Abstract: Methods, systems, devices, and software are disclosed for generating a network usage profile. Certain embodiments of the network usage profile include a devices-by-node profile, indicating the set of customer devices available for use in communicating with a customer-side network node located at a customer side of an access network over a period of time, where some of the customer devices are not in operative communication with the customer-side network node during a portion of that time. Other embodiments associate the network usage profile with customer information to generate device-by-customer profiles. Still other embodiments associate the network usage profile with network traffic information to generate traffic-by-device profiles. Even other embodiments associate the multiple sources and types of information to generate traffic-by-customer profiles and/or traffic-by-device-by-customer profiles.

Abstract: Disclosed are some implementations of systems, apparatus, methods and computer program products for enabling out of office message settings of multiple computing systems using a single out of office message configuration. A request to generate an out of office message configuration associated with a user is received and an indication of computing systems associated with the request is obtained. In addition, an indication of a start date, an indication of an end date, and an out of office message are obtained in association with the request. The out of office message configuration is saved such that the start date, end date, and out of office message are associated with the computing systems and the user.

Abstract: A service model, integrated system, and method for enabling a service provider to deliver an integrated web hosting and content distribution service offering, which affords assured operational performance service levels, regardless of whether the customer's web site is served by the service provider's hosting center, the service provider's content distribution network (CDN), by a third party web host, or by a third party CDN. A monitoring system of the primary service provider receives detailed capacity and health statistics from any CDN under the operational control of the primary service provider, receives aggregate capacity and health statistics from other CDNs not under the operational control of the primary service provider. A redirection system then decides to which web host, content distribution network, or combination thereof, user requests for content are directed in order that operational performance service levels are maintained.

Abstract: Techniques and architecture are disclosed for inferring a unified topological model of a hidden topology comprising dispersing data packets from a source to at least one receiver, and collecting individual end-to-end packet statistics; collecting aggregate end-to-end statistical measurements between a plurality of enclaves situated at an edge of an unknown network; identifying shared path correlations relating to shared links traversed between at least one root enclave and one or more leaf enclaves; constructing topological metrics as a directed tree corresponding to shared path correlations; inferring a unified topological model and routing paths of the unknown network based on the plurality of topological metrics collected by the plurality of enclaves; validating consistency between the subsequent end-to-end statistical measurements and the unified topological model of the hidden topology; and updating the inferred unified topological model of the hidden topology in accordance with observed inconsistencies.

Abstract: Example methods and systems are provided for cross-cloud connectivity checks. One example method may include detecting a first connectivity check packet that is addressed from a first virtualized computing instance deployed in a first cloud environment; and determining that the first connectivity check packet is destined for a second virtualized computing instance in a second cloud environment reachable via the network device. The method may also comprise: generating a second connectivity check packet by modifying the first connectivity check packet to include one or more indicators that a connectivity check is required along a datapath towards the second virtualized computing instance in the second cloud environment. The method may further comprise: sending the second connectivity check packet to cause one or more observation points along the datapath to, based on the one or more indicators, generate and send report information associated with the second connectivity packet.

Abstract: A cloud-based operating-system-event and data-access monitoring method includes collecting event information from a monitored cloud-based element. One or more structured event payloads based on the event information is then generated. The structured event payloads that produce one or more validated event collections are then validated. The one or more validated event collections are then serialized and filtered to remove redundant structured event payload data. The filtered validated structured event payloads are then de-serialized to produce a time-sequenced, ordered event stream. The time-sequenced, ordered event stream is de-duplicated to remove duplicate structured event payloads. The time-sequenced ordered event stream is then processed to generate processed information security results.

Abstract: There are provided systems and methods for dynamic node insertion of secondary services for high-availability during main decision failure at runtime. A service provider, such as an electronic transaction processor for digital transactions, may utilize different decision services that implement rules and/or artificial intelligence models for decision-making of data including data in production computing environment. A main decision service may normally be used for data processing and decision-making. However, at certain times, the main decision service may fail, such as if a data processing node fails to process data or times out while processing a data processing request, such as during electronic transaction processing. During this runtime, a dynamic injection processor may dynamically inject a node that performs a call to a secondary service to process the data on behalf of the node and/or main decision service so that a response is provided to the data processing request.

