Abstract: Methods and apparatus for application and/or context-based management of virtual networks using customizable workflows are disclosed. An example apparatus includes a context engine to monitor data traffic from a virtual machine in a data plane of a virtual network to capture context information to identify an application executing on the virtual machine; and a policy manager to receive the context information to instantiate an application entity corresponding to the application in a policy plane of the virtual network and to generate a policy associated with the application entity in the policy plane of the virtual network, the policy and the application entity enabling monitoring and management of the application via the policy plane.

Abstract: A dataset management system (“system”) reduces the amount of data to be stored for future analyses. The system determines a sampling rate of the data based on a required level of accuracy, and samples the data at the determined sampling rate. Initially, all data transactions (“full dataset”) and the sampled data (“sampled dataset”) are logged and stored. Based upon a trigger condition, e.g., after a specified period, the full dataset and the sampled dataset are analyzed separately and the analysis results are compared. If the comparison is sufficiently similar (i.e., the sampling produces a sufficiently accurate set of data or a variance between the analysis results of the datasets is within a specified threshold), the system discontinues full data logging and stores only the sampled dataset. Further, the full dataset is deleted. The sampling thus reduces the required data volume significantly, thereby minimizing consumption of the storage space.

Abstract: Some embodiments provide a method for monitoring a distributed application. The method receives a request to perform data collection for the distributed application. The method identifies data compute nodes (DCNs) that implement the distributed application. The method sends commands to host machines on which the identified DCNs operate to detect events related to the DCNs and provide data regarding the detected events. The method uses the data regarding the detected events to generate a user interface (UI) display of the topology of the distributed application.

Abstract: A novel method for performing replication of messages in a network that bridges one or more physical networks to an overlay logical network is provided. A physical gateway provides bridging between network nodes of a physical network and virtual machines in the overlay logical network by serving as an endpoint of the overlay logical network. The physical gateway does not replicate messages from the bridged physical network to destination endpoints in the overlay logical network directly, but instead tunnels the message-to-be-replicated to a designated tunnel endpoint in the overlay logical network. The designated tunnel endpoint in turn replicates the message that was tunneled to it to other endpoints in the overlay logical network.

Abstract: Some embodiments of the invention provide a method for performing services on an endpoint machine in a datacenter. On the endpoint machine, the method installs a guest introspection (GI) agent and a service engine. In some embodiments, the GI agent and the service engine are part of one monitor agent that is installed on the endpoint machine. The method then registers with a set of one or more notification services on the endpoint machine, the GI agent to receive notifications regarding new data message flow events on the endpoint machine. Through the notifications, the GI agent captures contextual data items regarding new data message flows, and stores the captured contextual data items. The service engine then performs a service for the data message flow based on the captured contextual data.

Abstract: Some embodiments of the invention provide a method for performing services on an endpoint machine in a datacenter. On the endpoint machine, the method installs a guest introspection (GI) agent and a service engine. In some embodiments, the GI agent and the service engine are part of one monitor agent that is installed on the endpoint machine. The method then registers with a set of one or more notification services on the endpoint machine, the GI agent to receive notifications regarding new data message flow events on the endpoint machine. Through the notifications, the GI agent captures contextual data items regarding new data message flows, and stores the captured contextual data items. The service engine then performs a service for the data message flow based on the captured contextual data.

Abstract: An approach for a software defined networking manager to perform a predictive analysis of proposed modifications to a software defined network (SDN) is presented. A method comprises receiving entity logical associations that are captured in a set of rules implemented in a SDN. Once a proposed modification to the entity logical associations is received, without implementing the proposed modification and without modifying the set of rules, impacted entity associations, from the entity logical associations, are identified. Upon receiving input indicating that the proposed modification is to be accepted, an updated set of rules for the SDN is generated by updating the set of rules based on the proposed modification, and the updated set of rules is implemented in the SDN.

Abstract: A novel method for performing replication of messages in a network that bridges one or more physical networks to an overlay logical network is provided. A physical gateway provides bridging between network nodes of a physical network and virtual machines in the overlay logical network by serving as an endpoint of the overlay logical network. The physical gateway does not replicate messages from the bridged physical network to destination endpoints in the overlay logical network directly, but instead tunnels the message-to-be-replicated to a designated tunnel endpoint in the overlay logical network. The designated tunnel endpoint in turn replicates the message that was tunneled to it to other endpoints in the overlay logical network.

Abstract: A method of defining policy for a network virtualization platform of a data center is provided. The method receives a registration of one or more actions provided by each of a plurality of data center services. The method defines a policy template by receiving the identification of a set of data center resources and a set of actions registered by a set of data center services to be applied to each identified resource. The method instantiates the template into a set of policy instances that each includes an identification of one or more resources and identification of one or more actions identified in the policy template. The policy is then enforced by the set of data center services by applying the actions identified in each policy instance to the resources identified in the policy instance.

Abstract: Described herein are systems, methods, and software to enhance the implementation of communication rules in a computing network. In one example, a method of operating a communication settings system maintains communication rules for a plurality of networks, wherein the communication rules define forwarding actions for ingress and egress packets to and from applications in the plurality of computing networks. The service further identifies a configuration request from a computing network with applications executing in the computing network, identifies a subset of the communication rules based on the plurality of applications, and provides the subset of the communication rules to the computing network.

