The present invention provides a hierarchical computing network with multiple tiers of computing nodes. Also disclosed is a method of organizing, ranking and grading a large number of computing nodes that are owned, maintained and used by a large number of different participants in geographically dispersed areas in an effort to provide computation, control, measurement and data services to a large number of users. One of the embodiments of the present disclosure provides a decentralized, distributed, cost-effective, environmental friendly, secure, reliable and scalable online file management system for a large amount of data from a large number of users and organizations.

A network and method for connecting devices on a Local Area Network (“LAN”) to the Internet via a Network Address Translation (“NAT”) enabled gateway and server. The gateway includes an Internet address for enabling the gateway to be addressed by the server and the LAN. A plurality of ports on the gateway enables the gateway to receive and transmit data to and from the server and the LAN. A processor divides the ports on the gateway into at least a first range and a second range of port numbers. Classified traffic identified as suitable for a higher level of QoS is assigned to the first range of port numbers, and classified traffic identified as suitable for a lower level of QoS is assigned to the second range. The gateway provides devices on the LAN with a level of QoS depending upon the port numbers to which they are assigned.

The present technology pertains to a system, method, and non-transitory computer-readable medium for orchestrating policies across multiple networking domains. The technology can receive, at a provider domain from a consumer domain, a data request; receive, at the provider domain from the consumer domain, at least one access policy for the consumer domain; translate, at the provider domain, the at least one access policy for the consumer domain into at least one translated access policy understood by the provider domain; apply, at the provider domain, the at least one translated access policy understood by the provider domain to the data request; and send, at the provider domain to the consumer domain, a response to the data request.

The present disclosure is directed towards systems and methods for transmitting data packets to a software container executing on a host computing device. A network service can be enabled within a software container established on the host computing device. A data packet of a request formatted according to the network service can be received via a first port of a first subnetwork assigned to the host computing device. The data packet can be forwarded to a second port assigned to the software container, responsive to a network address translation rule associating the second port assigned to the software container with the first port of the host computing device. The second port can be a port of a second subnetwork assigned to the software container. The data packet can be processed according to the network service within the software container.

The present disclosure is directed towards systems and methods for transmitting data packets to a software container executing on a host computing device. A network service can be enabled within a software container established on the host computing device. A data packet of a request formatted according to the network service can be received via a first port of a first subnetwork assigned to the host computing device. The data packet can be forwarded to a second port assigned to the software container, responsive to a network address translation rule associating the second port assigned to the software container with the first port of the host computing device. The second port can be a port of a second subnetwork assigned to the software container. The data packet can be processed according to the network service within the software container.

A system is configured to perform operations that include determining an exception event corresponding to a transmission of a plurality of network packets over an electronic network. The electronic network may cause network address translation to be performed on the plurality of network packets. The operations may also include identifying, based on a log of the plurality of network packets, a first network packet associated with the exception event and calculating, based on a payload portion of the first network packet, a packet signature corresponding to the first network packet. The operations may further include determining, based on a comparison between a first data structure and a second data structure using the packet signature, original source address information that corresponds to the first network packet prior to the network address translation being performed on the first network packet.

In one embodiment, a global domain name system (DNS) server processes a DNS query based on an internal network policy. Upon receiving a DNS query that is associated with a source IP address, the global DNS server identifies a client subnet based on the DNS query. The client subnet is associated with an internal device on an internal network. The global DNS server selects an internal network policy from multiple predetermined policies based on the source IP address and the client subnet. The global DNS server then tailors one or more DNS resolution operations that generate a response to the DNS query based on the selected internal network policy. Advantageously, the client subnet provides the global DNS server with visibility into the internal network. Such visibility enables the global DNS server to apply policies selectively at the granularity of individual devices on the internal network.

A malware detection method for preventing execution of malware, a method for detecting a domain generation algorithm, and a computer device therefor are provided. The malware detection method includes monitoring, by a processor of a computer, domain name system (DNS) query requests for all processes and replies to the query requests and counting, by the processor, the number of times of failure DNS query requests per unit process and determining, by the processor, malware.

This application relates generally to automated systems and methods for identifier propagation across uniform resource locator requests. In an embodiment, a system includes at least one processor operatively coupled with a datastore, the at least one processor configured to receive, from a user device, a current rule identifier appended to a request component uniform resource locator. The at least one processor is further configured to retrieve, from the datastore, a rule definition associated with the current rule identifier, wherein the rule definition comprises a rule condition and a rule consequence. The at least one processor is further configured to execute the rule consequence in response to determining that the rule condition is satisfied.

This disclosure describes techniques for implementing network address translation as a distributed service over the nodes of a logical network fabric, such as a software-defined network fabric. A method includes registering, by an edge node of a network, an IP address of a client device. The method further includes forwarding, by the edge node, the registered IP address to a control plane of the network. The method further includes checking, by the control plane, a network address translation policy. The method further includes recording, by the control plane, translations between the registered IP address and an allocated IP address in a translation table, each of the translations being related to the edge node. The method further includes returning, by the control plane, the translations between the registered IP address and the allocated IP address to the edge node.