In one embodiment, a networking device in a network detects an traffic flow conveyed in the network via the networking device. The networking device generates flow data for the traffic flow. The networking device performs a classification of the traffic flow using the flow data as input to a machine learning-based classifier. The networking device performs a mediation action based on the classification of the traffic flow.

In one aspect, a computerized method of an application routing service includes the step of using a deep-packet inspection (DPI) technique on a first network flow to identify an applications The method includes the step of storing an Internet-protocol (IP) address and a port number used by the application and an identity of the application in a databases The method includes the step of detecting a second network flow. The method includes the step of identifying the IP address and the port number of the application in the second network flow. The method includes the step of looking up the IP address and the port number in the database. The method includes the step of identifying the application based on the IP address and the port number.

In one aspect, a computerized method of an application routing service includes the step of using a deep-packet inspection (DPI) technique on a first network flow to identify an applications The method includes the step of storing an Internet-protocol (IP) address and a port number used by the application and an identity of the application in a databases The method includes the step of detecting a second network flow. The method includes the step of identifying the IP address and the port number of the application in the second network flow. The method includes the step of looking up the IP address and the port number in the database. The method includes the step of identifying the application based on the IP address and the port number.

A stateful packet processing system includes: a first stateful stage including a first state table and a first finite state machine (“FSM”) table; and a second stateful stage including a second state table and a second FSM table. The system performs a distribution operation defining when a flow is processed by the first and/or the second stateful stage. The first and/or second FSM table is extended with states and transitions that support the distribution operation. The first and/or second stateful stage executes an evaluation operation that executes the distribution operation. The evaluation operation provides a criterion for moving a particular flow from one of the first or second stateful stage to the other stateful stage. The first and second stateful stages are included in a software-defined networking (“SDN”) switch. The distribution operation operates within defined capabilities of a software and/or hardware pipeline of the SDN switch.

Various examples may include an apparatus including a memory to store ingressing data or egressing data, a timer to generate a timing signal responsive to a user-configurable time interval, and a circuit to move the ingressing data or the egressing data from the memory at least partially responsive to the timing signal generated by the timer. Various examples may include a method including receiving a data packet at a network-facing interface, writing data of the data packet into a memory, receiving a timing signal, and responsive to the timing signal, providing the data from the memory at a device-facing interface. Various examples may include a method including receiving data at a device-facing interface, writing the data to a memory, receiving a timing signal, and responsive to the timing signal, providing a data packet including the data at a network-facing interface. Related devices, systems and methods are also disclosed.

A network switch includes a device interface configured to facilitate communication between the network switch and a plurality of building devices that serve a space, network routing circuitry configured to route network communications associated with the building devices in accordance with one or more network parameters, a control circuit configured to control the plurality of devices via the network communications to provide a plurality of space use cases for the space. and a network manager circuit configured to determine values for the one or more network parameters based on the plurality of space use cases for the space.

A network switch includes a device interface configured to facilitate communication between the network switch and a plurality of building devices that serve a space, network routing circuitry configured to route network communications associated with the building devices in accordance with one or more network parameters, a control circuit configured to control the plurality of devices via the network communications to provide a plurality of space use cases for the space. and a network manager circuit configured to determine values for the one or more network parameters based on the plurality of space use cases for the space.

A switching system comprises a controlling switch and a plurality of port extenders. One of the port extenders includes: at least one upstream port; multiple downstream ports; and a forwarding engine. A forwarding database is populated with entries indicating associations between i) respective network addresses corresponding to devices coupled to downstream ports, and ii) respective local downstream ports. The forwarding database excludes entries corresponding to network addresses corresponding to devices coupled to the at least one upstream port. The forwarding engine is configured to: for a first packet received via one of the local downstream ports, and having a destination network address in the forwarding database, forward the first packet to a different local downstream port indicated by the forwarding database. For a second packet received via one of the local downstream ports, and having a destination network address not in the forwarding database, forward the second packet to the at least one upstream port.

A switching system comprises a controlling switch and a plurality of port extenders. One of the port extenders includes: at least one upstream port; multiple downstream ports; and a forwarding engine. A forwarding database is populated with entries indicating associations between i) respective network addresses corresponding to devices coupled to downstream ports, and ii) respective local downstream ports. The forwarding database excludes entries corresponding to network addresses corresponding to devices coupled to the at least one upstream port. The forwarding engine is configured to: for a first packet received via one of the local downstream ports, and having a destination network address in the forwarding database, forward the first packet to a different local downstream port indicated by the forwarding database. For a second packet received via one of the local downstream ports, and having a destination network address not in the forwarding database, forward the second packet to the at least one upstream port.

A system for preventing unauthorized access to a network can include a secure container having an access portal for controlling access to contents of the secure container and a security checkpoint configured to determine a state of the access portal and to receive an authorization code for opening the access portal. The security checkpoint can also include a logical lock module that switches to a breach mode of operation in response to a signal from the security checkpoint indicating that the access portal has been opened without receipt of the authorization code within a predetermined amount of time. The system can also include a network switch disposed within the secure container. The network switch is configured to communicate on a network and disable outgoing network communications to the network in response to a breach signal indicating that the logical lock module has switched to the breach mode.