A system and method is provided for a predictive connectivity layer. In the disclosed embodiments, resources, such as bandwidth, processing, and memory, at a network node are dynamically allocated based on one or more predicted user behaviors. A predicted user behavior may be determined based on one or more previous actions of a user or a group of users at the network node. For example, if a user accesses the network node to download a particular web site at the same time every morning, the predictive technique may determine that the user will attempt to download the same web site the next morning, and therefore cache a copy of the web site before the user's next attempt to access the network through the network node. Similarly, the network node may predict an amount of bandwidth or other resources to allocate based on previous behavior of one or more users.

A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.

Endpoints in a network execute a sensor module that intercepts commands. The sensor module compares a source of commands to a sanctioned list of applications received from a management server. If the source does not match a sanctioned application and the command is a write or delete command, the command is ignored and a simulated acknowledgment is sent. If the command is a read command, deception data is returned instead. In some embodiments, certain data is protected such that commands will be ignored or modified to refer to deception data where the source is not a sanctioned application. The source may be verified to be a sanctioned application by evaluating a certificate, hash, or path of the source. Responses from an active directory server may be intercepted and modified to reference a decoy server when not addressed to a sanctioned application. Requests to view network resources may be responded to with references to a decoy server.

A service enables a command that refers to a file system object using a hierarchical namespace identifier to be executed against the file system object in a flat namespace. The service selectively distributes the command to one of a plurality of name resolution nodes based on a directory name included in the hierarchical namespace identifier. The identified node resolves the directory name to a flat namespace identifier that is used to execute the command against the flat namespace. After communicating with at least one storage node to resolve a directory name, each name resolution node stores a mapping of the directory name to the corresponding flat namespace identifier in a cache, so that subsequent resolutions of that directory name may be performed more efficiently. Cache entries may be invalidated when an operation occurs that impacts the relevant mapping and/or based on system considerations such as cache expiry.

Computer-aided computer system configuration techniques for adding new computing resources to an existing set of computing resources. A method embodiment commences upon identifying an existing computing system having a first set of configuration parameters. A second computing system having a second set of configuration parameters is deployed. A user interface is provided to accept user input comprising a location and protocol to access the existing computing system. Syntactical and semantic differences between the configuration parameters of the existing computing system and those of the newly added set are identified. The identified differences are analyzed to generate a parameter map that relates the existing set of configuration parameters to the second set of configuration parameters and vice-versa. Relationships that are codified in the parameter map are validated through user interactions. The second set of configuration parameters are modified or augmented such that parameters can be synchronized between the two computing systems.

A computer-implemented method is provided for mapping IP addresses and domain names to organizations. The method includes receiving, by a mapping system from an data provider, a dataset related to a plurality of users of the data provider. The dataset includes (a) an IP address for a user device of each user of the plurality of users, and (b) a domain name for a user account of each user of the plurality of users; enriching, by an analytics engine of the mapping system, the received dataset with enrichment data from an enrichment source; receiving, by the analytics engine from a storage medium, historical data relevant to the enriched dataset; and mapping, by the analytics engine, (i) the IP address and/or (ii) the domain name of each user of a portion of the plurality of users to an organization based on the enriched dataset and the historical data.

A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.

Embodiments provide an API that provides metadata about a cloud service's endpoints in response to a single query. This allows a cloud service to advertise each of its endpoints through a common endpoint. The common endpoint may be present in each of a plurality of cloud services, thereby allowing each cloud service automatically discover metadata for other cloud services.

A system for managing network connected devices, comprising at least one hardware processor adapted to produce a plurality of unique device descriptors, each describing one of a plurality of network connected devices, by: for each of a plurality of device descriptors, each having a plurality of supported actions, and one or more domain device identifiers, each identifier associating the device descriptor with one of a plurality of management domains: for each of the plurality of management domains not associated with the device descriptor: instructing execution on a network connected device described by the device descriptor a domain identification query according to the descriptor's plurality of supported actions, to determine a new domain device identifier; identifying in the plurality of device descriptors a second device descriptor having a domain device identifier equal to the new domain device identifier; and merging the device descriptor with the second device descriptor.

In one embodiment, a technique is provided for propagating network address to attribute associations between network addresses. One or more profiles are obtained that maintain an association between a first network address and one or more attributes, the association produced from network address observations of the first network address by one or more source devices in communication with a network. A second network address is determined that is associated with the first network address based on a similarity criteria. The second network address initially lacks an association with the one or more attributes. The one or more attributes are propagated from the first network address to the second address, to form an association between the second network address and the one or more attributes. The association between the second network address and the one or more attributes is then stored in an updated profile.