DYNAMIC MONITORING OF NETWORK TRAFFIC
Granted: May 10, 2012
Application Number:
20120113857
A device, connected to a monitoring appliance, may include a traffic analyzer to receive a data unit and identify a traffic flow associated with the data unit. The device may also include a traffic processor to receive the data unit and information regarding the identified traffic flow from the traffic analyzer, determine that the identified traffic flow is to be monitored by the monitoring appliance, change a port number, associated with the data unit, to a particular port number to…
CASCADED LOAD BALANCING
Granted: May 10, 2012
Application Number:
20120113808
A first network device and a second network device for forwarding data units are included in a network. The second network device is configured to receive data units from the first network device via an output interface from the first network device. Each of the network devices is further configured to form a first value derived from information pertaining to a received data unit, perform a function on the first value to provide a second value, wherein the function of the first network…
HEALTH PROBING DETECTION AND ENHANCEMENT FOR TRAFFIC ENGINEERING LABEL SWITCHED PATHS
Granted: May 3, 2012
Application Number:
20120106359
A method performed by a network device may include establishing performance-based Bidirectional Forwarding Detection (BFD) sessions for each link of a primary traffic engineering Label Switched Path (TE-LSP) and establishing performance-based BFD sessions for each link of a secondary TE-LSP. The method may also include, monitoring performance of the primary TE-LSP based on the performance-based BFD sessions for each link of the primary TE-LSP and monitoring performance of the secondary…
AUTOMATIC AGGREGATION OF INTER-DEVICE PORTS/LINKS IN A VIRTUAL DEVICE
Granted: May 3, 2012
Application Number:
20120110206
A virtual device includes multiple devices connected to operate as a single device. A first one of the devices is configured to determine that the first device connects to a second one of the devices via a first link; identify a second link; determine that the second link connects the first device to the second device; and automatically aggregate the first link and the second link to form a link aggregation with the second device based on determining that the first device connects to the…
AUTOMATED PARALLEL SOFTWARE CODE IMPACT ANALYSIS
Granted: May 3, 2012
Application Number:
20120110557
A server device is configured to receive a request to identify a manner in which changed code propagates within an application; generate a group of blocks that correspond to code associated with a parent function corresponding to the application and which includes the changed code; perform an intra-procedural analysis on the group of blocks to identify a block that is affected by the changed code included within an epicenter block; perform an inter-procedural analysis on functions…
POLICY-BASED CROSS-DOMAIN ACCESS CONTROL FOR SSL VPN
Granted: May 3, 2012
Application Number:
20120110638
A method may include generating a request that includes a host domain associated with a multiple-domain-to-one domain mapping, capturing the request before transmission of the request, rewriting the host domain, and transmitting the request.
SHARING REDUNDANT POWER SUPPLY MODULES AMONG PHYSICAL SYSTEMS
Granted: April 26, 2012
Application Number:
20120098338
A system may include a switchover element configurable to source or sink power from or to an electronic device electrically coupled to the switchover element and a controller in communication with the switchover element. The controller may be configured to determine if the electronic device is healthy. When the electronic device is healthy, the controller may configure the switchover element to deliver power from the electronic device to the system and configure the switchover element to…
RETENTION-EXTRACTION DEVICE FOR REMOVABLE CARDS IN A CHASSIS
Granted: April 26, 2012
Application Number:
20120099284
A retention-extraction device is provided for a removable card in a chassis. The device includes an actuation rod having a cam slot, the actuation rod configured to provide linear movement along the length of the actuation rod, and an extraction lever operatively connected to a proximal end of the actuation rod and pivotally secured to the chassis. The device also includes a bell crank with a cam follower that is configured to ride in the cam slot and a latch hook that pivots between an…
METHOD AND APPARATUS FOR COMPUTING A BACKUP PATH USING FATE-SHARING INFORMATION
Granted: April 19, 2012
Application Number:
20120096182
To address shortcomings in the prior art, the invention uses fate sharing information to compute backup paths. Fate sharing information relates groups of nodes or links according to common characteristics, attributes, or shared resources (e.g., a shared power supply, close proximity, same physical link). In one embodiment, fate-sharing information includes costs associated with groups of nodes or links. When a primary path contains a link or node that is in a fate-sharing group, the…
WIRELESS INTRUSION PREVENTION SYSTEM AND METHOD
Granted: April 19, 2012
Application Number:
20120096539
A wireless intrusion prevention system and method to prevent, detect, and stop malware attacks is presented. The wireless intrusion prevention system monitors network communications for events characteristic of a malware attack, correlates a plurality of events to detect a malware attack, and performs mitigating actions to stop the malware attack.
