A method of providing infrastructure protection for a server of a network organization, the method including announcing an IP address range associated with the network organization using a border gateway protocol on an edge router of a scrubbing center associated with the network organization. The method further including receiving an incoming network packet intended for a server of the network organization identified using a public IP address within the IP address range, the public IP address serving as a first anycast address for a plurality of scrubbing centers in a distributed network of scrubbing servers, the plurality of scrubbing centers including the scrubbing center. The method further including determining, by the scrubbing center, whether the incoming network packet is legitimate. The method further including, responsive to determining that the incoming network packet is legitimate, routing, by a processor, the incoming network packet to the server at a private IP address.

An apparatus and method provide personal networks to a plurality of tenant entities on a property network, which has a captive portal and a property identification (ID). Virtual Local Area Network (VLAN) are assigned to each of the plurality of tenant entities to define a plurality of personal networks on the property network using dynamic VLAN assignment. Onboarding requests are received from one or more user devices on a specific personal network of the plurality of personal networks. The onboarding requests are processed in a manner permitting intercommunication among the one or more user devices within the specific personal network, to take place across the property network.

Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.

A digital data transmission system includes an identity-masking mechanism, a transmitter device provided with the identity-masking mechanism, and a receiver device having an identification data. The identity-masking mechanism is provided to convert a source or destination data into a source or destination identity-masking mark which is combined with a predetermined data, thereby forming a source-marked or destination-marked data with the source identity-masking mark. The source-marked or destination-marked data is transmitted from the transmitter device to the receiver device for verifying with the identification data. The receiver device cannot access the source-marked or destination-marked data if the verification is failed. The receiver device can access the source-marked or destination-marked data if the verification is passed.

A system for managing contact information, the system comprising a processor and a memory having executable instructions stored thereon that when executed by the processor cause the processor to retrieve data for a sales lead from a database, the data including actual contact information of the sales lead, generate first pseudo-contact information that corresponds to the actual contact information of the sales lead, provide a first agent with access to the first pseudo-contact information on a communication system, receive a communication request including the first pseudo-contact information from a client device of the first agent, and link the first pseudo contact information to the actual contact information of the sales lead to establish a communication connection between the client device of the first agent to a client device of the sales lead.

Some embodiments provide a method for a first data compute node (DCN) operating in a public datacenter. The method receives an encryption rule from a centralized network controller. The method determines that the network encryption rule requires encryption of packets between second and third DCNs operating in the public datacenter. The method requests a first key from a secure key storage. Upon receipt of the first key, the method uses the first key and additional parameters to generate second and third keys. The method distributes the second key to the second DCN and the third key to the third DCN in the public datacenter.

Systems, devices and methods for concealing radio communications and the spatial position of radio transmitters involved therein include the use of electrotechnical signal variation and dynamic, pseudo-random radio identifier. Transmitted radio signals contain radio identifiers identifying the transmitting mobile radio device. Each radio identifier is dynamically selected for each radio signal from a sequence of radio identifiers selected from a set of predefined pseudo-random sequences. The sequence is selected based on a predetermined selection rule. The radio identifier is selected from the thus selected sequence according to a predetermined deterministic update pattern associated with the selected sequence. The associated transmission power and/or transmission frequency is dynamically varied on the transmitter side according to a predetermined deterministic variation scheme.

The techniques described herein enable a private connectivity solution between a virtual network of a service consumer and a virtual network of a service provider in a cloud-based platform. The techniques map a service (e.g., one or more workloads or containers) executing in the virtual network of the service provider into the virtual network of the service consumer. The mapping uses network address translation (NAT) that is performed by the cloud-based infrastructure. As a result of the techniques described herein, a public Internet Protocol (IP) address does not need to be used to establish a connection thereby alleviating privacy and/or security concerns for the virtual networks of the service provider and/or the service consumer that are hosted by the cloud-based platform.

Technologies directed to network address translation based on logical channels in a shared private network with a single ingress to an ISP and multiple customer devices are described. One method receives a first public IP address assigned to an endpoint device by an ISP. The method creates a sub-interface on a WAN interface and adds a first rule that translates the first public IP address to a first private IP address assigned to the customer STA and a second rule that translates the first private IP address to the second public IP address. The first customer STA creates a second sub-interface between the customer STA and the endpoint device, adds a third rule that translates the first private IP address to a second private IP address assigned to the first endpoint device, and adds a fourth rule that translates the second private IP address to the first private IP address.

A server-side technique to detect and mitigate client-side content filtering, such as ad blocking. In operation, the technique operates on a server-side of a client-server communication path to provide real-time detect the existence of a client filter (e.g., an ad blocker plug-in) through transparent request exchanges, and then to mitigate (defeat) that filter through one or operations designed to modify the HTML response body or otherwise obscure URLs. Preferably, the publisher (the CDN customer) defines one or more criteria of the page resources being served by the overlay (CDN) and that need to be protected against the client-side filtering.