Systems and methods of network telemetry caching and distribution are provided. The system can receive network telemetry data and store it as a plurality of data nodes. The system can maintain a node pointer map and a node pointer queue. If the system receives an update to a data node having a corresponding node pointer not already present in the node pointer map, the system can add the node pointer to the node pointer queue and to the node pointer map with a count of zero. If the node pointer is already present in the node pointer map, the system can increment the node count for the node pointer in the node pointer map and not add the node pointer to the node pointer queue. The system can transmit data values and node counts to the client device for each node pointer in the node pointer queue.

Systems and methods of network telemetry caching and distribution are provided. The system can receive network telemetry data and store it as a plurality of data nodes. The system can maintain a node pointer map and a node pointer queue. If the system receives an update to a data node having a corresponding node pointer not already present in the node pointer map, the system can add the node pointer to the node pointer queue and to the node pointer map with a count of zero. If the node pointer is already present in the node pointer map, the system can increment the node count for the node pointer in the node pointer map and not add the node pointer to the node pointer queue. The system can transmit data values and node counts to the client device for each node pointer in the node pointer queue.

This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

This disclosure generally relate to a method and system for network policy simulation in a distributed computing system. The present technology relates techniques that enable simulation of a new network policy with regard to its effects on the network data flow. By enabling a simulation data flow that is parallel and independent from the regular data flow, the present technology can provide optimized network security management with improved efficiency.

Systems and methods of network telemetry caching and distribution are provided. The system can receive network telemetry data and store it as a plurality of data nodes. The system can maintain a node pointer map and a node pointer queue. If the system receives an update to a data node having a corresponding node pointer not already present in the node pointer map, the system can add the node pointer to the node pointer queue and to the node pointer map with a count of zero. If the node pointer is already present in the node pointer map, the system can increment the node count for the node pointer in the node pointer map and not add the node pointer to the node pointer queue. The system can transmit data values and node counts to the client device for each node pointer in the node pointer queue.

Systems and methods of network telemetry caching and distribution are provided. The system can receive network telemetry data and store it as a plurality of data nodes. The system can maintain a node pointer map and a node pointer queue. If the system receives an update to a data node having a corresponding node pointer not already present in the node pointer map, the system can add the node pointer to the node pointer queue and to the node pointer map with a count of zero. If the node pointer is already present in the node pointer map, the system can increment the node count for the node pointer in the node pointer map and not add the node pointer to the node pointer queue. The system can transmit data values and node counts to the client device for each node pointer in the node pointer queue.

A method samples a stream of data items. Each data item has an associated timestamp. The method assigns a priority value to each data item. Each data item is represented as a point on a two-dimensional graph whose axes are time and priority. A sliding window covers a predetermined length of time t.sub.span and uses a backward probability decay curve to specify what priority values are included in the sliding window. This defines, for a current time t.sub.c, a current data sample consisting of data items whose timestamps t fall within the time span t.sub.c−t.sub.span≤t≤t.sub.c and have priority values below the decay curve. The data sample is stored in a buffer. The process iteratively moves the sliding window forward by a time increment, creating a provisional data sample. When the size of the provisional data sample is too large or too small, the process scales the decay curve.

A method samples a stream of data items. Each data item has an associated timestamp. The method assigns a priority value to each data item. Each data item is represented as a point on a two-dimensional graph whose axes are time and priority. A sliding window covers a predetermined length of time t.sub.span and uses a backward probability decay curve to specify what priority values are included in the sliding window. This defines, for a current time t.sub.c, a current data sample consisting of data items whose timestamps t fall within the time span t.sub.c−t.sub.span≤t≤t.sub.c and have priority values below the decay curve. The data sample is stored in a buffer. The process iteratively moves the sliding window forward by a time increment, creating a provisional data sample. When the size of the provisional data sample is too large or too small, the process scales the decay curve.

The disclosure relates to a method of collecting data from a directory service used to administer a private network comprising a group of interconnected computers (PDS, PC), the directory service collecting data relating to objects in the network, the method comprising the steps of: connecting a terminal (PC) to a network server (PDS) including an instance of the directory service, configuring the instance of the directory service on the server by the terminal, so that the terminal is notified of modifications made to the directory service data, receiving by the terminal notification messages (NTF) containing modified directory service data transmitted by the server, and processing each of the received notification messages to determine the modifications made to the directory service data.

A system and method for data filtering and transmission management are provided. In particular, disclosed is a method of transmission management for data acquired by a remote monitor having a sensor. The method comprises the steps of: defining an initial trend envelope having a window around a forecast trend gradient, the window defined by an initial upper bound and an initial lower bound; and processing a set of data points acquired by the sensor, to identify any data points outside the initial trend envelope. When a point is identified outside the initial trend envelope, the method: (i) transmits an event data packet to a central server; and (ii) identifies a subsequent trend envelope based on a trend gradient derived from a preceding set of data points, said preceding set of points including an identified point from the event data packet.