Generally discussed herein are systems, devices, and methods for data management in a reverse content data network (rCDN). A component of the rCDN may include a memory to hold content received from a first sensor device of a plurality of sensor devices of the rCDN and first attributes that describe properties of the content. The component may include processing circuitry to receive second content from a second sensor device of the plurality of sensor devices, the second content including a plurality of second attributes that describe properties of the second content, and forward, in response to a determination, based on the first and second attributes, that there is insufficient space to store the second content on the memory, the second content to a node of the rCDN that is fewer hops away from a backend cloud than the component.

Network controllers are described that enable creation of logical interconnects between logical routers of different, isolated virtual networks and for auto-generation and deployment of routing policies to control “leaking” of select routes amongst the different virtual networks. In one example, a network controller includes a memory and processing circuitry configured to identify a source logical router of a first virtual network and a destination logical router of a second virtual network implemented on one or more physical devices of a switch fabric, form a policy defining one or more rules for controlling leaking of one or more of the routes through a logical router interconnect from the source logical router to the destination logical router, and push the policy to the one or more physical devices of the switch fabric for application to communications through the logical router interconnect.

System and method for using multiple global identification subnet prefix values in a network switch environment in a high performance computing environment. A packet is received from a network fabric by a first Host Channel Adapter (HCA). The packet has a header portion including a destination subnet prefix identifying a destination subnet of the network fabric. The network HCA is allowed to receive the first packet from a port of the network HCA by selectively determining a logical state of a flag and, selectively in accordance with a predetermined logical state of the flag, ignoring the destination subnet prefix identifying the destination subnet of the network fabric.

This disclosure is directed to system to monitor and control data flow in a network. At least one device in a core network may be responsible for charging functions related to the data requests. During certain high usage scenarios (e.g., emergencies, special events, etc.), it may be possible for the charging system to be overwhelmed. For example, a policing system may be implemented in the core network to at least manage the flow of requests to the charging system. The policing system may monitor and control request flow to the charging system based on at least one policy. When a request is determined to violate a policy, the policing system may take corrective action to prevent the charging system from being overwhelmed. For example, the policing system may block the request, divert the request to another charging system that may have available capacity, etc.

The disclosed embodiments relate to securely transferring data between a source node and a destination node using an application whitelist. A control flow may be established between a source node and a perimeter gateway. The perimeter controller may receive a request to establish a node flow between an application executing on the source node and the destination node. The perimeter controller may determine whether the first application is included in an application whitelist that includes applications allowed to transfer data to nodes in a private network via a node flow. A node flow between the source node and destination node may be established upon determining that the first application is included in the application whitelist to facilitate secure data transfer between the source node and destination node.

A compute device to manage workflow to disaggregated computing resources is provided. The compute device comprises a compute engine receive a workload processing request, the workload processing request defined by at least one request parameter, determine at least one accelerator device capable of processing a workload in accordance with the at least one request parameter, transmit a workload to the at least one accelerator device, receive a work product produced by the at least one accelerator device from the workload, and provide the work product to an application.

A system and method for reducing usage of satellite channelizers including dividing a frequency spectrum into sub-bands; providing a satellite channelizer for each of the sub-bands, where each of the sub-bands may include channels; multiplexing service channels into the channels of one of the sub-bands, where the service channels convey data for a plurality of MSSs. A system and method for obtaining high throughput on a satellite network. A system and method for providing a Fair Access Policy (FAP) in a 4G system.

A system, method, and computer-readable medium are disclosed for implementing a cybersecurity system having security policy visualization. At least one embodiment is directed to a computer-implemented method for implementing security policies in a secured network, including: retrieving a set of rules of a security policy; analyzing the set of rules of the security policy using one or more Satisfiability Modulo Theory (SMT) operations to reduce a dimensionality of the security policy; and generating a visual presentation on a user interface using results of the SMT operations, where the visual presentation includes visual indicia representing one or more targeted policy dimensions with respect to one or more fixed policy dimensions. In at least one embodiment, two or more security policies are presented with visual indicia representing differences between the security policies, including representations of one or more targeted policy dimensions with respect to one or more fixed policy dimensions.

A method, a system, and a non-transitory storage medium are described in which an adaptive packet scheduling and policy service is provided. The adaptive packet scheduling and policy service may provide adaptive packet scheduling in a transport domain of a network based on adaptive packet scheduling policies and network information. The adaptive packet scheduling and policy service may be applied to assured network services. The adaptive packet scheduling and policy service may also provide transport domain budgeting based on service level agreement violations associated with transport devices in the transport domain.

A computer-implemented method for accessing a hosted service on client devices is described. The client devices include client software that uses a remotely delivered policy to redirect network requests for hosted services to a server to enforce visibility, policy and data security for network delivered services. The method can be used in conjunction with existing VPN and proxy solutions, but provides distinct additional functionality, particularly suited to corporate needs. Policies allow entities to centralize enforcement of service-specific restrictions across networks and communication channels, e.g. only certain users can download client records from a service—irrespective of the network used to access the service.