Systems, methods, and apparatus to monitor mobile Internet activity are disclosed. An example apparatus includes at least one memory, and processor circuitry to execute instructions to at least assign (i) a first port of a proxy server to a first mobile device associated with a first panelist and (ii) a second port of the proxy server to a second mobile device associated with a second panelist, in response to receiving an un-authenticated request for media from at least one of the first, second, or third mobile devices, service the un-authenticated request in response to determining that the un-authenticated request is from an Internet Protocol (IP) address associated with an IP address range representative of devices on a cellular network, and, in response to servicing the un-authenticated request via the first port, store an association between the media and first panelist demographic information associated with the first mobile device.

Operating a node cluster system with a plurality of nodes in a network, wherein the cluster system appears to be a single node with only one specific network address to its network environment. Providing a shared socket database for linking network connection port identifications of a common set of network connection port identifications to the individual nodes, assigning a master function to one of the nodes, sending incoming traffic to all nodes of the cluster system wherein each node verifies its responsibility for this traffic individually, exclusive assignment of a network connection port to the responsible node for the duration of a connection of the corresponding application process by means of the corresponding network connection port identification and the link established by the shared socket database and processing of the traffic by the responsible node or otherwise by the node having the master function.

A novel design of a gateway that handles traffic in and out of a network by using a datapath daemon is provided. The datapath daemon is a run-to-completion process that performs various data-plane packet-processing operations at the edge of the network. The datapath daemon dispatches packets to other processes or processing threads outside of the daemon by utilizing a user space network stack.

A method of streaming media content over a network from a media cache node is described. The method includes receiving a request for a media content item from a client device, the request comprising an address identifying a media content item to be streamed. In response to the request, a streaming engine process is allocated to the media content item for fulfilling the request. Based on the address identifying the media content item, a location comprising a media cache node able to provide the media content item is determined and the media content item is streamed to the client device using the streaming engine process allocated to the media content item. Further methods of streaming a media content item and providing access to media content are also described.

A data collection and processing method, apparatus, and system, where the system includes a data processing apparatus configured to: receive data that is in a format of a first mechanism and that is sent by a network device, preprocess the data; convert the preprocessed data into data in a format of a second mechanism; and send the data in the format of the second mechanism to a data collection and analysis apparatus. The data collection and analysis apparatus is configured to perform analysis based on the data after receiving the data sent by the data processing apparatus.

There is disclosed in one example an enrollment over secure transport (EST)-capable gateway device, including: a hardware platform including a processor and a memory; a first network interface to communicatively couple to an external network, including an external DNS server; a second network interface to communicatively couple to a home network; a caching DNS server including a local DNS cache, and logic to provide DNS services to the home network; and an EST proxy to authenticate to a local endpoint on the home network, provision a DNS server certificate on the local endpoint, provision an authentication domain name (ADN) on the local endpoint, and provide encrypted domain name system (DNS) services to the local endpoint.

Techniques are described to provide a peephole optimization for processing traffic for lightweight protocols at lower layers by executing them inside a virtual switch rather than using the network stack of a host node. In one example, a method includes determining by forwarding logic of a virtual switch that a received packet is associated with a query for one of domain information or address information. Based on such a determination, the virtual switch determines whether the query is contained within a single Ethernet frame and is answerable. Based on a positive determination for both, the virtual switch determines whether a response to the query can be transmitted in a single packet within a single Ethernet frame. Based on a positive determination of a single packet response, a response packet for the query is formed and injected into the forwarding logic for the virtual switch for transmitting to a destination.

Systems and methods for securely handling data traffic on local or private networks, such as by using cloud computing, are provided. A non-transitory computer-readable medium, according to one implementation, may be configured to store executable instructions enabling a processor of a user device to perform the step of discovering an origin of a source application associated with network packets bound for a private address space. The executable instructions may further enable the processor to send a tuple regarding the discovered origin to a cloud server to request an analysis of the tuple. Upon receiving an allow instruction from the cloud server, the instructions enable the processor to allow the network packets to flow normally to a destination associated with the private address space. Upon receiving a deny instruction from the cloud server, the instructions enable the processor to drop the network packets.

Systems and methods include obtaining a plurality of parameters associated with a host; determining a fingerprint of the host utilizing the plurality of parameters; and providing the fingerprint to cloud service for enrollment and management of the host in the cloud service. The cloud service can include microsegmentation of the host. The cloud service can include any of Internet access for the host and private resource access by the host.

Systems and methods for device identification for management and policy in the cloud, using a combination of several hardware parameters and user's identification to generate a unique identifier for a user device and associated user. IOCTL and Assembly can be used to get the different hardware parameters. All the hardware parameters can then run through a process to generate a fixed size hardware fingerprint. A base64 encoding can be performed to convert it into a string, for consumption of database. The resultant identifier is unique and it is never stored on machine. The application can simply generate it whenever needed. The resultant identifier can used by a service provider to uniquely identify the device even when the device is moving hands or locations. The resultant identifier is never stored, so moving data from one device to another will not result in the same identifier for two devices.