Abstract: A client device or an online system determines a position in an interface presented by a client device for presenting content associated with an application installed on the client device based in part on a bid amount associated with the application. Scores are determined for the application and other applications installed on the client device based on an expected amount of user interaction with each application and bid amounts associated with one or more of the applications. Based on a score associated with an application, a position in the interface for presenting content associated with the application is determined. If the determined position satisfies a position specified by the bid amount and content associated with the application is presented in the determined position for at least a threshold amount of time, an online system charges a third party system associated with the application an amount.

Abstract: A dataset management system (“system”) reduces the amount of data to be stored for future analyses. The system determines a sampling rate of the data based on a required level of accuracy, and samples the data at the determined sampling rate. Initially, all data transactions (“full dataset”) and the sampled data (“sampled dataset”) are logged and stored. Based upon a trigger condition, e.g., after a specified period, the full dataset and the sampled dataset are analyzed separately and the analysis results are compared. If the comparison is sufficiently similar (i.e., the sampling produces a sufficiently accurate set of data or a variance between the analysis results of the datasets is within a specified threshold), the system discontinues full data logging and stores only the sampled dataset. Further, the full dataset is deleted. The sampling thus reduces the required data volume significantly, thereby minimizing consumption of the storage space.

Abstract: Methods and apparatus for application and/or context-based management of virtual networks using customizable workflows are disclosed. An example apparatus includes a context engine to monitor data traffic from a virtual machine in a data plane of a virtual network to capture context information to identify an application executing on the virtual machine; and a policy manager to receive the context information to instantiate an application entity corresponding to the application in a policy plane of the virtual network and to generate a policy associated with the application entity in the policy plane of the virtual network, the policy and the application entity enabling monitoring and management of the application via the policy plane.

Abstract: The technology disclosed herein enables micro-segmentation of virtual computing elements. In a particular embodiment, a method provides identifying one or more multi-tier applications comprising a plurality of virtual machines. Each application tier of the one or more multi-tier applications comprises at least one of the plurality of virtual machines. The method further provides maintaining information about the one or more multi-tier applications. The information at least indicates a security group for each virtual machine of the plurality of virtual machines. Additionally, the method provides identifying communication traffic flows between virtual machines of the plurality of virtual machines and identifying one or more removable traffic flows of the communication traffic flows based, at least in part, on the information. The method then provides blocking the one or more removable traffic flows.

Abstract: A method of defining policy for a network virtualization platform of a data center is provided. The method receives a registration of one or more actions provided by each of a plurality of data center services. The method defines a policy template by receiving the identification of a set of data center resources and a set of actions registered by a set of data center services to be applied to each identified resource. The method instantiates the template into a set of policy instants that each includes an identification of one or more resources and identification of one or more actions identified in the policy template. The policy is then enforced by the set of data center services by applying the actions identified in each policy instance to the resources identified in the policy instance.

Abstract: A novel method for performing replication of messages in a network that bridges one or more physical networks to an overlay logical network is provided. A physical gateway provides bridging between network nodes of a physical network and virtual machines in the overlay logical network by serving as an endpoint of the overlay logical network. The physical gateway does not replicate messages from the bridged physical network to destination endpoints in the overlay logical network directly, but instead tunnels the message-to-be-replicated to a designated tunnel endpoint in the overlay logical network. The designated tunnel endpoint in turn replicates the message that was tunneled to it to other endpoints in the overlay logical network.

Abstract: The disclosure is related to encoding a message or portions of the message to be exchanged between a pair of users. Messages can be exchanged between a pair of users in multiple ways, e.g., electronic mail, short messaging service (SMS), messenger applications. The computing resource, e.g., network bandwidth consumed in transmission of the messages, can be minimized by encoding/compressing at least portions of a message prior to transmission. A server analyzes messages exchanged between a pair of users to identify message portions, e.g., a word or a phrase, that are commonly exchanged and generates a set of codes for those message portions. The pair of users can use the set of codes for encoding and/or decoding the messages exchanged between them. The codes are generated using a specified coding technique, e.g., Huffman coding.

Abstract: A novel method for performing replication of messages in a network that bridges one or more physical networks to an overlay logical network is provided. A physical gateway provides bridging between network nodes of a physical network and virtual machines in the overlay logical network by serving as an endpoint of the overlay logical network. The physical gateway does not replicate messages from the bridged physical network to destination endpoints in the overlay logical network directly, but instead tunnels the message-to-be-replicated to a designated tunnel endpoint in the overlay logical network. The designated tunnel endpoint in turn replicates the message that was tunneled to it to other endpoints in the overlay logical network.

Abstract: Systems and techniques for performing network layer multicasting in a TRILL network are described. Some embodiments provide a system that receives multicast packet that includes a network-layer multicast-address. The multicast packet can be received on a first multicast tree associated with a first virtual network. Next, the system can determine, based on the network-layer multicast-address, a second multicast tree associated with a second virtual network over which the multicast packet is to be forwarded. The system can then forward the multicast packet on the first multicast tree associated with the first virtual network, and forward a copy of the multicast packet on the second multicast tree associated with the second virtual network.

Abstract: Systems and techniques for supporting multiple multicast trees are described. Some embodiments provide a system that determines an internal multicast group identifier based on a source address, a multicast address, and a multicast tree identifier field associated with a multicast packet. The system can then forward the multicast packet based on the internal multicast group identifier. Specifically, the system can determine a first set of bits based on the source address and the multicast address of the multicast packet. The system can determine a second set of bits based on the multicast tree identifier field of the multicast packet. Next, the system can combine the first set of bits and the second set of bits to obtain the internal multicast group identifier. In some embodiments, the scope of an internal virtual network identifier does not extend beyond a switch or a forwarding module within a switch.