communicated and through which periodic keep-alive messages and responses are exchanged between the upstream node and the NSD. A CSF protocol is enforced by a forward daemon of the NSD that limits issuance of query messages to those originated by a source NSD representing an upstream node and directed to a destination NSD representing a downstream node.

Abstract: Systems and methods for implementing a cooperative security fabric (CSF) protocol are provided. According to one embodiment, a CSF of multiple network security devices (NSDs) deployed within a protected network is constructed in a form of a tree, having a root node, one or more intermediate nodes and one or more leaf nodes, based on hierarchical interconnections among the NSDs by determining a relative upstream or downstream relationship among each NSD. Backend daemons of the NSDs establish and maintain a bi-directional tunnel between each parent node within the CSF and its respective child nodes through which queries and replies are communicated and through which periodic keep-alive messages and responses are exchanged. Forward daemons of the NSDs enforce a CSF protocol that limits the issuance of query messages to those originated by an upstream node within the CSF and directed to a downstream node within the CSF.

Abstract: A device for detecting network traffic content is provided. The device includes a first input port configured to receive one or more signatures, each of the one or more signatures associated with content desired to be detected, a second input port configured to receive data associated with network traffic content. The device also includes a processor configured to process the one or more signatures and the data to determine whether the network traffic content matches the content desired to be detected, and an output port configured to couple the device to a computer system of an intended recipient of the network traffic content. The output port passes the network traffic content to the computer system when it is determined that the network traffic content does not match the content desired to be detected.

Abstract: Process, equipment, and computer program product code for configuring a network security device using a hand-held computing device are provided. Default initial settings for a network security device are received by a mobile application running on a hand-held computing device. The default initial settings represent settings that allow the network security device to be remotely managed via a network to which the network security device is coupled. The default initial settings are presented to a network administrator via a touch-screen display of the hand-held computing device. Revisions to or acceptance of the default initial settings are received by the mobile application. The mobile application causes the network security device to be configured with the revised or accepted default initial settings by delivering the settings to the network security device via a management interface to which the hand-held computing device is coupled via a connecting cable.