Abstract: Described herein are technologies that provide an element of security related to file system operations. Individual nodes in a file system, such as a directory or a file, can be associated with information that describes how to handle letter case when a file name included in a file system operation request is used to locate a file in the file system. For example, a case sensitive designation associated with a directory can require a case sensitive match between a file name included in a request and a file name included in the directory, in order to perform the requested file system operation. In another example, a case preferring designation associated with a directory first checks for a case sensitive match between file names. If a case sensitive match does not exist, then a case insensitive match between the file names can be used to perform the requested file system operation.

Abstract: Traffic event data source identification embodiments comprise a first monitoring system that detects a traffic event, a communication device that broadcasts a discovery signal and receives back response signals from any second monitoring systems within the vicinity of the traffic event, and a memory that stores a list of responding second monitoring systems. Traffic event data collection embodiments incorporate the identification embodiments and additional features. In this case, the first monitoring system captures data recorded at the time of the traffic event and a second communication device transmits this data and, optionally, the list to a traffic event database in a traffic event data storage system. The first communication device also transmits a data capture request signal to the second monitoring system(s) requesting capture of any data recorded at the time of the traffic event and, optionally, requesting that such data be transmitted to the database.

Abstract: A tool for managing a computer network includes a gateway service module that identifies a gateway for a network and a network information service module. The network information service module identifies devices in the network, determines at least one property for each of the identified devices, and creates a network information data structure for storing device properties. A communication agent service module transmits at least one determined device property to other agent service modules associated with the network, receives at least one device property from another agent service module associated with the network, and provides the received at least one property device to the network information service module. A method of monitoring a computer network is also provided.

Abstract: A method and apparatus dynamically change a connection service category for an exiting soft permanent virtual circuit (SPVC) which includes a permanent virtual circuit (PVC) connection leg set up from a source end to a network device, and a switched virtual circuit (SVC) connection leg set up from the network device to a destination end via a communications network. In one embodiment, the method includes (a) receiving a new connection service category for the existing SPVC, (b) releasing the SVC connection leg in response to the receiving the new service category, while maintaining the PVC connection leg, (c) de-allocating resources from the PVC connection leg, (d) allocating new resources on the PVC connection leg, the new resources corresponding to the new connection service category and traffic parameters, and (e) creating a new SVC connection leg in accordance with the new connection service category and the traffic parameters.

Abstract: A system and method for the multi-stage analysis of incoming packets. Three stages are used, each of which addresses a particular category of threat by examining the headers and/or payload of each packet (“deep packet inspection”). The first stage detects incoming viruses or worms. The second stage detects malicious applications. The third stage detects attempts at intrusion. These three stages operate in sequence, but in alternative embodiments of the invention, they may be applied in a different order. These three stages are followed by a fourth stage that acts as a verification stage. If any of the first three stages detects a possible attack, then the packet or packets that have been flagged are routed to a central verification facility. In an embodiment of the invention, the verification facility is a server, coupled with a database.

Abstract: A packet monitoring application instantiated on a server hosting a virtualized network stack is utilized to track data packet propagations and drops at each component within the network stack to reduce the amount of time to identify a root cause for latency issues. The packet monitoring application can be selectively enabled or disabled by an administrator. Components within the virtualized network stack report packet drops and successful packet propagations to the packet monitoring application, which can filter the packets based on input parameters. Thus, a user can select at what level of granularity to filter packets within the virtualized network stack while being able to assess each packet's traversal through each component within the network stack. The packet monitoring application can also perform post-processing of on the filtered data packets to determine latency among components or sections of the virtualized network stack.

