Abstract: According to various embodiments, methods, apparatuses and systems are provided that allow a management server coupled to a managed device to establish a management session with a management station in accordance with a management protocol. A management server may forward to the management station modified user interface display that provides additional functions to the management station. The management station may interact with the modified user interface display and evoke the additional functions through the use of keyboard, mouse or any suitable user interface input means. Other embodiments may be described and claimed.

Abstract: A manageability engine, and/or operations thereof, for controlling access to one or more resources of a computer device. In an embodiment, the manageability engine executes an authentication agent to perform authentication of a local user of a computer platform which includes the manageability engine. In another embodiment, the manageability engine includes a device driver to control an input/output device for the local user to exchange an authentication factor via a trusted path between the input/output device and the manageability engine.

Abstract: A manageability engine, and/or operations thereof, for controlling access to one or more resources of a computer device. In an embodiment, the manageability engine executes an authentication agent to perform authentication of a local user of a computer platform which includes the manageability engine. In another embodiment, the manageability engine includes a device driver to control an input/output device for the local user to exchange an authentication factor via a trusted path between the input/output device and the manageability engine.

Abstract: According to various embodiments, methods, apparatuses and systems are provided that allow a management server coupled to a managed device to establish a management session with a management station in accordance with a management protocol. A management server may forward to the management station modified user interface display that provides additional functions to the management station. The management station may interact with the modified user interface display and evoke the additional functions through the use of keyboard, mouse or any suitable user interface input means. Other embodiments may be described and claimed.

Abstract: A provisioning method and mechanism for computer systems having embedded network devices. After an initial boot-up of a computer platform, an out-of-band (OOB) controller automatically connects to a corporate DHCP (Dynamic Host Configuration Protocol) server to obtain an IP (Internet Protocol) address and a domain name in which the computer platform is running. The domain name is concatenated with a pre-defined host name to obtain a FQDN (Fully Qualified Domain Name) for a provisioning server. The OOB controller then establishes a TCP connection to the provisioning server. A server certificate chain received from the provisioning server is validated. An attempt to login to the provisioning server is made. If corporate security policy dictates granting access to the computer platform, then provisioning configuration data is received over a secure and encrypted channel.

Abstract: An embodiment of the present invention is a technique to provide secure Virtual Private Network (VPN) connection. A VPN connection is established to a remote gateway via a network adapter using a Firmware on a platform. An event is generated to notify an operating system (OS) network driver through a bus interface port. A request from the OS network driver is responded to provide network information.

Abstract: Methods and apparatuses for synchronizing the exchange of cryptography information between kernel drivers. A high level application in an electronic system passes a pointer to a base driver. The pointer is a unique identifier for cryptography information, such as a Security Association (SA), that the base driver uses to populate a cryptography information table for performing cryptography operations on secure traffic data packets. If the network interface device and/or its associated driver are reset, the pointer is used to repopulate the cryptography information table with specific cryptography information needed to perform cryptography operations on the data packets.

Abstract: A capability of a device may be registered to an adapter. This capability may characterize the device in terms of tasks performing abilities that may be available or associated therewith. When a packet of data including a task to be handled is received at the adapter, based on the capability registered earlier for the device, the adapter may determine whether to assign the task to the device. An indication, such as packet processing information may be derived from the packet to assist in distribution of the task. By comparing the indication with the capability, the task may be offloaded to the device based on the comparison. Using the device for a networked device, in one embodiment, one or more network communication tasks associated with data communications may be distributed and optionally performed within an adapter. In this way, the networked device may be spared of undertaking network communication tasks that are conventionally performed within the networked device.

Abstract: Processing data of a first file of a processing system may be accomplished by splitting the first file into the first file and another file at the location of a split offset without copying the files; repeating the splitting of the first file a number of times using a specified split offset for each split file operation to create a plurality of files; joining the first file and a selected one of the plurality of files having desired data into the first file without copying the files; and repeating the joining of the first file and selected ones of the plurality of files to reconstruct the first file, the first file including only desired data after all join operations are completed.

Abstract: A provisioning method and mechanism for computer systems having embedded network devices. After an initial boot-up of a computer platform, an out-of-band (OOB) controller automatically connects to a corporate DHCP (Dynamic Host Configuration Protocol) server to obtain an IP (Internet Protocol) address and a domain name in which the computer platform is running. The domain name is concatenated with a pre-defined host name to obtain a FQDN (Fully Qualified Domain Name) for a provisioning server. The OOB controller then establishes a TCP connection to the provisioning server. A server certificate chain received from the provisioning server is validated. An attempt to login to the provisioning server is made. If corporate security policy dictates granting access to the computer platform, then provisioning configuration data is received over a secure and encrypted channel.

