Device to device migration in a unified endpoint management system
Granted: September 10, 2024
Patent Number:
12086099
Described herein are example methods and systems for enrolling a user device with an unified endpoint management system (“UEMS”) directly from another user device. The examples describe a first user device that is already enrolled with the UEMS and a second user device that is seeking to be enrolled. The two user devices can establish a direct connection with each other. The second user device can be authenticated by a user inputting the same migration password or pin at both user…
Voice skill session lifetime management
Granted: September 10, 2024
Patent Number:
12088585
Disclosed are various aspects of voice skill session lifetime management. In some examples, a session extension request is received. The session extension request extends a voice skill session of a voice-activated device. A personal client device is identified based on the session extension request. A command to emit an ultrasonic pulse is transmitted to the personal client device.
Managing L4 ports
Granted: September 10, 2024
Patent Number:
12088555
Some embodiments of the invention provide a novel method for managing layer four (L4) ports associated with a machine executing on a host computer. The method collects a set of contextual attributes relating to applications executing on the machine. It then analyzes the collected contextual attributes to identify at least one L4 port that has to have its status modified. Next, it modifies the status of the identified L4 port. In some embodiments, the status of an L4 port can be either…
Packet fragmentation using outer header
Granted: September 10, 2024
Patent Number:
12088512
In some embodiments, a method fragments a first packet into a plurality of fragments when a length of an encapsulated first packet is larger than a maximum transmission unit size. For each fragment in the plurality of fragments, fragmentation information is generated. The method encapsulates each fragment in the plurality of fragments with an outer header to form a plurality of encapsulated packets. The respective fragmentation information for each fragment is inserted in a portion of…
Multi-VRF and multi-service insertion on edge gateway virtual machines
Granted: September 10, 2024
Patent Number:
12088493
In an embodiment, a method for a VRF and multi-service insertion on edge gateways is described. In an embodiment, the method comprises obtaining a rule configuration. Based on, at least in part, the rule configuration, a rule table is created. The rule table comprises rule data records, wherein a rule data record comprises packet attributes and a redirection identifier. A policy configuration comprising policy records is obtained. Each policy record comprises a redirection identifier, a…
Multi-cloud recommendation engine for customer workloads
Granted: September 10, 2024
Patent Number:
12088479
System and computer-implemented method for generating multi-cloud recommendations for workloads uses costs and performance metrics of appropriate instance types in specific public clouds for target workloads to produce recommendation results. The appropriate instance types in the specific public clouds are determined based on instance capabilities and the workload type of the target workloads. In addition, a recommended cloud resource offering is determined for the target workloads,…
Optimizing VM NUMA configuration and workload placement in a heterogeneous cluster
Granted: September 10, 2024
Patent Number:
12086634
An example method of placing a virtual machine (VM) in a cluster of hosts is described. Each of the hosts having a hypervisor managed by a virtualization management server for the cluster, the hosts separated into a plurality of nonuniform memory access (NUMA) domains. The method including: comparing a virtual central processing unit (vCPU) and memory configuration of the VM with physical NUMA topologies of the hosts; selecting a set of the hosts spanning at least one of the NUMA…
Optimizing virtual machine scheduling on non-uniform cache access (NUCA) systems
Granted: September 10, 2024
Patent Number:
12086622
Techniques for optimizing virtual machine (VM) scheduling on a non-uniform cache access (NUCA) system are provided. In one set of embodiments, a hypervisor of the NUCA system can partition the virtual CPUs of each VM running on the system into logical constructs referred to as last level cache (LLC) groups, where each LLC group is sized to match (or at least not exceed) the LLC domain size of the system. The hypervisor can then place/load balance the virtual CPUs of each VM on the…
Resiliency and performance for cluster memory
Granted: September 10, 2024
Patent Number:
12086469
Disclosed are various embodiments for improving the resiliency and performance for clustered memory. A computing device can mark a page of the memory as being reclaimed. The computing device can then set the page of the memory as read-only. Next, the computing device can submit a write request for the contents of the page to individual ones of a plurality of memory hosts. Subsequently, the computing device can receive individual confirmations of a successful write of the page from the…
System and method for checking reputations of executable files using file origin analysis
Granted: September 10, 2024
Patent Number:
12086234
System and method for checking reputations of executable files in an endpoint device use an integrity verification on an executable file being scanned to determine whether the executable file has been unaltered since being installed in the endpoint device. When the executable file has been determined to be unaltered since being installed in the endpoint device, a file origin analysis is executed on the executable file based on a vendor identifier for the executable file to determine…
IOMMU-based direct memory access (DMA) tracking for enabling live migration of virtual machines (VMS) using passthrough physical devices
