Egress cost optimization for multi-cloud network
Granted: March 12, 2024
Patent Number:
11929838
Some embodiments provide a method for evaluating locations of applications in a multi-cloud network with applications located in different cloud datacenters of one or more cloud providers. The method receives data for flows collected from the cloud datacenters. The data for each flow indicates a source and destination of the flow and applications to which at least one of the source and destination of the flow belong. The method uses network topology data to identify a subset of the flows…
Measuring audio and video latencies in virtual desktop environments
Granted: March 12, 2024
Patent Number:
11930299
Described herein are systems, methods, and software to monitor latency information in virtual desktop environments. In one example, a user computing system may obtain a first frame of video data from a second computing system, wherein the video data is streamed from the user computing system to the second computing system. The user computing system further identifies a first frame number for the first frame based on a code in the first frame, identifies a frame number for second frame of…
Inventory management for data transport connections in virtualized environment
Granted: March 12, 2024
Patent Number:
11930093
Aspects of managing inventory for data transport connections within a virtualized computing environment are described. A virtualized management system managing a cluster of host devices obtains a data transport capacity parameter and an aggregate memory consumption value from respective host devices. The virtualized management system further identifies an update status associated with each of the host devices. In response to receiving a data transport connection request, the virtualized…
Workflow service back end integration
Granted: March 12, 2024
Patent Number:
11930003
Disclosed are various approaches for workflow service back end integration. In some examples, a workflow service identifies a workflow action and a user account that is responsible for the workflow action. A command to present the workflow action for user authorization is transmitted to a client device associated with the user account. The workflow service transmits a command to perform the workflow action based on an identification of the user authorization.
Polling service
Granted: March 12, 2024
Patent Number:
11930001
Disclosed are various approaches for polling federated services for notifications. A request for an access token for a federated service is sent to an authentication service. The access token for the federated service is received from the authentication service. A query is sent to the federated service for a notification, the query comprising the access token. The notification is received from the federated service.
Managing processing queue allocation based on addressing attributes of an inner packet
Granted: March 12, 2024
Patent Number:
11929920
Described herein are systems, methods, and software to manage processing queue allocation based on addressing attributes of an inner packet. In one implementation, a first gateway identifies processing queues at a second gateway and assigns a unique flow label to each of the processing queues. The first gateway further receives a packet from a computing node that is directed toward the second gateway. The first gateway hashes addressing information in the packet to select a flow label,…
Emulating packet flows to assess network links for SD-WAN
Granted: March 12, 2024
Patent Number:
11929903
Some embodiments provide a novel method for assessing the suitability of network links for connecting compute nodes located at different geographic sites. The method of some embodiments identifies and analyzes sample packets from a set of flows exchanged between first and second compute sites that are connected through a first network link in order to identify attributes of the sampled packets. The method also computes attributes of predicted packets between the identified samples in…
Highly-scalable, software-defined, in-network multicasting of load statistics data
Granted: March 12, 2024
Patent Number:
11929897
In an embodiment, a computer-implemented method for highly-scalable, in-network multicasting of statistics data is disclosed. In an embodiment, a method comprises: receiving, from an underlay controller, a match-and-action table that is indexed using one or more multicast (“MC”) group identifiers and includes one or more special MC headers; detecting a packet carrying statistics data; determining whether the packet includes an MC group identifier; in response to determining that the…
Supporting virtual machine migration when network manager or central controller is unavailable
Granted: March 12, 2024
Patent Number:
11929883
The disclosure provides an approach for virtual computing instance (VCI) migration. Embodiments include scanning logical segments associated with a customer gateway to identify network addresses associated with the logical segments. Embodiments include determining one or more recommended supernets based on the network addresses associated with the logical segments. Embodiments include providing output to a user based on the one or more recommended supernets. Embodiments include based on…
Methods and apparatus to cross configure network resources of software defined data centers
Granted: March 12, 2024
Patent Number:
11929875
Methods and apparatus to cross configure network resources of software defined data centers are disclosed. Example instructions cause one or more processors to monitor a component of a network for a probe packet sent to the component. The example instructions cause the one or more processors to, in response to detecting the probe packet, determine whether the probe packet includes a unique source media access control (MAC) address that is included in a probe access control list (ACL),…
Managing a hierarchy of resources in an SDDC
Granted: March 5, 2024
Patent Number:
11921583
Some embodiments provide a hierarchical data service (HDS) that manages many resource clusters that are in a resource cluster hierarchy. In some embodiments, each resource cluster has its own cluster manager, and the cluster managers are in a cluster manager hierarchy that mimics the hierarchy of the resource clusters. In some embodiments, both the resource cluster hierarchy and the cluster manager hierarchy are tree structures, e.g., a directed acyclic graph (DAG) structure that has one…
Remote session based micro-segmentation
Granted: March 5, 2024
Patent Number:
11924167
The disclosure provides an approach for implementing a distributed firewall within a data center. The firewall is implemented as a kernel space filter driver within the operating system of virtual machines. Each virtual machine hosts several user sessions. The firewall may be dynamically updated with new security policies, either by an administrator or a component of the data center.
