A system, a method, or a computer program for provisioning a non-enterprise client device with access to an extranet enterprise domain. The system includes an enterprise client device connected to an intranet, a provisioner that receives an extranet registration request from the enterprise client device, an active directory connected to the intranet, a database that stores a non-enterprise client record populated with the non-enterprise client data, a primary transmission system connected to the intranet that transmits a portion of the non-enterprise client data and a linkage message outside of the intranet, and a secondary transmission system connected to the intranet and configured to transmit to an access message outside of the intranet, wherein the provisioner generates a unique permanent identification ID.sub.INDEX for the non-enterprise client record.

An enterprise network may be managed by enabling provision of a graphical user interface that shows IP address allocations for the network and that allows a user to configure DHCP scopes, receiving a DHCP scope request based on a user interaction with the graphical user interface, translating the request into a protocol for communicating with a DHCP control server, providing the translated request to the DHCP control server for processing at the DHCP control server, and updating configurations of multiple DHCP servers. The updated configurations may be sent from the DHCP control server to a configuration storage system and the multiple DHCP servers may be enabled to access the updated configurations from the configuration storage system.

An enterprise network may be managed by enabling provision of a graphical user interface that shows IP address allocations for the network and that allows a user to configure DHCP scopes, receiving a DHCP scope request based on a user interaction with the graphical user interface, translating the request into a protocol for communicating with a DHCP control server, providing the translated request to the DHCP control server for processing at the DHCP control server, and updating configurations of multiple DHCP servers. The updated configurations may be sent from the DHCP control server to a configuration storage system and the multiple DHCP servers may be enabled to access the updated configurations from the configuration storage system.

In one embodiment, a device in a network receives a set of known user identifiers used in the network. The device receives web traffic log data regarding web traffic in the network. The web traffic log data includes header information captured from the web traffic and a plurality of client addresses associated with the web traffic. The device detects a particular one of the set of known user identifiers in the header information captured from the web traffic associated with a particular one of the plurality of client addresses. The device makes an association between the particular detected user identifier and the particular client address.

A method, including: receiving an email message, the email message being generated by a computing device; detecting whether a condition associated with the email message is satisfied, the condition including a condition for detecting whether the email message is sent by an automailer that is executing on the computing device; forwarding the email message to an email server, when the condition is satisfied; and discarding the email message, when the condition is not satisfied.

Embodiments for automating backup policies applied to users in an organization by defining backup policies based on hierarchical positions of users within the organization as modified by any communication and grouping behavior of the user within the organization. A social graph generator utilizes relevant relationships revealed by active participant communications to create a greater knowledge of data usage within the enterprise to generate social graphs that quantify a type of commonality between people. The integration of social graph information in calculating a score based on hierarchical data adds organizational awareness to the process by factoring in people's communication patterns within the organization and leverages any links that are revealed by such patterns.

Methods and systems for providing load balancing are provided. Example embodiments provide an Application Workspace System “AWS” which enables users to access remote server-based applications using the same interface that they use to access local applications, without needing to know where the application is being accessed. In one embodiment, a load balancing message bus is provided that performs load balancing and resource discovery within the AWS. For example, the AWS may use a broadcast message-bus based load balancing to determine which servers to use to launch remote application access requests or to perform session management. This abstract is provided to comply with rules requiring an abstract, and it is submitted with the intention that it will not be used to interpret or limit the scope or meaning of the claims.

Techniques for dynamic per subscriber policy enablement for security platforms within service provider network environments are disclosed. In some embodiments, a system/process/computer program product for dynamic per subscriber policy enablement for security platforms within service provider network environments includes monitoring network traffic on a service provider network at a security platform to identify a subscriber with a new IP flow; associating the subscriber with the new IP flow at the security platform; and determining a security policy to apply at the security platform to the new IP flow based on the subscriber.

A monitoring device is described. The monitoring device includes a processor. The monitoring device also includes memory in electronic communication with the processor. The monitoring device further includes instructions stored in the memory. The instructions are executable to intercept a lightweight directory access protocol (LDAP) search request sent to an LDAP search handler of a security subsystem from a calling device. The LDAP search request includes a query string containing data for a second protocol. The instructions are also executable to generate response data for the second protocol to substitute for a response by the LDAP search handler. The instructions are further executable to send an LDAP search result to the calling device, the LDAP search result comprising the response data for the second protocol.

A monitoring device is described. The monitoring device includes a processor. The monitoring device also includes memory in electronic communication with the processor. The monitoring device further includes instructions stored in the memory. The instructions are executable to intercept a lightweight directory access protocol (LDAP) search request sent to an LDAP search handler of a security subsystem from a calling device. The LDAP search request includes a query string containing data for a second protocol. The instructions are also executable to generate response data for the second protocol to substitute for a response by the LDAP search handler. The instructions are further executable to send an LDAP search result to the calling device, the LDAP search result comprising the response data for the second protocol.