Methods for smart bandwidth aggregation based dynamic overlay selection among preferred exits in SD-WAN
Granted: July 23, 2024
Patent Number:
12047282
The method of some embodiments selects a set of links to forward packets of a data flow from an application running on a machine connected to an SD-WAN that has multiple exits. The method, based on computed sets of attributes for a first set of links and a second set of links, selects between the first set of links and the second set of links. At least the first set of links has multiple links and at least one attribute of the first set of links is an attribute that is computed by…
Grouping route-based virtual private network interfaces in a virtualized computing system
Granted: July 23, 2024
Patent Number:
12047278
An example method of identifying an equal cost multipath (ECMP)-enabled route-based virtual private networks (RBVPN) in a virtualized computing system, comprises: obtaining, at a telemetry agent executing in an edge server of a data center, learned routes; identifying, by the telemetry agent from the routes, a destination network and a plurality of next hops associated therewith and a plurality of virtual tunnel interfaces (VTIs); identifying, by the telemetry agent for each of the…
RIC with a dedicated IO thread and multiple data processing threads
Granted: July 23, 2024
Patent Number:
12047245
To provide a low latency near RT RIC, some embodiments separate the RIC's functions into several different components that operate on different machines (e.g., execute on VMs or Pods) operating on the same host computer or different host computers. Some embodiments also provide high speed interfaces between these machines. Some or all of these interfaces operate in non-blocking, lockless manner in order to ensure that critical near RT RIC operations (e.g., datapath processes) are not…
Configuration management for co-management
Granted: July 23, 2024
Patent Number:
12047239
Various examples for discovering policy bindings between group policy rules in a legacy management framework and unified endpoint management rules that are utilized in a modern mobile device management (MDM) device management framework. A configuration state view can allow an administrator to understand inconsistencies or conflicts between group policy rules and UEM rules.
Barcode-based enrollment of devices with a management service
Granted: July 23, 2024
Patent Number:
12045680
Various examples for providing an enrollment barcode to a staging client are provided. Enrollment data can be provided to a barcode service, which generates an enrollment barcode. Interpreting the enrollment barcode by a client device causes a management component installed on the client device to authenticate to a management service using a staging credential encrypted or secured in the enrollment barcode, and causes the enrollment of the client device with the management service.
Efficiently maintaining a globally uniform-in-time execution schedule for a dynamically changing set of periodic workload instances
Granted: July 23, 2024
Patent Number:
12045659
An algorithm for efficiently maintaining a globally uniform-in-time execution schedule for a dynamically changing set of periodic workload instances is provided. At a high level, the algorithm operates by gradually adjusting execution start times in the schedule until they converge to a globally uniform state. In certain embodiments, the algorithm exhibits the property of “quick convergence,” which means that regardless of the number of periodic workload instances added or removed,…
Optimal method for deleting sub-blocks of a pointer block that do not have on-disk metadata headers for addresses
Granted: July 23, 2024
Patent Number:
12045485
A method of deleting a first pointer block of a plurality of pointer blocks of a file system from a storage device used by a plurality of applications, wherein the plurality of pointer blocks are each subdivided into sub-blocks, includes the steps of: determining that a first sub-block of the first pointer block is marked as being empty of any addresses of the file system at which storage space is allocated to files of the applications; determining that a second sub-block of the first…
Small in-memory cache to speed up chunk store operation for deduplication
Granted: July 23, 2024
Patent Number:
12045204
The present disclosure provides techniques for deduplicating files. The techniques include creating a cache or subset of a large data structure. The large data structure organizes information by random hash values. The random hash values result in a random organization of information within the data structure, with the information spanning a large number of storage blocks within a storage system. The cache, however, is within memory and is small relative to the data structure. The cache…
State management for device-driven management workflows
Granted: July 16, 2024
Patent Number:
12041125
Disclosed are various embodiments for recognizing state changes in client devices and managing the state of client devices using device-driven management workflows. A computing device can receive a state of a client device. The computing device can then determine if the received state matches an expected, compliant state of the client device. When the computing device determines that the received state does not match the expected state, the computing device can identify a remedial…
Accurate traffic steering between links through sub-path path quality metrics
Granted: July 16, 2024
Patent Number:
12041479
Some embodiments provide a method for quantifying quality of several service classes provided by a link between first and second forwarding nodes in a wide area network (WAN). At a first forwarding node, the method computes and stores first and second path quality metric (PQM) values based on packets sent from the second forwarding node for the first and second service classes. The different service classes in some embodiments are associated with different quality of service (QoS)…
Peer-to-peer data communication between different applications
Granted: July 16, 2024
Patent Number:
12041123
Examples described herein include systems and methods for synchronizing applications that target different software development kits (“SDK”). The system can execute a bridge application that registers an implementation of a content provider class. This allows the bridge application to communicate with a first application targeting a first SDK. The bridge application can also register to send and receive implicit broadcasts. After the bridge application verifies the request, it can…
Multi-user biometric authentication on a mobile device
Granted: July 16, 2024
Patent Number:
12041047
Disclosed are various approaches for performing biometric authentication of users using an application running on a client device. A biometric model can be trained using biometric data from a population of users. The biometric model can be used by the client application to authenticate users and can be separate from system-level biometric authentication capabilities of the client device.