Granted: September 10, 2024
Patent Number:
12086084
Techniques for implementing IOMMU-based DMA tracking for enabling live migration of VMs that use passthrough physical devices are provided. In one set of embodiments, these techniques leverage an IOMMU feature known as dirty bit tracking which is available in most, if not all, modern IOMMU implementations. The use of this feature allows for the tracking of passthrough DMA in a manner that is device/vendor/driver agnostic, resulting in a solution that is universally applicable to all…
Secure inter-application communication with unmanaged applications using certificate enrollment
Granted: September 3, 2024
Patent Number:
12081537
Disclosed are various approaches for secure inter-application communication with unmanaged applications using certificate enrollment. A certificate signing request can be received from an unmanaged application via an inter-application communication method supported by an operating system of a computing device, and an identity of the unmanaged application can be verified. The certificate signing request can be provided to a certifying authority, and a certificate can be received from the…
Probabilistic filters for use in network forwarding and services
Granted: September 3, 2024
Patent Number:
12081437
Some embodiments of the invention provide novel methods for using probabilistic filters to keep track of data message flows that are processed at an element (e.g., forwarding element or middlebox service element) of a network. In some embodiments, the method iteratively switches between two probabilistic filters as the active and backup filters as a way of maintaining and refreshing its active probabilistic filter without the need for maintaining time values for removing outdated records…
Methods and apparatus to dynamically monitor and control compute device identities during operations
Granted: September 3, 2024
Patent Number:
12081424
Methods, apparatus, systems, and articles of manufacture are disclosed to dynamically monitor and control compute device identities during operations. Disclosed is an apparatus comprising interface circuitry, machine readable instructions, and processor circuitry to at least one of instantiate or execute the machine readable instructions to generate a unique label for a node from a data plane, the unique label to identify the node, perform an operation on the node, the operation to be…
Formal verification of network changes
Granted: September 3, 2024
Patent Number:
12081395
A network insight system that performs intent verification of network changes is provided. The system generates a first model of a network comprising a first set of one or more rule tables, each rule table described by one or more flow nodes. The system generates a second model of the network comprising a second set of one or more rule tables. Each rule table is described by one or more flow nodes. Each flow node specifies a set of packets and an action to be taken on the specified set…
On-demand remote applications
Granted: September 3, 2024
Patent Number:
12079609
Techniques for delivering remote applications to servers in an on-demand fashion (i.e., as end-users need them) are provided. In one set of embodiments, these techniques include packaging the installed contents (e.g., executable code and configuration data) of the remote applications into containers, referred to as application packages, that are placed on shared storage and dynamically attaching (i.e., mounting) an application package to a server at a time an end-user requests access a…
Intelligent creation of customized responses to customer feedback
Granted: September 3, 2024
Patent Number:
12079577
Systems and methods are described for creating a customized response to user feedback. In an example, a feedback system can receive user feedback about a product. The feedback system can parse the user feedback to extract keywords and assign categories to the keywords. The feedback system can also receive update information related to the product. The feedback system can parse the product update information in a similar manner to extract keywords and assign them to categories. The…
In-memory scanning for fileless malware on a host device
Granted: September 3, 2024
Patent Number:
12079339
The disclosure herein describes the processing of malware scan requests from VCIs by an anti-malware scanner (AMS) on a host device. A malware scan request is received by the AMS from a VCI, the malware scan request including script data of a script from a memory buffer of the VCI. The AMS scans the script data of the malware scan request, outside of the VCI, and determines that the script includes malware. The AMS notifies the VCI that the script includes malware, whereby the VCI is…
Verifying object file canisters using built-in reverse relocation integrity checking
Granted: September 3, 2024
Patent Number:
12079073
The disclosure herein describes integrity verification of a checksum of a canister data structure using built-in checksum verification capability. A kernel image is accessed, and a canister data structure is allocated in a section of memory. The canister data structure is loaded with canister data from the kernel image, wherein the loading is based on an interpreter obtained from the kernel image, wherein the canister data includes address relocation data and a checksum of the canister…
Memory coherency in application-level virtualization
Granted: August 27, 2024
Patent Number:
12072804
A coherence protocol applied to memory pages maintains coherence between memory spaces on a plurality of nodes so that the threads of the runtime are operable on any of the nodes. The nodes operating according to the coherence protocol track a state and an epoch number for each memory page residing therein. The states include a modified state in which only one particular node has an up-to-date copy of the memory page, an exclusive state in which only one particular node owns the memory…
