Techniques for API-based endpoint discovery involving provider substrate extension resources are described. A discovery coordinator service located within the provider network can identify one or more endpoints from a set of potentially distributed endpoints for a client to utilize, where endpoints may be located within provider substrate extensions of the provider network. The discovery coordinator service can utilize location values of the client provided via an API request, such as its network address or geographic coordinates, to identify a nearby resource that may be most optimal for the client to use via providing minimal latency of access.

In one embodiment, a device classification service extracts, for each of a plurality of time windows, one or more sets of traffic features of network traffic in a network from traffic telemetry data captured by the network. The service represents, for the time windows, the extracted one or more sets of traffic features as feature vectors. A feature vector for a time window indicates whether each of the traffic features was present in the network traffic during that window. The service trains, using a training dataset based on the feature vectors, a cascade of machine learning classifiers to label devices with device types. The service uses the classifiers to label a particular device in the network with a device type based on the traffic features of network traffic associated with that device. The service initiates enforcement of a network policy regarding the device based on its device type.

Methods, apparatuses and computer readable storage mediums provide virtual network slicing without duplicating network configuration data (also referred to as network configuration information) on a slice-by-slice basis by maintaining a single physical network datastore including network configuration information for all network entities in the physical network, but generating slice views for respective virtual network slices as needed over time. Methods, apparatuses and computer readable storage mediums also enable configuration of a plurality of virtual network slices sharing a physical network infrastructure.

Embodiments of the present disclosure provide a method and apparatus for outputting information. The method includes: summarizing event information into an event database in response to receiving the event information, where the event information includes an event start time, an event end time, a machine name, and an event content; associating and storing event information of a same machine name; querying an event database for event information including a target machine name and an event end time greater than or equal to a predetermined time before a current time and an event start time less than or equal to the current time, in response to receiving a query request including the target machine name; and outputting queried event information.

A method, non-transitory computer readable medium, and access policy manager (APM) device that provides access to applications hosted by server computing devices to client computing devices each associated with an authenticated user. Interactions of the client computing devices with the applications are monitored to obtain usage statistics. The usage statistics are correlated with identifying information for each of the authenticated users or an indication of each of the applications. Notification rule(s) or parameter(s) of a request for information are applied to the correlated usage statistics. Based on the applying, a notification is sent to one or more of the client computing devices or at least a portion of the correlated usage statistics is sent to at least one of an application administrator or an APM administrator.

The disclosure relates to an orchestrator, for a Virtual Network Platform as a Service (VNPaaS), which orchestrates the management of a Network Service (NS). The orchestrator is operative to select an orchestration zone for each of a plurality of Virtual Network Functions (VNFs) in the NS based on selected deployment locations, where each orchestration zone comprises at least one VNF. The orchestrator is operative to associate sub-services to the selected orchestration zones, the sub-services being obtained from a decomposition of the NS into a number of sub-services equal to a number of orchestration zones selected and each sub-service comprising at least one of the plurality of VNFs. The orchestrator is operative to initiate deployment of the sub-services in the selected orchestration zones.

The present disclosure relates to systems, non-transitory computer-readable media, and methods for dynamically updating the connection pool for a web server without any interruption to the resource. In particular, in one or more embodiments, the disclosed systems can continuously monitor load data for various web servers. Further, the disclosed systems can utilize load data, historical load data, and/or user settings to predict a number of connections over a future time period and can determine an updated connection pool size for a web server based on that predicted number of connections. The disclosed systems can also dynamically modify the connection pool size for the web server based on the updated connection pool size without interrupting the resource or any of its ongoing connections in any way.

Systems, methods, techniques and apparatuses for managing distributed applications of networked intelligent agents are disclosed. The agents are operably to autonomously discover semantic profiles and associated data of other agents in a networked system participating in a given application. The agents need not be in direct communication with or known to all the other agents in the networked system.

A network-based services may be supported by a single, monolithic application that is responsible for responding to many different types of requests. The monolithic application may be replaced with multiple microservices that correspond respectively to multiple operations supported by the monolithic application. Each microservice is designed to honor the same application programming interface (API) contract that the monolithic application uses for the corresponding operation. Migration to a microservices-based architecture can be performed gradually, over time, by appropriately configuring a number of API gateways to redirect certain requests, for certain operations, to appropriate microservices. For each operation and corresponding microservice, the number of APIs configured in this manner can be increased until all requests for the operation are being directed to a corresponding microservice. In addition, microservices corresponding to different operations can be introduced over time, again by appropriate configuration of the API gateways.

An Internet Protocol Security (IPSec) acceleration method, an apparatus, and a system, where the method includes generating, by an Internet Key Exchange (IKE) device, an IKE link establishment session packet according to an IPSec configuration parameter and a security policy in a security policy database (SPD), sending, by the IKE device, the IKE link establishment session packet to a peer device, establishing a security association (SA) with the peer device, and sending, by the IKE module, the SA to a data forwarding device. The IKE device and the data forwarding device are discrete devices. In this way, the IKE device and the data forwarding device can be deployed in different devices in order to increase the IPSec speed.