A system comprises an enterprise network system and engine. The engine has a discovery module coupled to a switch device, an AI and machine learning based monitoring and detection module coupled to the switch device, and a remediation module coupled to the switch device. The remediation module is configured to initiate a remediation process based upon the detection of at least one of the anomalies from the flow of data.

Systems and methods implemented by an application executed on a user device for service discovery and connectivity include, responsive to joining a new network, performing a Dynamic Host Configuration Protocol (DHCP) operation to obtain network configuration parameters; receiving a DHCP message in response with the network configuration parameters; via an application executed on the user device for service discovery and connectivity analyzing data in the DHCP message to determine one or more forwarding profiles on the new network, wherein the one or more forwarding profiles are based on a location or trust of the new network; and automatically installing the determined one or more forwarding profiles.

Techniques are disclosed for maintaining processing unit core affinity for fragmented packets. In one example, a service physical interface card (PIC) implementing a service plane of a network device receives fragmented and/or non-fragmented packet data for a traffic flow. The service PIC comprises at least one processing unit comprising multiple cores. A routing engine operating in a control plane of the network device defines one or more core groups comprising a subset of the cores. The routing engine assigns the traffic flow to a core group and a forwarding engine operating in a forwarding plane of the network device forwards the packet data for the traffic flow to the assigned core group. A core of the assigned core group applies a network service to the fragmented and/or non-fragmented packet data for the traffic flow, and the forwarding engine forwards the packet data for the traffic flow toward a destination.

Methods and systems may be associated with a cloud computing environment. A proxy platform data store may contain node data associated with nodes of the cloud computing environment. Each node might, for example, store multi-party computation information. A proxy platform, able to access the proxy platform data store, may detect that a first node needs to access a cloud application secret key and determine, based on information in the proxy platform data store, a set of nodes associated with the secret key that the first node needs to access. The proxy platform may then use a multi-party computation algorithm and information received from the set of nodes to generate the secret key.

Methods, systems, and computer program products for managing Internet of Things (IoT) network-connected devices.

Systems and methods include receiving one or more disaster recovery configurations via a cloud-based system; storing the one or more received disaster recovery configurations in one or more components of the cloud-based system; identifying activation of a disaster recovery mode; and providing private application access based on one or more disaster recovery configurations.

A method and system for authorizing traffic flows in a computer network. The method including: receiving a packet from a traffic flow sent by a sender; determining whether the traffic flow has been previously authorized; if the traffic flow has not been previously authorized: determining a subscriber associated with the traffic flow, based on the data retrieved from the packet; requesting authorization from an authorization server based on the subscriber and the data retrieved from the packet; upon receiving a response from the authorization server, sending at least three duplicate acknowledgments to the sender, to generate a retransmission in advance of the standard retransmission timing; otherwise, if the traffic flow has been previously authorized, allowing the packet to continue to a destination.

Some embodiments provide a method for handling failure at one of several peer centralized components of a logical router. At a first one of the peer centralized components of the logical router, the method detects that a second one of the peer centralized components has failed. In response to the detection, the method automatically identifies a network layer address of the failed second peer. The method assumes responsibility for data traffic to the failed peer by broadcasting a message on a logical switch that connects all of the peer centralized components and a distributed component of the logical router. The message instructs recipients to associate the identified network layer address with a data link layer address of the first peer centralized component.

Disclosed are systems and methods of providing virtualized storage that may include establishing, through a load balancer, a transport connection between a device and a group of fabric-attached storage devices, and transferring data between the device and the group of fabric-attached storage devices through the transport connection using a transport protocol, wherein the group of fabric-attached storage devices comprises two or more fabric-attached storage devices and is accessed by the device as a logical storage device. A storage device may include a storage medium, a network fabric interface, and a storage controller configured to transfer data between the storage medium and a device through the network fabric interface over a transport connection, wherein the storage controller is configured to share the transport connection with another data storage device that is fabric-attached.

In some embodiments, a computer-implemented method for an automated proxying TCP fingerprints comprises: receiving, at a proxy server, a request from a source host, to establish a first communications connection between the source host and a destination host; establishing, by the proxy server, a second communications connection between the source host and the proxy server; determining a plurality of fingerprint values specific to the source host; establishing by the proxy server, using at least the plurality of fingerprint values specific to the source host, a third communications connection between the proxy server and the destination host; facilitating, by the proxy server, communications between the source host and proxy server via the second communications connection and between the proxy server and the destination host via the third communications connection.