Resource-path-based, dynamic group membership support for membership groups
Granted: March 5, 2024
Patent Number:
11924166
In an embodiment, a computer-implemented method for providing dynamic mechanisms for resource-path-based, dynamic group membership support for local and external membership groups is described. A method comprises: detecting, by a group resolver implemented in a management and control plane, that information about an object stored in the plane was created or updated; determining whether a URI of the object matches a URI regular expression and other conditions specified in membership…
Enhanced attachable writable volumes in VDI based on data requirements
Granted: March 5, 2024
Patent Number:
11922201
Systems and methods are described for efficient ways to manage storage of data in virtual desktops on writable volumes contained in attachable virtual disks. Multiple writeable volumes can be attached to a user's virtual desktop and data writes on the virtual desktop can be allocated among the writeable volumes based on preset policies or criteria, allowing the storage of different types of data in different writable volumes located on different storage devices.
Associating security tags to continuous data protection checkpoints/snapshots/point-in-time images
Granted: March 5, 2024
Patent Number:
11922199
An in-guest agent in a virtual machine (VM) operates in conjunction with a replication module. The replication module performs continuous data protection (CDP) by saving images of the VM as checkpoints at a disaster recovery site over time. Concurrently, the in-guest agent monitors for behavior in the VM that may be indicative of the presence of malicious code. If the in-guest agent identifies behavior (at a particular point in time) at the VM that may be indicative of the presence of…
Deployment and isolation of plugins in a virtualized computing environment
Granted: March 5, 2024
Patent Number:
11922185
In an architecture of a virtualized computing system plugins are less tightly integrated with a core user interface of a management server. Rather than being installed and executed at the management server as local plugins, the plugins are served as remote plugins from a plugin server, and may be accessed by a web client through a reverse proxy at the management server. Plugin operations may be executed at the plugin server and/or invoked from a user device where the web client resides.…
Uniform access to diverse structured information for client applications
Granted: March 5, 2024
Patent Number:
11921709
Disclosed are various examples for an application settings module that provides uniform access to diverse types of data, such as mobile device settings. A client device, such as a mobile device, can be configured through execution of program instructions to access a schema file comprising a definition of a plurality of keypaths, where individual ones of the plurality of keypaths uniquely correspond to one of a plurality of device settings and the keypaths are defined in the schema file…
Version control interface for accessing data lakes
Granted: March 5, 2024
Patent Number:
11921704
A version control interface for data provides a layer of abstraction that permits multiple readers and writers to access data lakes concurrently. An overlay file system, based on a data structure such as a tree, is used on top of one or more underlying storage instances to implement the interface. Each tree node tree is identified and accessed by means of any universally unique identifiers. Copy-on-write with the tree data structure implements snapshots of the overlay file system. The…
Correlation key used to correlate flow and context data
Granted: March 5, 2024
Patent Number:
11921610
Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance. Some embodiments collect, each time a request for a new data message flow is initiated, a set of contextual attributes (i.e., context data) associated with the requested new data message flow. The method, in some embodiments, generates a correlation data set and provides the correlation data set to be…
Executing targeted workloads in virtual desktop environments using input encoded into digital images
Granted: March 5, 2024
Patent Number:
11921607
Techniques are described providing improved ways to benchmark and validate virtual desktop deployments where targeted workloads are delivered to virtual desktops based on parameters such as the desktop type and origin, and where workload operations can be triggered from the client device. Client instructions for performing workload operations can be encoded into a digital image such as a Quick Response (QR) code on the virtual desktop and inserted into the virtual desktop graphical user…