CONTEXT-SWITCHED MULTI-STREAM PIPELINED REORDER ENGINE
Granted: April 12, 2012
Application Number:
20120087374
A pipelined reorder engine reorders data items received over a network on a per-source basis. Context memories correspond to each of the possible sources. The pipeline includes a plurality of pipeline stages that together simultaneously operate on the data items. The context memories are operatively coupled to the pipeline stages and store information relating to a state of reordering for each of the sources. The pipeline stages read from and update the context memories based on the…
PRESERVING AN AUTHENTICATION STATE BY MAINTAINING A VIRTUAL LOCAL AREA NETWORK (VLAN) ASSOCIATION
Granted: April 12, 2012
Application Number:
20120089742
A method may include detecting a presence of a first server device; communicating, with the first server device, to obtain information associated with the first server device; sending, to a second server device, a request for authentication services, where the request includes the information associated with the first server device; receiving, from the second server device, a notification that the first server device has been authenticated, where the notification includes a session…
MONITORING DATAGRAMS IN A DATA NETWORK
Granted: April 12, 2012
Application Number:
20120089728
A communication session over a network is facilitated. A signaling datagram from a source device having a source identity may be intercepted by a network device, and a response datagram may be generated for instructing the source device to send a subsequent datagram to the network device. The signaling datagram may be forwarded to a SIP server, where the SIP server associates the source identity with the network device acting on behalf of the source device, and where the SIP server…
DISTRIBUTED ADMISSION CONTROL
Granted: April 5, 2012
Application Number:
20120082031
A first network client requests initiation of a data transfer with a second network client. An admission control facility (ACF) responds to the initiation request by performing admission analysis to determine whether to initiate the data transfer. The ACF sends one or more packets to the second network client. In response, the second network client sends acknowledgment packets back to the ACF. The ACF performs admission analysis based on the packets sent and the acknowledgment packets,…
CONTEXT SWITCHED ROUTE LOOK UP KEY ENGINE
Granted: April 5, 2012
Application Number:
20120084396
A key engine that performs route lookups for a plurality of keys may include a data processing portion configured to process one data item at a time and to request data when needed. A buffer may be configured to store a partial result from the data processing portion. A controller may be configured to load the partial result from the data processing portion into the buffer. The controller also may be configured to input another data item into the data processing portion for processing…
PACKET PROCESSING IN A MULTIPLE PROCESSOR SYSTEM
Granted: April 5, 2012
Application Number:
20120084426
Packet processing is provided in a multiple processor system including a first processor to processing a packet and to create a tag associated with the packet. The tag includes information about the processing of the packet. A second processor receives the packet subsequent to the first processor and processes the packet using the tag information.
SYSTEM AND METHOD FOR FAST BRANCHING USING A PROGRAMMABLE BRANCH TABLE
Granted: April 5, 2012
Application Number:
20120084534
Methods and systems consistent with the present invention provide a programmable table which allows software to define a plurality of branching functions, each of which maps a vector of condition codes to a branch offset. This technique allows for a flexible multi-way branching functionality, using a conditional branch outcome table that can be specified by a programmer. Any instruction can specify the evaluation of arbitrary conditional expressions to compute the values for the…
MULTICASTING WITHIN A DISTRIBUTED CONTROL PLANE OF A SWITCH
Granted: March 22, 2012
Application Number:
20120069842
In some embodiments, a non-transitory processor-readable medium stores code representing instructions configured to cause a processor to receive, from an access switch, a first signal including forwarding state information associated with a first peripheral processing device from a set of peripheral processing devices. The code can further represent instructions configured to cause the processor to receive, from the first peripheral processing device, a second signal including a data…
SYSTEMS AND METHODS FOR NETWORK INFORMATION COLLECTION
Granted: March 22, 2012
Application Number:
20120072764
A network device may include logic configured to receive a problem report from a second network device, store and analyze data included in the problem report, filter data in the problem report to determine when the problem report is to be transmitted to a third network device, and transmit the problem report to the third network device when the filtering determines that the problem report is to be transmitted.
AUTOMATED ORCHESTRATION BETWEEN PHYSICAL AND VIRTUAL COMPUTING SYSTEMS
Granted: March 22, 2012
Application Number:
20120072909
Changes to a virtual system, such as a set of virtual machines in a data center, may be automatically synchronized with the corresponding physical system. In one implementation, an application may receive information regarding changes made to a virtual system. The application may determine whether the information regarding the changes necessitates a change in the configuration of one or more physical switches, and may reconfigure affected ones of the physical switches for compatibility…