Abstract: Provided are techniques for determining a timer value. An advised number of packets per interrupt for both receive and transmit directions of traffic is determined. Current timer values for both receive and transmit directions of traffic are adjusted based on the determined advised numbers of packets per interrupt. A new timer value to be used for both receive and transmit directions of traffic is calculated. Other embodiments are described and claimed.

Abstract: Methods and apparatuses for synchronizing the exchange of cryptography information between kernel drivers. A high level application in an electronic system passes a pointer to a base driver. The pointer is a unique identifier for cryptography information, such as a Security Association (SA), that the base driver uses to populate a cryptography information table for performing cryptography operations on secure traffic data packets. If the network interface device and/or its associated driver are reset, the pointer is used to repopulate the cryptography information table with specific cryptography information needed to perform cryptography operations on the data packets.

Abstract: An embodiment of the present invention is a technique to provide secure Virtual Private Network (VPN) connection. A VPN connection is established to a remote gateway via a network adapter using a Firmware on a platform. An event is generated to notify an operating system (OS) network driver through a bus interface port. A request from the OS network driver is responded to provide network information.

Abstract: A method for transmitting load balancing in mixed speed environments such as physical interface speed changes and client flow speed changes is disclosed. Components such as an association module, a flow redirector, a channel assignment module, and a balancing timer are employed. The association module is a data structure that contains an association between client connections and a network interface. The flow redirector redirects transmitted network packets to the network interfaces based on the data, which is provided by the load balancing association. The channel assignment module is advised when such association data does not exist. The channel assignment module creates the association between the client connection- and the network interface, which is stored in the load balancing association. The decisions that this module makes affect the actual balancing between the network interfaces. The balancing timer computes throughput for client flows and re-associates client flows to the network interfaces.

Abstract: Provided are techniques for determining a timer value. An advised number of packets per interrupt for both receive and transmit directions of traffic is determined. Current timer values for both receive and transmit directions of traffic are adjusted based on the determined advised numbers of packets per interrupt. A new timer value to be used for both receive and transmit directions of traffic is calculated. Other embodiments are described and claimed.

Abstract: Provided are a method, system, and article of manufacture for managing queues of packets. Packets are received at a network interface, wherein the received packets are capable of being processed by a plurality of processors. The received packets are stored in memory. Tasks are scheduled corresponding to selected processors of the plurality of processors. The stored packets are concurrently processed via the scheduled tasks.

Abstract: Provided are a method, system, and program for maintaining a link between a first network entity and a second network entity. The first network entity includes a network adapter and a driver. With the network adapter, it is determined whether the driver was loaded before a link-shutdown timer expired. With the network adapter, processing continues without dropping the link in response to the driver being loaded before the link-shutdown timer expired. With the network adapter, the link is dropped in response to the driver not being loaded before the link-shutdown timer expired.

Abstract: A method for transmitting load balancing in mixed speed environments such as physical interface speed changes and client flow speed changes is disclosed. Components such as an association module, a flow redirector, a channel assignment module, and a balancing timer are employed. The association module is a data structure that contains an association between client connections and a network interface. The flow redirector redirects transmitted network packets to the network interfaces based on the data, which is provided by the load balancing association. The channel assignment module is advised when such association data does not exist. The channel assignment module creates the association between the client connection- and the network interface, which is stored in the load balancing association. The decisions that this module makes affect the actual balancing between the network interfaces. The balancing timer computes throughput for client flows and re-associates client flows to the network interfaces.

Abstract: Parsing capabilities may be provided to define a parser within network hardware. By selectively loading one or more desired parsing capabilities, a parser may change its behavior. In one embodiment, a loadable set of rules associated with a particular packet type may be used to provide a dynamic parser (e.g., defined in a state machine). For a host, a data packet (e.g., an Ethernet packet) may be received in an adapter of an Ethernet device. Before transferring the data packet from the Ethernet device to the host, one or more action-based parsing rules may be dynamically loaded in the adapter. Instead of parsing the data packet based on a static set of pre-loaded rules, the dynamic parser may advantageously use the dynamically loaded action-based parsing rules to identify the data packet based on the packet type, for example.

Abstract: A capability of a device may be registered to an adapter. This capability may characterize the device in terms of tasks performing abilities that may be available or associated therewith. When a packet of data including a task to be handled is received at the adapter, based on the capability registered earlier for the device, the adapter may determine whether to assign the task to the device. An indication, such as packet processing information may be derived from the packet to assist in distribution of the task. By comparing the indication with the capability, the task may be offloaded to the device based on the comparison. Using the device for a networked device, in one embodiment, one or more network communication tasks associated with data communications may be distributed and optionally performed within an adapter. In this way, the networked device may be spared of undertaking network communication tasks that are conventionally performed within the networked device.