The disclosed technology teaches testing a mesh network using new service application level KPIs that extend the TWAMP measurement architecture. A control-client receives and parses a configuration file to populate memory with IP addresses, ports, and test session parameters for disclosed KPIs used to originate two-way test sessions from a first network host; with control-servers and session-reflectors. The method extends the receiving, parsing and originating to dozens to thousands of control-clients, by sending to the control-clients configuration files to originate respective test sessions with control-servers in a mesh network using respective test session parameters; and while the test is running, sending an updated configuration file to at least one control-client that introduces a new control-server or replaces a control-server; and expanding the test to include the new or replacement control-server without stopping or restarting TW test sessions with other control-servers; and monitoring the running test sessions and receiving results.

A system for maintaining a state of a session of a network application across different client device is disclosed. A first client application establishes sessions of a user to a network application. Each of the sessions is accessed via a first embedded browser of a first client application. The first client application stores a state of the sessions to a workspace service in association with the user, and a context of the user to a workspace hub. A second client application establishes the sessions to the network application based on the state of the sessions obtained via the workspace service that are each accessed via a second embedded browser of the second client application. The second client application updates the state of the sessions to a second state based on detection of a state change and a context of the user obtained from the workspace hub.

In a data transmission method, a transmit end may obtain a first application message generated by a target application running on the transmit end. The transmit end encapsulates the first application message to obtain a first data frame, where the first data frame includes a first frame type identifier, and the first frame type identifier indicates that an application message included in the first data frame is a complete application message. The transmit end transmits the first data frame to a receive end based on an established QUIC connection to the receive end. After receiving the first data frame, the receive end may determine, based on the first frame type identifier in the first data frame, that the application message included in the first data frame is a complete application message.

A computing device may include a memory and a processor cooperating with the memory and configured to receive connection leases providing instructions for connecting to computing sessions, and request connections to the computing sessions including the connection leases. Each connection lease may comprise a first component unique to a published resource, and a second component referenced by the first component and shared in common with a plurality of different published resources in other connection leases, with the second component being updateable independent of the first component.

A non-transitory computer readable storage medium has instructions executed by a processor to receive network session information from network monitoring devices distributed throughout an enterprise network. The network session information characterizes communications between a client device within the enterprise network and a server external to the enterprise network. The network session information is transformed into vectors of network communication session parameters. The vectors are combined into different time series of data. A similarity measure is computed between the different time series of data to detect unique sessions between the client device and a middlebox network device within the enterprise network or unique sessions between a middle box network device within the enterprise network and the server. The unique sessions are evaluated to infer relationships between networked devices within the enterprise network. A visualization of the relationships to characterize enterprise network topology is supplied.

A non-transitory computer readable storage medium has instructions executed by a processor to receive network session information from network monitoring devices distributed throughout an enterprise network. The network session information characterizes communications between a client device within the enterprise network and a server external to the enterprise network. The network session information is transformed into vectors of network communication session parameters. The vectors are combined into different time series of data. A similarity measure is computed between the different time series of data to detect unique sessions between the client device and a middlebox network device within the enterprise network or unique sessions between a middle box network device within the enterprise network and the server. The unique sessions are evaluated to infer relationships between networked devices within the enterprise network. A visualization of the relationships to characterize enterprise network topology is supplied.

The apparatus includes a memory configured to store security information, and at least one processing core, configured to generate the security information by defining a security policy concerning user plane transfer of precision time protocol messages, and to instruct at least one network node to implement the security policy by transmitting the security information to the at least one network node.

Techniques are disclosed for the identification of applications from communication sessions of network traffic between client devices and the generation of application-specific metrics for network traffic associated with the applications. In one example, a router obtains metrics for a plurality of packets. The router determines a session of a plurality of sessions associated with each packet. For each determined session, the router generates metrics for the session from the metrics of the packets associated with the session and determines an application of a plurality of applications associated with the session. For each determined application, the router generates metrics for the application from the metrics of the sessions associated with the application and transmits, to a device, the metrics for the application. In some examples, the router generates the metrics for each application on a per-client, per-next-hop, or per-traffic class basis.

Techniques are disclosed for the identification of applications from communication sessions of network traffic between client devices and the generation of application-specific metrics for network traffic associated with the applications. In one example, a router obtains metrics for a plurality of packets. The router determines a session of a plurality of sessions associated with each packet. For each determined session, the router generates metrics for the session from the metrics of the packets associated with the session and determines an application of a plurality of applications associated with the session. For each determined application, the router generates metrics for the application from the metrics of the sessions associated with the application and transmits, to a device, the metrics for the application. In some examples, the router generates the metrics for each application on a per-client, per-next-hop, or per-traffic class basis.

A method for coordinating distributed network address translation (NAT) in a network within which several logical networks are implemented. The logical networks include several tenant logical networks and at least one service logical network that include service virtual machines (VMs) that are accessed by VMs of the tenant logical networks. The method defines a group of replacement IP address and port number pairs. Each pair is used to uniquely identify a VM across all tenant logical networks. The method sends to at least one host that is hosting a VM of a particular tenant logical network, a set of replacement IP address and port number pairs. Each replacement IP address and port number pair can be used by the host to replace a source IP address and a source port number in a packet that is destined from the particular VM to a VM of the particular service logical network.