A network optimization controller (NOC) performs operations including obtaining, from a secure access service edge (SASE) device executing a security service, a first data set defining a security performance metric provided by the security service, and obtaining, from the SASE, a second data set defining a network performance metric associated with a network device. The operations further include defining a policy based at least in part on the first data set and the second data set, determining if the policy has been violated, and changing a first access modality provided for the network device to access an end host to a second access modality based at least in part on the policy being violated. The first access modality and the second access modality define different methods of access to the end host.

The present disclosure discloses a method and an apparatus for processing a data packet, and relates to the field of data transmission technology. The method includes: receiving, by a load balancing device, a target data packet, performing protocol stack processing on the target data packet based on a user-mode protocol stack, and determining a target protocol type of the target data packet; scheduling, by the load balancing device, the target data packet through a scheduling function corresponding to the target protocol type registered in a user-mode netfilter framework; and forwarding or responding to, by the load balancing device, the target data packet based on a result of the scheduling.

This disclosure describes techniques for performing communications between devices using various aspects of Ethernet standards. As further described herein, a protocol is disclosed that may be used for communications between devices, where the communications take place over a physical connection complying with Ethernet standards. Such a protocol may enable reliable and in-order delivery of frames between devices, while following Ethernet physical layer rules, Ethernet symbol encoding, Ethernet lane alignment, and/or Ethernet frame formats.

Methods and apparatus for memory allocation and reallocation in networking stack infrastructures. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack). Due to this disclosed architecture, physical memory allocations (and deallocations) may be more flexibly implemented.

Methods and apparatus for efficient data transfer within a user space network stack. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Direct transfer reduces the per-byte and per-packet costs relative to socket based communication. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack).

Facilitating improved overall performance of remote data facility replication systems. A device can comprise a processor and a memory that stores executable instructions that, when executed by the processor, facilitate performance of operations. The operations can comprise adjusting, by a device comprising a processor, a value of a compression counter based on global system attributes associated with a remote data facility replication system and an application service performance expectation. The method also can comprise performing, by the device, one of: facilitating a data compression of a group of data blocks based on the value of the compression counter satisfying a threshold compression level or storing the group of data blocks without the data compression based on the value of the compression counter failing to satisfy the threshold compression level.

Methods and apparatus for efficient data transfer within a user space network stack. Unlike prior art monolithic networking stacks, the exemplary networking stack architecture described hereinafter includes various components that span multiple domains (both in-kernel, and non-kernel). For example, unlike traditional “socket” based communication, disclosed embodiments can transfer data directly between the kernel and user space domains. Direct transfer reduces the per-byte and per-packet costs relative to socket based communication. A user space networking stack is disclosed that enables extensible, cross-platform-capable, user space control of the networking protocol stack functionality. The user space networking stack facilitates tighter integration between the protocol layers (including TLS) and the application or daemon. Exemplary systems can support multiple networking protocol stack instances (including an in-kernel traditional network stack).

Methods and apparatus for dynamic packet pool configuration in networking stack architectures. Unlike prior art monolithic memory allocations, embodiments of the present disclosure enable packet pools associated with non-kernel space applications to dynamically allocate additional memory allocations to a given non-kernel space application, or conversely, de-allocate memory allocations to a given non-kernel space application. Variants also disclose the splitting up of a memory allocation into device accessible portions and kernel accessible portions. Other variants disclose sizing certain segment allocations so as to be a multiple of a physical address page size. Such a variant enables a single input/output (I/O) bus address lookup for the given segment so as to minimize look up costs associated with an I/O lookup for the given segment.

The present invention provides methods, apparatus and systems for improving a systems-level data rate on a communications link such as the orthogonal frequency division multiplexed multiple access (OFDMA) downlink used in WiFi and LTE cellular/wireless mobile data applications. The present invention preferably uses a form of multilevel coding and decoding known as tiled-building-block encoding/decoding. With the present invention, different receivers coupled to different parallel downlink channels with different channel qualities decode different received signal constellations at different levels of resolution. This allows the downlink of the OFDMA system to operate with a significantly higher data rate, thus eliminating existing inefficiencies in the downlink and significantly increasing system level bandwidth efficiency.

Device to device (D2D) communication can be performed with packet data convergence protocol (PDCP) based encapsulation without internet protocol (IP) addressing. The non-IP D2D PDCP-encapsulated communication can further include two forms of secure data transfer. A first non-IP D2D PDCP-encapsulated communication can be a negotiated non-IP D2D PDCP-encapsulated communication. A second non-IP D2D PDCP-encapsulated communication can be a non-negotiated non-IP D2D communication. The non-negotiated non-IP D2D PDCP-encapsulated communication can include a common key management server (KMS) version and a distributed KMS version. The encapsulated communication can be used with various protocols, including a PC5 protocol (such as the PC5 Signaling Protocol) and wireless access in vehicular environments (WAVE) protocols.