An electronic apparatus for establishing a Dual-Stack Lite (DS-lite) tunnel is provided. The apparatus sends a request for an Internet Protocol (IP) address of a Domain Name System (DNS) server and a domain name of an Address Family Transition Router (AFTR) server to a Dynamic Host Configuration Protocol (DHCP) server using an IP address of the DHCP server, receives the IP address of the DNS server and the domain name of the AFTR server from the DHCP server in response to the request, sends a DNS query including the domain name of the AFTR server to the DNS server using the IP address of the DNS server. In response to the DNS query being successful, the apparatus receives an IP address of the AFTR server from the DNS server, and establishes the DS-lite tunnel between the apparatus and the AFTR server using the IP address of the AFTR server.

Methods, systems, and apparatuses are described for extending a network through the use of access nodes. The access nodes may receive packets from user devices via wireless networks. The packets may be routed to a remote server for further network access. The access nodes may communicate with the user devices using network addresses associated with the wireless networks.

Methods, systems, and apparatuses are described for extending a network through the use of access nodes. The access nodes may receive packets from user devices via wireless networks. The packets may be routed to a remote server for further network access. The access nodes may communicate with the user devices using network addresses associated with the wireless networks.

A method and an apparatus are provided for deploying a security access control policy in the field of network security. The method, executed by a cloud management platform, includes: determining, according to an application creation instruction, an application template used for an application that needs to be created and a security profile corresponding to the application template; instructing a virtualization platform to create, according to the application template, a corresponding virtual machine for each application component in the application, and obtaining an IP address of each virtual machine created by the virtualization platform; generating a group of security access control policies corresponding to the application according to the IP address of each virtual machine and by using the security profile; and delivering the group of security access control policies to a corresponding firewall. Therefore, a security access control policy is automatically deployed.

Methods, apparatus, systems and articles of manufacture to prevent illicit proxy communications from affecting a monitoring result are disclosed. An example method includes accessing a log of communications of a proxy server, the log of communications including a plurality of records, each of the plurality of records corresponding to a requesting device that transmitted a communication to the proxy server, identifying a first internet protocol (IP) address subnet in the log of communications, the first IP address subnet associated with a block of IP addresses, filtering the plurality of records for a first set of records associated with communications originating from the first IP address subnet, and in response to determining the first set of records does not include a record associated with a heartbeat communication, adding the first IP address subnet to a blacklist of the proxy server.

Methods, apparatus, systems and articles of manufacture to prevent illicit proxy communications from affecting a monitoring result are disclosed. An example method includes accessing a log of communications of a proxy server, the log of communications including a plurality of records, each of the plurality of records corresponding to a requesting device that transmitted a communication to the proxy server, identifying a first internet protocol (IP) address subnet in the log of communications, the first IP address subnet associated with a block of IP addresses, filtering the plurality of records for a first set of records associated with communications originating from the first IP address subnet, and in response to determining the first set of records does not include a record associated with a heartbeat communication, adding the first IP address subnet to a blacklist of the proxy server.

A communication apparatus that transmits data outside via different communication interfaces performs operations, including setting an interface correspondence between a domain name identifying a domain and a communication interface for use with an external apparatus belonging to the domain, generating, from the set interface correspondence, a setting indicating a Domain Name System (DNS) server correspondence between the domain name and the DNS server to which name resolution for a host name of the external apparatus is to be transferred, and activating a DNS cache server that operates from the generated setting. A DNS client requested for the host name resolution by an application of the communication apparatus transmits a name resolution request to the DNS cache server. Based on the received host name, the DNS cache server determines an external DNS server to which the name resolution is requested, and requests the determined external DNS server for the name resolution.

Some embodiments of the invention provide a method for cloning a set of one or more applications implemented by a first set of machines connected through a first logical network that defines a virtual private cloud in a set of one or more datacenters. The method instantiates a cloned, second set of machines that is a replicated copy of the first set of machines. The method identifies a set of network configuration data that configures a set of logical forwarding elements (LFEs) of the first logical network. The method uses the identified set of network configuration data to define a cloned, second logical network to connect the cloned, second set of machines.

Some embodiments of the invention provide a method for cloning a set of one or more applications implemented by a first set of machines connected through a first logical network that defines a virtual private cloud in a set of one or more datacenters. The method instantiates a cloned, second set of machines that is a replicated copy of the first set of machines. The method identifies a set of network configuration data that configures a set of logical forwarding elements (LFEs) of the first logical network. The method uses the identified set of network configuration data to define a cloned, second logical network to connect the cloned, second set of machines.

Systems, methods, and apparatus to identify media devices are disclosed. An example network communications monitor includes network interface circuitry, computer readable instructions, and processor circuitry. The processor circuitry is to execute the computer readable instructions to detect, via the network interface circuitry, multiple network communications transmitted on a home network within the household, access panelist data that associates a panelist of the household with a panelist device of the panelist, determine, based on the panelist data, that one or more of the multiple network communications are associated with the panelist device, and cause storage of data identifying the one or more network communications in association with the panelist.