Abstract: There is disclosed a system and method for managing spam within an email message stream. In an embodiment, a method comprises defining a plurality of anti-spam filter levels where each anti-spam filter level includes at least one anti-spam module configurable for filtering spam messages. An anti-spam request including a user preferred anti-spam filter level is generated and communicated to the preferred anti-spam filter level. The anti-spam request is implemented on at least one anti-spam module in the preferred anti-spam filter level based on at least one predetermined criterion. If the anti-spam request cannot be implemented at the preferred anti-spam filter level, the anti-spam request is implemented on at least one anti-spam module at another anti-spam filter level.

Abstract: Monitor services deployable on device networks may be implemented using a modular approach, in which a core monitor service is mapped to one or more devices included in, or associated with, the device networks. Additional monitoring-related functionality may be provided to such devices using plug-ins, add-on services or service components, or other service modules, which interact with the core monitor service. The core monitor service(s) and any monitor service modules may be mapped, to specific ones of the devices, based on, for example, requirements of other services and/or relevant device metadata (e.g., capabilities) of the devices. In additional or alternative implementations, various protocols may be used to register new devices and deployed monitor service(s) with the distributed monitoring service(s) in a fast, secure, energy-efficient, and reliable manner, even as devices join or leave the device network(s).

Abstract: A method and system that provide an intuitive user interface and related components for making Internet users aware of Internet cookie-related privacy issues, and enabling users to control Internet privacy through automatic cookie handling. Default privacy settings for handling cookies are provided, and through the user interface, the privacy settings may be customized to a user's liking. Further, through the user interface, for each individual site that forms a page of content, the site's privacy policy may be reviewed and/or the privacy controlled by specifying how cookies from that site are to be handled. To make users aware, the user interface provides an active alert on a first instance of a retrieved web site's content that fails to include satisfactory privacy information, and thereafter, provides a distinctive passive alert to allow the user selective access to privacy information, per-site cookie handling and cookie handling settings.

Abstract: A network device comprises time measurement units configured to measure receipt times and transmit times of packets received/transmitted via network interfaces. One or more memories store configuration information that indicates certain network interface pairs and/or certain packet flows that are enabled for latency measurement. A packet processor includes a latency monitoring trigger unit configured to select, using the configuration information, packets that are forwarded between the certain network interface pairs and/or that belong to the certain packet flows for latency monitoring.

Abstract: A system for detecting and communicating the presence of one or more computing devices is presented. The invention also presents a method and system for aggregating presence information generated by multiple devices associated with a single user. A server acting as a presence agent on behalf of a first user receives and responds to a subscription request generated by a computing device operated by a second user that wishes to be permitted as a watcher of the first user. When the second user corresponds to access preferences specified by the first user, a notify message is sent to the second user's device that includes presence information indicative of an activity level and availability level associated with the first user. When the first user employs multiple computing devices, the server generates an aggregate presence document that is representative of the overall presence of the first user.

Abstract: The present invention includes a system for authenticating a second action based on a first action, wherein the system is configured to: receive a first request to execute a first action associated with a first application; determine that execution of the first action requires user authentication; request one or more authentication credentials from the user; receive a first authentication credential associated with the first action; validate the first authentication credential, thereby resulting in a successful validation of the received first authentication credential; in response to the successful validation, execute the first action; receive a second request to execute a second action associated with a second application; determine that execution of the second action requires user authentication; use the successful validation of the first authentication credential to validate a second authentication credential so that the second action may be executed.

Abstract: A method of providing network access across a shared communications medium between competing users includes the step of allocating network access for each user for a future time interval. Features include forecasting network access of the users in a future time interval, and prioritizing the users for allocating network access to the users. The network access allocations represent network access allowances available to the users during the future time interval, and further may represent network access usage. Classes of users can be allocated network access first, and then each user allocated network access from the class allocation. Users with high network access usage are identified and solicited to modify service level agreements under which network access is provided. Network Access is also provided to user classes under class service level agreements entered into, for instance, by a service provider on behalf of the users.