Desired state management of software-defined data center
Granted: July 16, 2024
Patent Number:
12040942
A method of managing configurations of a data center according to a desired state of the configurations includes retrieving a running state of the configurations, comparing the running state against a first desired state of the configurations and determining a drift of the running state from the first desired state, notifying a cloud control plane of the drift, and in response to an instruction issued by the cloud control plane to apply the desired state, configuring the data center…
Code-change and developer rating in an automated-application-release-management subsystem
Granted: July 16, 2024
Patent Number:
12039325
The current document is directed to an automated-application-release-management system that organizes and manages the application-development and application-release processes to allow for continuous application development and release. The current document is particularly directed to implementations in which the automated application-release-management subsystem provides code-change ratings and developer ratings used throughout the code-change-submission-to-acceptance process.…
Techniques for patching in a distributed computing system
Granted: July 9, 2024
Patent Number:
12032953
A system may include multiple software components of a software application running on multiple nodes in a distributed computing system, a patch execution server including a patch build server including a structured patch execution module connected to the distributed computing system via a network. The patch execution module receives an uploaded patch, a patch definition file, and a workflow template from a global patch repository. Further, the patch execution module creates a patch…
Methods for revalidating FQDN rulesets in a firewall
Granted: July 9, 2024
Patent Number:
12034700
A method comprises: in response to detecting a new expression in a policy rule, updating a global version number to a new value; identifying a particular IP address that corresponds to an FQDN matching on the new expression; storing an entry comprising the particular IP address, the new expression, and an entry version number in a first data structure, the entry version number being assigned the new value; in response to detecting a new connection to a destination IP address: finding a…
Identifying and remediating anomalies in a self-healing network
Granted: July 9, 2024
Patent Number:
12034587
Some embodiments of the invention provide a method of remediating anomalies in an SD-WAN implemented by multiple forwarding elements (FEs) located at multiple sites connected by the SD-WAN. The method is performed iteratively. The method receives multiple performance metrics that over a duration of time express a performance of the SD-WAN for at least one particular application associated with flows that traverse the SD-WAN during the time duration. The method uses the received…
Managed virtual machines
Granted: July 9, 2024
Patent Number:
12032985
Examples of enterprise management using managed virtual machines are described. Virtual machine files can be extracted from a virtual machine package and stored on a host device. The virtual machine files can include a managed virtual machine configuration file, an NVRAM file, and a virtual disk file, as well as other files. A digital signature of the managed virtual machine package can be verified. The digital signature can be based on the managed virtual machine configuration file, the…
Force provisioning using available resources
Granted: July 9, 2024
Patent Number:
12032981
The present disclosure is related to methods, systems, and machine-readable media for force provisioning using available resources. A request can be received to provision a virtual computing instance by a software defined data center according to a storage policy specified as part of the request. An insufficiency of storage policy resources to satisfy the storage policy specified for the VCI can be determined. A best-match storage policy can be determined for the VCI based on available…
Reducing the startup latency of functions in a FaaS infrastructure
Granted: July 9, 2024
Patent Number:
12032970
Techniques for reducing the startup latency of functions in a Functions-as-a-Service (FaaS) infrastructure are provided. In one set of embodiments, a function manager of the FaaS infrastructure can receive a request to invoke a function uploaded to the infrastructure and can retrieve information associated with the function. The retrieved information can include an indicator of whether instances of the function may be sticky (i.e., kept in host system primary memory after function…
