The Distributed Software Defined Network (dSDN) disclosed herein is an end-to-end architecture that enables secure and flexible programmability across a network with full lifecycle management of services and infrastructure applications (fxDeviceApp). The dSDN also harmonizes application deployment across the network independent of the hardware vendor. As a result, the dSDN simplifies the network deployment lifecycle from concept to design to implementation to decommissioning.

Systems and methods provide for synergistic domain name system DNS security updates for an enterprise network operating under a Software Defined Wide Area Network (SD-WAN). A system may be configured to collect positive and/or negative unified threat defense (UTD) results, deploy a rules-based model that, when a threat or clearance is detected across several SD-WAN edge network devices, triggers an update to a local security blacklist/whitelist, wherein the update comprises a signature, and push the update to other devices that have not yet seen the threat or clearance.

An example programmable integrated circuit (IC) includes a processor, a plurality of endpoint circuits, a network-on-chip (NoC) having NoC master units (NMUs), NoC slave units (NSUs), NoC programmable switches (NPSs), a plurality of registers, and a NoC programming interface (NPI). The processor is coupled to the NPI and is configured to program the NPSs by loading an image to the registers through the NPI for providing physical channels between NMUs to the NSUs and providing data paths between the plurality of endpoint circuits.

A hybrid configuration engine and associated method for reducing the complexity and burden of configuring rich coexistence between an on-premise solution and a cloud-based solution is described herein and illustrated in the accompanying figures. The hybrid configuration engine determines the current state of the on-premise solution and the cloud-based solution and learns the desired configuration state. After obtaining the current and desired configuration state information, the hybrid configuration engine determines and automatically performs steps to reach the desired configuration state. Finally, the hybrid configuration engine provides instructions describing the manual steps needed to reach the desired configuration state.

A device receives packets of a traffic flow, and inspects one or more of the packets of the traffic flow. The device determines, based on the inspection of the one or more packets, a service graph of feature peers for the packets of the traffic flow. The feature peers are associated with a network, and the service graph includes an ordered set of the feature peers. The device configures network devices of the network with the service graph, and the network devices forward the packets of the traffic flow to the feature peers based on the service graph and without changing the traffic flow.

The invention provides, in some aspects, a digital commerce system that includes a first digital data device, a second digital data device and a third digital data device, each of which is connected to a network that provides at least intermittent communications coupling between the second digital data device and each of the first and second digital data devices. Redirection logic executing on at least the second digital data device effects storage on the third digital data device of a digital media object downloaded from the first digital data device to the second digital data device. The redirection logic accomplishes that in such a manner that storage of the digital media object on the third digital data device is effected before storage of that digital media object on the second digital data device—if the digital media object is stored to the second digital data device at all. In related aspects of the invention, redirection logic executing on at least the second digital data device circumvents storage of the downloaded digital media object at least until that object has been stored on the third digital data device.

Efficient codeword synchronization methods and systems for fiber channel protocol are disclosed. The method includes identifying a codeword boundary by detecting 100-bit known patterns in a bit codeword in a transmission.

Described embodiments provide systems and methods for upgrading user space networking stacks without disruptions to network traffic. A first packet engine can read connection information of existing connections of a second packet engine written to a shared memory region by the second packet engine. The first packet engine can establish one or more virtual connections according to the connection information of existing connections of the second packet engine. Each of the first packet engine and the second packet engine can receive mirrored traffic data. The first packet engine can receive a first packet and determine that the first packet is associated with a virtual connection corresponding to an existing connection of the second packet engine. The first packet engine can drop the first packet responsive to the determination that the first packet is associated with the virtual connection.

Embodiments of the present disclosure are directed to protocol state transition and/or resource state transition tracker configured to monitor, e.g., via filters, for certain protocol state transitions/changes or host hardware resource transitions/changes when a host processor in the control plane that performs such monitoring functions is unavailable or overloaded. The filters, in some embodiments, are pre-computed/computed by the host processor and transmitted to the protocol state transition and/or resource state transition tracker. The protocol state transition and/or resource state transition tracker may be used to implement a fast upgrade operation as well as load sharing and or load balancing operation with control plane associated components.

Embodiments of the present disclosure are directed to protocol state transition and/or resource state transition tracker configured to monitor, e.g., via filters, for certain protocol state transitions/changes or host hardware resource transitions/changes when a host processor in the control plane that performs such monitoring functions is unavailable or overloaded. The filters, in some embodiments, are pre-computed/computed by the host processor and transmitted to the protocol state transition and/or resource state transition tracker. The protocol state transition and/or resource state transition tracker may be used to implement a fast upgrade operation as well as load sharing and or load balancing operation with control plane associated components.