A VPN servers request is transmitted from a user device to a central server. A first VPN server is received from the central server at the user device. Responsive to the user device failing to establish a first encrypted tunnel with the first VPN server, a request for another VPN server is transmitted from the user device to the central server. A second VPN server is received from the central server. A second encrypted tunnel is established with the second VPN server. An encrypted communication is obtained by encrypting a communication directed to a network server. The encrypted communication is transmitted from the user device to the VPN second server.

A method may include a method of automating processes for remote work. The method may include receiving, at a server, first login data from a client software application. The client software application may be executing on a user device of a remote worker user. The method may include authenticating the remote worker user based on the first login data. The method may include receiving, at the server, command data from the client software application. The command data may include data indicating to the server to launch a software application. The method may include launching, on the server, the software application. The method may include inputting, using a robotic process automation (RPA) process, second login data of the remote worker user into the software application. The method may include key site information, speech-to-text functionality, onboarding functionality, automated support, or activity logging.

A method for providing a software based secure, robust, flexible, usable, and auditable single method that can practically eliminate threat occurring from phishing, man-in-middle theft, pharming/channel redirection, piggybacking of spyware, and application modification in client applications. These can be very strongly achieved using dynamic virtualization technology. This virtualization technology entirely protects applications from such threats is by creating highly dynamic virtual images of real data that are private, relative, one-time use, and short-lived. These virtual images are strongly made private and relative by creating virtual device id of the client device, virtual application signature of the client application, virtual private network of the network and virtual certificate of the server.

This disclosure describes systems, devices, and techniques for migrating virtualized resources between the main region and edge locations. Live migration enables virtualized resources to remain operational during migration. Edge locations are typically separated from secure data centers via the Internet, a direct connection, or some other intermediate network. Accordingly, to place virtualized resources within an edge location, the virtualized resources must be migrated over a secure communication tunnel that can protect virtualized resource data during transmission over the intermediate network. The secure communication tunnel may have limited data throughput. To efficiently utilize resources of the secure communication tunnel, and to reduce the impact of migrations on virtualized resource operations, virtualized resource migrations may be carefully scheduled in advance. For instance, virtualized resources may be selectively migrated at times-of-day in which they are likely to be relatively idle, or at times when the communication tunnel is predicted to have sufficient bandwidth.

A method for establishing a fully private, information secure interconnection between a source and a destination over a data network with at least a portion of a public infrastructure. The method comprising at the source creating n shares of a source data according to a predetermined secret sharing scheme, and encrypting the n shares using (n, k) secret sharing. Further, defining for at least one node vi a directed edge (Vi1, Vi2) that has a k−1 capacity. All outgoing links of vi are connected to vi2. Additionally, using a maximum flow algorithm to define the maximum number of shares outgoing from vi2, and therefore from vi, on each outgoing link. The number of shares forwarded by node vi does not exceed the number of maximum shares that were defined by the maximum flow algorithm.

A client node (CN) requests content from an access node (AN). Rule set ACR_CN is provided to CN and AN and ACR_AN is used by AN. A request sent by CN in violation of ACR_CN may be blocked and cause AN to block subsequent requests from CN that would be allowed per ACR_CN. A request blocked according to ACR_AN but not ACR_CN is blocked but subsequent requests may still be allowed according to ACR_CN and ACR_AN. Authenticated distribution of the ACR_CN and ACR_AN may be performed in cooperation with a controller using authenticated tokens (AT).

A system, method, and computer-readable medium for performing a traffic routing operation. The traffic routing operation includes: establishing a plurality of virtual private network (VPN) connections within an information handling system; obtaining a configuration policy for each of the plurality of VPN connections, the configuration policy for each of the plurality of VPN connections comprising an indication of at least one type of supported link of a plurality of links; configuring a plurality of queues for packets being communicated via the plurality of virtual private network connections, the plurality of queues being greater than the plurality of VPN connections; creating a tunnel indication for each of the plurality of VPN connections; mapping the tunnel indication for each of the plurality of VP connections to a respective queue of the plurality of queues; and, mapping each queue of the plurality of queues to a link of a particular VPN connection.

In one embodiment, a device maintains a buffer of historical telemetry data of a particular type of telemetry. The device obtains new telemetry data of the particular type of telemetry. The device makes a state evaluation by comparing the new telemetry data to the buffer, to determine whether the new telemetry data is an outlier. The device sends a message indicative of the new telemetry data to a message bus for delivery to a recipient that is not subscribed to receive telemetry data of the particular type of telemetry, when the device determines that the new telemetry data is an outlier.

Methods and apparatus to determine main pages from network traffic are disclosed. A disclosed example non-transitory computer readable medium includes instructions which, when executed, cause at least one processor to determine patterns of uniform resource identifiers (URIs) with corresponding main pages, parse data from network traffic, identify at least one of the main pages from the data based on the patterns, and provide the identified at least one of the main pages for crediting thereof.

A network device is configured to receive an inbound packet from a first server device via a network tunnel, the first inbound packet including an outer header, a virtual private network (VPN) label, an inner header, and a data payload, the inner header including an inner source IP address of a source virtual machine. The processors are also configured to determine a first tunnel identifier, determine, based on the inner source IP address, a second tunnel identifier associated with a second server device hosting the source virtual machine, compare the second tunnel identifier with the first tunnel identifier to determine whether the tunnel on which the first inbound packet was received is the same as a tunnel used for forwarding traffic to the source virtual machine, and drop the inbound packet when the second tunnel identifier does not match the first tunnel identifier.