Abstract: The disclosure describes techniques that enable detection of memory leaks of software executing on devices within a computer network. An example network device includes memory and processing circuitry. The processing circuitry monitors a usage of the memory by a software component operating within the network device. The processing circuitry periodically determines a memory growth pattern score for the software component based on the usage of the memory. The processing circuitry also predicts whether the user-level process is experiencing a memory leak based on the memory growth pattern score. The processing circuitry applies confirmation criteria to current memory usage of the software component to confirm that the software component is experiencing the memory leak. When the software component is experiencing the memory leak, the processing circuitry generates an alert.

Abstract: A wireless access point comprises a memory; and one or more processors operably coupled to the memory configured to: receive a first packet for an application; configure an initial packet flow for the application including a first forwarding action to send traffic for the application via a tunnel path; learn the application of the first packet; generate, based on a policy of the application, an entry in an application server address cache specifying an address of the application server and a second forwarding action to send traffic for the application via a local breakout path; receive a second packet for the application; and configure, in response to determining that a destination address of the second packet matches the entry in the application server address cache, a subsequent packet flow for the application including the second forwarding action to send traffic for the application via the local breakout path.

Abstract: The disclosure describes techniques that enable detection of memory leaks of software executing on devices within a computer network. An example network device includes memory and processing circuitry. The processing circuitry monitors a usage of the memory by a software component operating within the network device. The processing circuitry periodically determines a memory growth pattern score for the software component based on the usage of the memory. The processing circuitry also predicts whether the user-level process is experiencing a memory leak based on the memory growth pattern score. The processing circuitry applies confirmation criteria to current memory usage of the software component to confirm that the software component is experiencing the memory leak. When the software component is experiencing the memory leak, the processing circuitry generates an alert.

Abstract: A wireless access point comprises a memory; and one or more processors operably coupled to the memory configured to: receive a first packet for an application; configure an initial packet flow for the application including a first forwarding action to send traffic for the application via a tunnel path; learn the application of the first packet; generate, based on a policy of the application, an entry in an application server address cache specifying an address of the application server and a second forwarding action to send traffic for the application via a local breakout path; receive a second packet for the application; and configure, in response to determining that a destination address of the second packet matches the entry in the application server address cache, a subsequent packet flow for the application including the second forwarding action to send traffic for the application via the local breakout path.

Abstract: A wireless access point comprises a memory; and one or more processors operably coupled to the memory configured to: receive a first packet for an application; configure an initial packet flow for the application including a first forwarding action to send traffic for the application via a tunnel path; learn the application of the first packet; generate, based on a policy of the application, an entry in an application server address cache specifying an address of the application server and a second forwarding action to send traffic for the application via a local breakout path; receive a second packet for the application; and configure, in response to determining that a destination address of the second packet matches the entry in the application server address cache, a subsequent packet flow for the application including the second forwarding action to send traffic for the application via the local breakout path.

Abstract: The disclosure describes techniques that enable detection of memory leaks of software executing on devices within a computer network. An example network device includes memory and processing circuitry. The processing circuitry monitors a usage of the memory by a software component operating within the network device. The processing circuitry periodically determines a memory growth pattern score for the software component based on the usage of the memory. The processing circuitry also predicts whether the user-level process is experiencing a memory leak based on the memory growth pattern score. The processing circuitry applies confirmation criteria to current memory usage of the software component to confirm that the software component is experiencing the memory leak. When the software component is experiencing the memory leak, the processing circuitry generates an alert.

Abstract: A wireless access point comprises a memory; and one or more processors operably coupled to the memory configured to: receive a first packet for an application; configure an initial packet flow for the application including a first forwarding action to send traffic for the application via a tunnel path; learn the application of the first packet; generate, based on a policy of the application, an entry in an application server address cache specifying an address of the application server and a second forwarding action to send traffic for the application via a local breakout path; receive a second packet for the application; and configure, in response to determining that a destination address of the second packet matches the entry in the application server address cache, a subsequent packet flow for the application including the second forwarding action to send traffic for the application via the local breakout path.

Abstract: A wireless access point comprises a memory; and one or more processors operably coupled to the memory configured to: receive a first packet for an application; configure an initial packet flow for the application including a first forwarding action to send traffic for the application via a tunnel path; learn the application of the first packet; generate, based on a policy of the application, an entry in an application server address cache specifying an address of the application server and a second forwarding action to send traffic for the application via a local breakout path; receive a second packet for the application; and configure, in response to determining that a destination address of the second packet matches the entry in the application server address cache, a subsequent packet flow for the application including the second forwarding action to send traffic for the application via the local breakout path.

Abstract: The disclosure describes techniques that enable detection of memory leaks of software executing on devices within a computer network. An example network device includes memory and processing circuitry. The processing circuitry monitors a usage of the memory by a software component operating within the network device. The processing circuitry periodically determines a memory growth pattern score for the software component based on the usage of the memory. The processing circuitry also predicts whether the user-level process is experiencing a memory leak based on the memory growth pattern score. The processing circuitry applies confirmation criteria to current memory usage of the software component to confirm that the software component is experiencing the memory leak. When the software component is experiencing the memory leak, the processing circuitry generates an alert.

Abstract: Managed devices containing a Trusted Platform Module (TPM) to provide a trusted environment generate a device certificate at initialization of the TPM and send the device certificate to a management console for storing in a certificate database. Upon detecting a file of interest, the TPM signs the file, adding to a signature list created by previous managed devices. The signature list can be used to analyze the spread of the file across the system of managed devices, including tracking the file to the first managed device to have had a copy, without requiring real-time access to the managed devices during the spread of the file. In some embodiments, additional security measures may be taken responsive to determining the first managed device and the path the file has taken across the system of managed devices.

Abstract: Managed devices containing a Trusted Platform Module (TPM) to provide a trusted environment generate a device certificate at initialization of the TPM and send the device certificate to a management console for storing in a certificate database. Upon detecting a file of interest, the TPM signs the file, adding to a signature list created by previous managed devices. The signature list can be used to analyze the spread of the file across the system of managed devices, including tracking the file to the first managed device to have had a copy, without requiring real-time access to the managed devices during the spread of the file. In some embodiments, additional security measures may be taken responsive to determining the first managed device and the path the file has taken across the system of managed devices.