Abstract: A central controller and a method for separation of traffic processing in a software defined network (SDN). The method comprises: identifying, based on at least one zoning trigger parameter, a potential cyber-attack; triggering a zoning mode for mitigating the potential cyber-attack; dynamically allocating, based on a load profile, a first group of computing resources of a computing farm to a trusted zone and a second group of computing resources to an un-trusted zone; assigning the computing resources in the first group with a first address and the computing resources in the second group with a second address, wherein only the second address is advertised; and causing at least one network element in the SDN to divert incoming traffic to the first group and to the second group of computing resources based on a plurality of zoning rules implemented by the at least one network element.

Abstract: A central controller and a method for separation of traffic processing in a software defined network (SDN). The method comprises: identifying, based on at least one zoning trigger parameter, a potential cyber-attack; triggering a zoning mode for mitigating the potential cyber-attack; dynamically allocating, based on a load profile, a first group of computing resources of a computing farm to a trusted zone and a second group of computing resources to an un-trusted zone; assigning the computing resources in the first group with a first address and the computing resources in the second group with a second address, wherein only the second address is advertised; and causing at least one network element in the SDN to divert incoming traffic to the first group and to the second group of computing resources based on a plurality of zoning rules implemented by the at least one network element.

Abstract: A method of authenticating a document transmitted to a service, the method comprising: selecting or inserting at least one keyword in a copy of the document as received by the service; receiving a biometric response to the received document from a user indicated as having transmitted the document; identifying a keyword of the at least one keyword present in the biometric response; and determining whether the received document may be considered a true copy of the transmitted document responsive to the identified keyword.

Abstract: A method and system for separation of traffic processing in a software defined network (SDN). The method comprises allocating a first group of computing resources of a computing farm to a trusted zone and a second group of computing resources to an un-trusted zone; assigning the computing resources in the first group to a first ADC and the computing resources in the second group with a second ADC; triggering a zoning mode in the computing frame to mitigate a potential cyber-attack; and causing at least one network element in the SDN to divert traffic from a trusted client to the first group of computing resources and traffic from an un-trusted client to the second group of computing resources based on a plurality of zoning rules implemented by the at least one network element.

Abstract: A system and method for separation of traffic processing in a computing farm. The method comprises allocating a first group of computing resources of the computing farm to a trusted zone and a second group of computing resources to an un-trusted zone, wherein the computing resources in the first group are allocated to ensure at least service-level agreements (SLA) guaranteed to a group of trusted clients; determining, based on a plurality of security risk indication parameters, if a client associated with an incoming traffic is a trusted client or an un-trusted client; forwarding the incoming traffic to the second group of computing resources when the client is determined to be an un-trusted client; and diverting the incoming traffic to the first group of computing resources when the client is determined to be a trusted client, thereby ensuring at least the SLA guaranteed to the trusted client.

Abstract: A method of generating an end-to-end (E2E) profile that characterizes an E2E application packet flow (E2E-APF) path between first and second applications respectively hosted on first and second communication devices and exchanging information over a plurality of communication networks, the method comprising: acquiring communication device data associated with at least one of the first and second communication devices; determining an E2E-APF path traversing the plurality of networks over which packets comprising the exchanged information propagate; acquiring quality of service (QoS) data for at least two of the plurality of networks that the E2E-APF path traverses; and generating an E2E-APF profile, optionally comprising a QoE, responsive to the QoS and communication device data, and the E2E-APF path.

Abstract: A method and system for separation of traffic processing in a software defined network (SDN). The method comprises allocating a first group of computing resources of a computing farm to a trusted zone and a second group of computing resources to an un-trusted zone; assigning the computing resources in the first group to a first ADC and the computing resources in the second group with a second ADC; triggering a zoning mode in the computing frame to mitigate a potential cyber-attack; and causing at least one network element in the SDN to divert traffic from a trusted client to the first group of computing resources and traffic from an un-trusted client to the second group of computing resources based on a plurality of zoning rules implemented by the at least one network element.

Abstract: A system and method for separation of traffic processing in a computing farm. The method comprises allocating a first group of computing resources of the computing farm to a trusted zone and a second group of computing resources to an un-trusted zone, wherein the computing resources in the first group are allocated to ensure at least service-level agreements (SLA) guaranteed to a group of trusted clients; determining, based on a plurality of security risk indication parameters, if a client associated with an incoming traffic is a trusted client or an un-trusted client; forwarding the incoming traffic to the second group of computing resources when the client is determined to be an un-trusted client; and diverting the incoming traffic to the first group of computing resources when the client is determined to be a trusted client, thereby ensuring at least the SLA guaranteed to the trusted client.

Abstract: The invention provides systems and methods for determining the physical location of a device connected to a network. The location information is stored in a wiring database that correlates the location information with an address present in every protocol data unit (PDU) thus enabling a network administrator to quickly locate an offending device. The invention provides systems and methods for validating reported physical location information using network topology. In another aspect, the invention provides systems and methods for maintaining the integrity of a wiring database storing physical locations of devices by motivating users to report relocation of devices to the network administrator.

Abstract: The present invention relates to a system for delivering a drug to a patient, which comprises at least one electro-physical sensor, a control unit and a drug-delivery device adapted to contain at least one drug to be delivered to such patient. The sensor and control unit are capable of determining a physiological state in a patient wearing the sensor, and the control unit is capable of issuing instructions to the drug-delivery device so as to deliver the drug to the patient at a flow-rate which is a function of the physiological state determined.

Abstract: The invention provides systems and methods for determining the physical location of a device connected to a network. The location information is stored in a wiring database that correlates the location information with an address present in every protocol data unit (PDU) thus enabling a network administrator to quickly locate an offending device. The invention provides systems and methods for validating reported physical location information using network topology. In another aspect, the invention provides systems and methods for maintaining the integrity of a wiring database storing physical locations of devices by motivating users to report relocation of devices to the network administrator.

Abstract: In one aspect, the invention provides systems and methods for providing users with a peer-to-peer (P2P) acceleration service over any form of broadband access.

Abstract: A telecommunications apparatus is disclosed for use in conjunction with a local switch. The apparatus operates in a bypass mode for messages that do not require compression/decompression, and in a pass-through mode for those which do. A selective compressor/decompressor is provided to decompress incoming information for which the local switch is to operate in pass through mode and to compress outgoing information for which the local switch has operated in pass through mode. A selective masker/demasker is operative to expand information to be bypassed by the switch without decompressing the information from a compressed form to an expanded form and to restore information bypassed by the switch from the expanded form to the compressed form.

Abstract: A local area network including cabling interconnecting a plurality of workstations, the cabling including a plurality of data ports and conductors for selectable and removable interconnection between selected ones of the data ports and apparatus for automatically providing an indication of the connection pattern of the data ports.

Abstract: A local area network which has at least two CSMA collision domains and at least three LAN stations also includes communication security interface devices, each connected to the at least two CSMA collision domains and to at least one LAN station. The interface devices each include a transmitter, a receiver, apparatus for sensing a transmitted packet having a destination address followed by data, which is transmitted along a given CSMA collision domain, apparatus for comparing the transmitted packet destination address with the local address of the at least one LAN station and apparatus for ensuring that the receiver does not receive data contained in the transmitted packet whose destination address does not match the local address of said at least one LAN station.