Abstract: Techniques for generating and enforcing security policies for device clusters are disclosed. A security manager generates a plurality of clusters of devices for applying security policies. For each cluster of devices, the security manager trains a machine learning model to indicate whether a particular data flow associated with a device in the particular cluster of devices is allowed or denied. The security manager detects a data flow corresponding to a device. If the security manager determines that the device corresponds to a first cluster of devices, the security manager identifies a first trained machine learning model corresponding to the first cluster of devices. The security manager applies the first trained machine learning model to the first data flow to determine whether the first data flow is to be allowed or denied. The security manager allows or denies the first data flow based on the applying operation.

Abstract: Systems and methods for placing capacitors between IC bumps and BGA balls are described. In one embodiment, the method may include placing a ball grid array (BGA) package or integrated circuit (IC) package on a printed circuit board (PCB) of an electronic device, and placing a capacitor between a first BGA ball and a second BGA ball of the BGA package and/or placing a capacitor between a first IC bump and a second IC bump of the IC package to maintain impedance of a power delivery network (PDN) of the BGA package or IC package below a target impedance.

Abstract: A substrate largely or entirely devoid of return current vias is disclosed. The substrate may include a first signal layer, a ground plane, a power plane and a second signal layer, each separated by a dielectric material. The ground plane and power plane together form a capacitor providing a return current path for the current in the signal layers.

Abstract: Examples described herein include a method and system for determining a number of controllers in a Network Authentication Server (NAS) controller cluster, wherein each of the controllers in the NAS controller cluster includes a unique Physical Internet Protocol (PIP) address; creating a number of unique Virtual Internet Protocol (VIP) addresses for use by an external authentication server (EAS) to communicate with the controllers in the NAS controller cluster, wherein the number of VIP addresses is to be proportional to the number of PIP addresses; and mapping each controller in the NAS controller cluster to a plurality of VIP addresses, wherein the VIP addresses are to have different priorities for different controllers in the NAS controller cluster.

Abstract: The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a first frequency for transmitting a heartbeat protocol message between the first device and the second device, and transmits a heartbeat protocol message between the first device and the second device at the first frequency.

Abstract: Example implementations relate to upgrading controllers and access points by group. A master controller may comprise a processing resource and a memory resource storing machine-readable instructions to cause the processing resource to create a plurality of groups of access points (APs) connected to a first and a second local controller, move a subset of the plurality of APs connected to the first local controller to the second local controller, upgrade the first local controller, move APs associated with a group of the plurality of APs to the first local controller, and upgrade the APs associated with the group of the first local controller.

Abstract: Systems and methods for routing of conductive traces in a printed circuit board are described. In one embodiment, the method may include routing a first trace in a first layer of a printed circuit board of a solid state drive, routing a second trace in a second layer of the printed circuit board, and routing the first trace and the second trace between a serializer/deserializer (SerDes) of a first controller of the solid state drive and a SerDes of a second controller of the solid state driver. In some cases, the first trace and the second trace may be configured to transmit differential signals to communicate data between the first controller and the second controller. In some embodiments, the second layer may be adjacent to the first layer.

Abstract: Systems and methods for tightly coupled differential vias are described. the storage system device includes a storage drive and a printed circuit board (PCB) of the storage drive. In some embodiments a first via is connected to a first trace routed on a first layer of the PCB, and a second via is connected to a second trace routed on the first layer of the PCB. In some cases, a distance between the first via and the second via is about 1.5 times or less a spacing between the first trace and the second trace.

Abstract: Systems and methods for placing capacitors between IC bumps and BGA balls are described. In one embodiment, the method may include placing a ball grid array (BGA) package or integrated circuit (IC) package on a printed circuit board (PCB) of an electronic device, and placing a capacitor between a first BGA ball and a second BGA ball of the BGA package and/or placing a capacitor between a first IC bump and a second IC bump of the IC package to maintain impedance of a power delivery network (PDN) of the BGA package or IC package below a target impedance.

Abstract: Systems and methods for tightly coupled differential vias are described. the storage system device includes a storage drive and a printed circuit board (PCB) of the storage drive. In some embodiments a first via is connected to a first trace routed on a first layer of the PCB, and a second via is connected to a second trace routed on the first layer of the PCB. In some cases, a distance between the first via and the second via is about 1.5 times or less a spacing between the first trace and the second trace.

