Methods and apparatus for interfaces to manage virtual network interface objects. A system may include resource instances and a network interface virtualization coordinator. Responsive to a record creation request, the coordinator creates an interface records that may include an IP address, subnet information and security properties. The coordinator may, in response to a request to attach the record to a resource instance, enable traffic directed to the IP address to flow to the resource instance. In response to a subsequent detach request, the traffic to the IP address may be disabled at the resource instance. The same interface record may be attached to another resource instance in response to another attach request, enabling traffic directed to the IP address to flow to the second resource instance.

A DNS server receives from a receiving email system, a DNS query for an email domain stored at the DNS server, the DNS query including identifying information of a sender of an email. The DNS server extracts the identifying information of the email sender from the DNS query and identifies one of a plurality of delivering organizations from the information. The DNS server determines whether the identified delivering organization is authorized to deliver email on behalf of the email domain. In response to determining that the identified delivering organization is authorized to deliver email on behalf of the email domain, the DNS server generates a target validation record based on the identity of the authorized delivering organization and the email domain, the target validation record including one or more rules indicating to the receiving email system whether the delivering organization is an authorized sender of email for the email domain.

A system and method to filter potentially unwanted traffic from trackers, third-party cookies, malicious websites or other sources and present the aggregated results of said filtering to the VPN user. One of the embodiments enables a VPN user to opt-in or opt-out from the filtering activities while being able to access the aggregated information about filtering. In another embodiment, the user can choose to customize the filtering parameters to add or remove specific targets from the filtering policies.

A computer-implemented method is for providing a digital certificate to a device. In an embodiment, the method is based on receiving, from the device, authentication data via a secure communication channel. Furthermore, the method is based on receiving, from the device, or determining, by the server, a first certificate identifier. In particular, the first certificate identifier is a hash value. Further aspects of the method are verifying the authentication data and receiving, from the device, a first public key created by the device. In an embodiment, the method is furthermore based on sending a first certificate signing request related to a first domain name based on the first public key to a certificate authority. Herein, the first domain name comprises the certificate identifier, and a domain related to the first domain name is controlled by the server. In particular, the first domain name is a wildcard domain.

A method of operating a policy and charging rules function (“PCRF”) node to handle an internet protocol multimedia subsystem (“IMS”) emergency call can include receiving an identity request from a proxy call session control function (“P-CSCF”) of an IMS network. The identity request can include an internet protocol (“IP”) address for a user equipment (“UE”). The method can further include, responsive to receiving the identity request, determining one or more identifiers of the UE based on the IP address. The one or more identifiers are separate from the IP address. The method can further include, responsive to determining the one or more identifiers, transmitting an indication of the one or more identifiers of the UE to the P-CSCF.

An embodiment of this application discloses a node control method performed by a forwarding platform in a distributed computer system. The method includes: establishing, by a forwarding platform, a secure link with a user terminal through a domain name of the forwarding platform; obtaining, by the forwarding platform through the secure link, a request packet transmitted by a user terminal, and the request packet comprising an address identifier of a target node in the distributed computer system and a request content of the user terminal for the target node; encrypting, by the forwarding platform, the request content to obtain a first encrypted packet; and transmitting, by the forwarding platform, the first encrypted packet to the target node according to the address identifier. Computing device and non-transitory computer-readable storage medium counterparts are also contemplated.

A computer-implemented method is for providing a digital certificate to a device. In an embodiment, the method is based on receiving, from the device, authentication data via a secure communication channel. Furthermore, the method is based on receiving, from the device, or determining, by the server, a first certificate identifier. In particular, the first certificate identifier is a hash value. Further aspects of the method are verifying the authentication data and receiving, from the device, a first public key created by the device. In an embodiment, the method is furthermore based on sending a first certificate signing request related to a first domain name based on the first public key to a certificate authority. Herein, the first domain name comprises the certificate identifier, and a domain related to the first domain name is controlled by the server. In particular, the first domain name is a wildcard domain.

A network access point (NAP) of a second type of network is configured to receive a first type of packet from a device configured to operate in only a first type of network. The NAP is configured to determine an appropriate namespace for the first type of packet based on an address of an intended destination of the first type of packet. The NAP is configured to encapsulate the first type of packet into a second type of packet for use in the second type of network. The NAP is configured to route the second type of packet to a plurality of devices subscribed to the namespace in the second type of network.

Systems and methods are described for providing connection pools between source network devices and a target, connection-limited service. Each connection pool can facilitate connections between source devices and the target service, while ensuring that connections to the connection-limited service do not exceed a defined limit. A connection manager service can initialize a connection pool for a target service on request by a client device, and provide an identifier for the connection pool to the client device. Source network devices can then transmit operations for the target service to the connection manager service, which can route the operations to an appropriate connection pool based on the identifier.

Methods and apparatus for interfaces to manage virtual network interface objects. A system may include resource instances and a network interface virtualization coordinator. Responsive to a record creation request, the coordinator creates an interface records that may include an IP address, subnet information and security properties. The coordinator may, in response to a request to attach the record to a resource instance, enable traffic directed to the IP address to flow to the resource instance. In response to a subsequent detach request, the traffic to the IP address may be disabled at the resource instance. The same interface record may be attached to another resource instance in response to another attach request, enabling traffic directed to the IP address to flow to the second resource instance.