A system that enables end-user devices that operate within different enterprise networks to exchange data with one another. In particular, the disclosed system uses unique IP addresses that are dedicated solely to supporting a predefined communication service between enterprise computer networks, in order to identify and route each data packet according to the communications service. As part of the communications service, the data packets are transmitted, for example, from a first local service provider network hosting a first enterprise network, through a participating backbone service provider network on the public Internet and based on deterministic routing, and to a second local service provider network hosting a second enterprise network. In handling the data packets in this way, the disclosed system creates an Internet wide-area-network (WAN): the data packets are transmitted over the Internet and conceivably over a large geographic distance between enterprise networks.

A method for modifying packet data of a packet in a network device, where the method includes receiving, at an ingress pipeline of the network device, the packet, performing a lookup, in a packet translation ruleset, to compare the packet data to rule criteria of a rule in the packet translation ruleset, making a first determination that at least a portion of the packet data matches the rule criteria, and based on the first determination, adding a packet translation tag to the packet, where the packet translation tag includes a rule action, copying the packet translation tag and a portion of the packet to obtain a copied packet, modifying the copied packet as described in the rule action to obtain a modified copied packet, and forwarding the modified copied packet to an egress pipeline.

The disclosure relates to an electronic apparatus and a method of controlling the same. The electronic apparatus includes: a communication interface; and a processor configured to receive log data of a plurality of devices connected to a network through the communication interface, acquire operation time information of each of the devices from the received log data, calculate similarity of the operation time between the plurality of devices based on the acquired operation time information, and determine a device group including two or more devices with relatively high calculated similarity among the plurality of devices.

A malware detection method for preventing execution of malware, a method for detecting a domain generation algorithm, and a computer device therefor are provided. The malware detection method includes monitoring, by a processor of a computer, domain name system (DNS) query requests for all processes and replies to the query requests and counting, by the processor, the number of times of failure DNS query requests per unit process and determining, by the processor, malware.

A malware detection method for preventing execution of malware, a method for detecting a domain generation algorithm, and a computer device therefor are provided. The malware detection method includes monitoring, by a processor of a computer, domain name system (DNS) query requests for all processes and replies to the query requests and counting, by the processor, the number of times of failure DNS query requests per unit process and determining, by the processor, malware.

Example methods and systems are provided for location-aware service request handling. The method may comprise: generating and sending location information associated with virtualized computing instance to a service node or a management entity for transmission to the service node. The location information may identify logical element(s) to which the virtualized computing instance is connected. The method may further comprise: in response to detecting, from the virtualized computing instance, a service request for a service from the service node, generating a modified service request by modifying the service request to include the location information associated with the virtualized computing instance; and sending the modified service request towards the service node.

Example methods and systems are provided for location-aware service request handling. The method may comprise: generating and sending location information associated with virtualized computing instance to a service node or a management entity for transmission to the service node. The location information may identify logical element(s) to which the virtualized computing instance is connected. The method may further comprise: in response to detecting, from the virtualized computing instance, a service request for a service from the service node, generating a modified service request by modifying the service request to include the location information associated with the virtualized computing instance; and sending the modified service request towards the service node.

A MAP-T system that shares an IPv4 address with one or more other MAP-T systems identifies low latency (LL) traffic for an upstream and a downstream perspective by enhancing NAT of ports using MAP-T rules. The MAP-T rules provide a range of transport ports with a transport slice providing for a subdivision of the transports into a subnet range so as to isolate certain ports for mapping LL traffic. An access point device and a cable modem of the MAP-T system are configured so as to appropriately transform any received traffic so as to properly direct the traffic.

A MAP-T system that shares an IPv4 address with one or more other MAP-T systems identifies low latency (LL) traffic for an upstream and a downstream perspective by enhancing NAT of ports using MAP-T rules. The MAP-T rules provide a range of transport ports with a transport slice providing for a subdivision of the transports into a subnet range so as to isolate certain ports for mapping LL traffic. An access point device and a cable modem of the MAP-T system are configured so as to appropriately transform any received traffic so as to properly direct the traffic.

A method for coordinating distributed network address translation (NAT) in a network within which several logical networks are implemented. The logical networks include several tenant logical networks and at least one service logical network that include service virtual machines (VMs) that are accessed by VMs of the tenant logical networks. The method defines a group of replacement IP address and port number pairs. Each pair is used to uniquely identify a VM across all tenant logical networks. The method sends to at least one host that is hosting a VM of a particular tenant logical network, a set of replacement IP address and port number pairs. Each replacement IP address and port number pair can be used by the host to replace a source IP address and a source port number in a packet that is destined from the particular VM to a VM of the particular service logical network.