Abstract: Systems and methods for maintaining a slew rate while loading flash memory dies are described. In one embodiment, the systems and methods may include placing one or more comparator circuits connectively between one or more channel controllers and a plurality of flash memory dies and maintaining a slew rate in relation to the one or more channel controllers writing data to a plurality of flash memory dies inside the solid state drive. In some cases, a hardware controller of a solid state drive may include the one or more channel controllers. In some cases, the plurality of flash memory dies may include at least one NAND die.

Abstract: Systems and methods for maintaining a slew rate while loading flash memory dies are described. In one embodiment, the systems and methods may include placing one or more comparator circuits connectively between one or more channel controllers and a plurality of flash memory dies and maintaining a slew rate in relation to the one or more channel controllers writing data to a plurality of flash memory dies inside the solid state drive. In some cases, a hardware controller of a solid state drive may include the one or more channel controllers. In some cases, the plurality of flash memory dies may include at least one NAND die.

Abstract: Systems and methods for routing of conductive traces in a printed circuit board are described. In one embodiment, the method may include routing a first trace in a first layer of a printed circuit board of a solid state drive, routing a second trace in a second layer of the printed circuit board, and routing the first trace and the second trace between a serializer/deserializer (SerDes) of a first controller of the solid state drive and a SerDes of a second controller of the solid state driver. In some cases, the first trace and the second trace may be configured to transmit differential signals to communicate data between the first controller and the second controller. In some embodiments, the second layer may be adjacent to the first layer.

Abstract: In some examples, a method includes determining a number of controllers in a Network Authentication Server (NAS) controller cluster, wherein each of the controllers in the NAS controller cluster includes a unique Physical Internet Protocol (PIP) address; creating a number of unique Virtual Internet Protocol (VIP) addresses for use by an external authentication server (EAS) to communicate with the controllers in the NAS controller cluster, wherein the number of VIP addresses is to be proportional to the number of PIP addresses; and mapping each controller in the NAS controller cluster to a plurality of VIP addresses, wherein the VIP addresses are to have different priorities for different controllers in the NAS controller cluster.

Abstract: Example implementations relate to upgrading controllers and access points by group. A master controller may comprise a processing resource and a memory resource storing machine-readable instructions to cause the processing resource to create a plurality of groups of access points (APs) connected to a first and a second local controller, move a subset of the plurality of APs connected to the first local controller to the second local controller, upgrade the first local controller, move APs associated with a group of the plurality of APs to the first local controller, and upgrade the APs associated with the group of the first local controller.

Abstract: The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a first frequency for transmitting a heartbeat protocol message between the first device and the second device, and transmits a heartbeat protocol message between the first device and the second device at the first frequency.

Abstract: The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a first frequency for transmitting a heartbeat protocol message between the first device and the second device, and transmits a heartbeat protocol message between the first device and the second device at the first frequency.

Abstract: The present disclosure discloses a method and a network device for failure detection of nodes in a cluster. Specifically, a network device transmits data to another device at a first time. The network device then receives an acknowledgment of the data from the second device at a second time. Next, the network device determines a Round Trip Time (RTT) for the first device and the second device based on the first time and the second time. Based on the RTT, the network device determines a first frequency for transmitting a heartbeat protocol message between the first device and the second device, and transmits a heartbeat protocol message between the first device and the second device at the first frequency.

Abstract: Techniques are provided for obtaining first and second digital certificates from a certificate authority database for establishing a secure exchange between network devices. The first digital certificate contains identity information of a first network device, and the second digital certificate contains classification information of the first network device. In one embodiment, a secure key exchange is initiated with the second network device, and the first and second digital certificates are transmitted as a part of the secure key exchange to the second network device. In another embodiment, the first and second digital certificates are received by an intermediate network device. The first digital certificate is encrypted and is not evaluated by the intermediate network device. The second digital certificate is evaluated for classification information of the first network device.

Abstract: Techniques are provided for obtaining first and second digital certificates from a certificate authority database for establishing a secure exchange between network devices. The first digital certificate contains identity information of a first network device, and the second digital certificate contains classification information of the first network device. In one embodiment, a secure key exchange is initiated with the second network device, and the first and second digital certificates are transmitted as a part of the secure key exchange to the second network device. In another embodiment, the first and second digital certificates are received by an intermediate network device. The first digital certificate is encrypted and is not evaluated by the intermediate network device. The second digital certificate is evaluated for classification information of the first network device.