In one embodiment, a network flow sampling system includes packet processing circuitry to process data packets of multiple network flows, and an adaptive policer to, for each one network flow of the multiple network flows compute a quantity of flow-specific sampling credits to be assigned to the one network flow responsively to a quantity of the network flows currently being processed by the packet processing circuitry, assign the flow-specific sampling credits to the one network flow, sample at least one of the data packets of the one network flow responsively to availability of the flow-specific sampling credits of the one network flow yielding sampled data, while applying sampling fairness among the network flows, and remove at least one of the flow-specific sampling credits of the one network flow from availability responsively to sampling the at least one data packet of the one network flow.

In one embodiment, a network flow sampling system includes packet processing circuitry to process data packets of multiple network flows, and an adaptive policer to, for each one network flow of the multiple network flows compute a quantity of flow-specific sampling credits to be assigned to the one network flow responsively to a quantity of the network flows currently being processed by the packet processing circuitry, assign the flow-specific sampling credits to the one network flow, sample at least one of the data packets of the one network flow responsively to availability of the flow-specific sampling credits of the one network flow yielding sampled data, while applying sampling fairness among the network flows, and remove at least one of the flow-specific sampling credits of the one network flow from availability responsively to sampling the at least one data packet of the one network flow.

Methods and systems for enabling or disabling a non-interfering mode in a telematics device are provided. The methods may include determining by a telematics server that a telematics device coupled to an asset communications bus of an asset may enter or exit a non-interfering mode. The methods may also include detecting the presence of a diagnostic tool on the asset communications bus.

Techniques for data source driven expected network policy control are described. A policy enforcement service receives, from a compute instance in a virtual network implemented within a service provider system, a request to access data. The policy enforcement service determines that a virtual network security condition of a policy statement is not satisfied. The policy statement was configured by a user for use in controlling access to the data. The virtual network security condition defines a condition of the virtual network that is to be met. The policy enforcement service performs one or more security actions in response to the determination that the virtual network security condition of the policy statement is not satisfied.

Techniques for data source driven expected network policy control are described. A policy enforcement service receives, from a compute instance in a virtual network implemented within a service provider system, a request to access data. The policy enforcement service determines that a virtual network security condition of a policy statement is not satisfied. The policy statement was configured by a user for use in controlling access to the data. The virtual network security condition defines a condition of the virtual network that is to be met. The policy enforcement service performs one or more security actions in response to the determination that the virtual network security condition of the policy statement is not satisfied.

The disclosed apparatus, systems and methods relate a failover and internet connection monitoring system featuring a cloud server running an API, a probe, a firewall and a policy routing system. The failover connection monitoring system is capable of gathering and analyzing performance data and controlling the flow of packets to and from the internet over one or more connections to optimize performance of the network.

The disclosed apparatus, systems and methods relate a failover and internet connection monitoring system featuring a cloud server running an API, a probe, a firewall and a policy routing system. The failover connection monitoring system is capable of gathering and analyzing performance data and controlling the flow of packets to and from the internet over one or more connections to optimize performance of the network.

The invention relates to a method, by a policy controller 100, for generating policy rules for data packet flows in a communications network. The policy controller 100 has access to a policy database 130 and stores a service level agreement. The service level agreement contains a plurality of different service level identifiers, each service level identifier being associated with a set of conditions that govern the policy rules to be applied to the data packet flows in the communications network. The method comprises the following steps: An authorization request is received for a data packet flow, the authorization request comprising service information for a service and a service level identifier. The policy database 130 is accessed and the set of conditions associated with the received service level identifier is determined. Further, based on the determined set of conditions, a policy rule to be applied to the data packet flow is generated. Policy controller 100 is configured to generate policy rules based on a third party or company profile, with the third party company being able to influence which policy rule should be selected by the policy controller. The authorization request may be received directly from an application function, AF 200. An input unit 230 is provided via which the third party can define and agree upon the service level agreement with an operator of the communications network. A policy control enforcing function PCEF 51 can interact with the PCRF 100 in order to enforce the policy rules.

A device may identify a plurality of first values associated with network traffic of a label-switched path of a plurality of label-switched paths. The device may determine an adjustment policy based on the plurality of first values. The adjustment policy may include one or more factors associated with a plurality of second values. The plurality of second values may be determined based on the plurality of first values. The device may implement the adjustment policy in association with the label-switched path. A bandwidth reservation of the label-switched path may be adjusted based on the adjustment policy. The adjustment policy may be implemented for fewer than all of the plurality of label-switched paths.

A first device may receive information that assigns a function related to network traffic associated with a content delivery network. The first device may implement the function based on the information that assigns the function. The first device may receive the network traffic from the content delivery network and may provide the network traffic to a subscriber device. The first device may provide, to a second device, information associated with the network traffic based on implementing the function. The second device may manage a subscriber session associated with the subscriber device based on the information associated with the network traffic.