Patent application number | Description | Published |
20130042323 | HIGH AVAILABILITY FOR NETWORK SECURITY DEVICES - In one example, a backup intrusion detection and prevention (IDP) device includes one or more network interfaces to receive a state update message from a primary IDP device, wherein the state update message indicates a network session being inspected by the primary IDP device and an identified application-layer protocol for the device, to receive an indication that the primary device has switched over or failed over to the backup device, and to receive a plurality of packets of the network session after receiving the indication, each of the plurality of packets comprising a respective payload including application-layer data, a protocol decoder to detect a beginning of a new transaction from the application-layer data of one of the plurality of packets, and a control unit to statefully process only the application-layer data of the network session that include and follow the beginning of the new transaction. | 02-14-2013 |
20130058336 | MULTIPLE CONTROL CHANNELS FOR MULTICAST REPLICATION IN A NETWORK - Network devices, such as a router and a downstream multicast distribution device, may use multiple control channels when setting up a multicast stream for a multicast request. For example, first messages may be transmitted using a first protocol to an upstream device over a first channel, the first messages indicating when a first multicast media stream is being requested by at least one of a number of client devices. Second messages may be transmitted using a second protocol over a second channel, the second messages being transmitted on a per-client basis and each identifying a one of the client devices as requesting the first multicast media stream. By using two control channels to convey the multicast channel requests, the router may obtain visibility into the action of the subscriber and can consequently perform per-subscriber operations such as access-control, bandwidth based admission control, statistics, and QoS adjustment for multicast IPTV streams received by the subscriber. | 03-07-2013 |
20130061010 | ORDERING WRITE BURSTS TO MEMORY - A device may receive requests intended for a memory that includes a number of banks, determine a number of the requests intended for each of the banks, determine an order for the requests based on the determined number of the requests intended for each of the banks, and send one of the requests to the memory based on the determined order. | 03-07-2013 |
20130073931 | OPTIMIZATION OF PACKET BUFFER MEMORY UTILIZATION - A method performed by an I/O unit connected to another I/O unit in a network device. The method includes receiving a packet; segmenting the packet into a group of data blocks; storing the group of data blocks in a data memory; generating data protection information for a data block of the group of data blocks; creating a control block for the data block; storing, in a control memory, a group of data items for the control block, the group of data items including information associated with a location, of the data block, within the data memory and the data protection information for the data block; performing a data integrity check on the data block, using the data protection information, to determine whether the data block contains a data error; and outputting the data block when the data integrity check indicates that the data block does not contain a data error. | 03-21-2013 |
20130074177 | ROUTING DEVICE HAVING INTEGRATED MPLS-AWARE FIREWALL - An MPLS-aware firewall allows firewall security policies to be applied to MPLS traffic. The firewall, which may be integrated within a routing device, can be configured into multiple virtual security systems. The routing device provides a user interface by which a user specifies one or more zones to be recognized by the integrated firewall when applying stateful firewall services to the packets. The user interface allows the user to define different zones and policies for different ones of the virtual security systems. In addition, the user interface supports a syntax that allows the user to define the zones for the firewall by specifying the customer VPNs as interfaces associated with the zones. The routing device generates mapping information for the integrated firewall to map the customer VPNs to specific MPLS labels for the MPLS tunnels carrying the customer's traffic. | 03-21-2013 |
20130100543 | USING A WAVEGUIDE TO DISPLAY INFORMATION ON ELECTRONIC DEVICES - An electronic device includes an instrument panel that includes a display opening, where the instrument panel is located in a first plane; a circuit board located inside the electronic device, where the circuit board includes a display device that includes a display area, and where the display area is located in a second plane that is different from the first plane; and a waveguide that couples the display area to the display opening and guides light, and/or an image displayed in the display area, from the display area to the display opening. | 04-25-2013 |
20130114605 | ARBITER CIRCUIT AND METHOD OF CARRYING OUT ARBITRATION - A method of carrying out arbitration in a packet exchanger including an input buffer temporarily storing a packet having arrived at an input port, and a packet switch which switches a packet between a specific input port and a specific output port, includes the steps of (a) concurrently carrying out a first plurality of sequences in each of the sequences basic processes for at least one of the input buffer and the output port are carried out in a predetermined order, and (b) making an allowance in each of the sequences for packets to be output through output through output ports at different times from one another. | 05-09-2013 |
20130117450 | ARRANGEMENTS AND METHODS FOR ACCESS TO STORED DATA - An access server generates a handshake with storage servers resulting in more rapid access to the stored data, for example, video data, by a user. The handshake also results in load balancing effects. | 05-09-2013 |
20130121144 | MULTIPLEXING APPARATUS AND DISCARD METHOD - An ATM multiplexing apparatus of the present invention is the apparatus for selectively performing cell discard processing in the case of congestion on the basis of a use state of the same connection formed by cells from the side of an ATM switching unit and subscribers without installing UPC units, and the ATM multiplexing apparatus, which is connected to the ATM switching unit and each of plural subscribers through ATM communication lines and performs multiplexing processing to ATM cells sent from the plural subscribers, comprises: detection means | 05-16-2013 |
20130121201 | INCREASING THROUGHPUT BY ADAPTIVELY CHANGING PDU SIZE IN WIRELESS NETWORKS UNDER LOW SNR CONDITIONS - Feedback indicates low signal-to-noise ratio (SNR) conditions for a wireless communications link between a transmitter device and a receiver device. After attempting to achieve a target packet error rate (PER) by increasing transmission power for the wireless communications link, the transmitter device receives feedback that indicates a current PER, for data transmitted using an initial automatic repeat request (ARQ) block size, is above the target PER for the receiver device, and changes, based on the feedback, the current ARQ block size to a different ARQ block size for the wireless communications link. The different ARQ block size may be adaptively selected to provide a maximum PDU size that achieves the target PER at the receiver device under the low SNR conditions. | 05-16-2013 |
20130121211 | FLOODING-BASED ROUTING PROTOCOL HAVING DATABASE PRUNING AND RATE-CONTROLLED STATE REFRESH - An enhanced, flooding-based link state routing protocol is described that provides pruning of link state data and, when needed, rate-controlled refresh of the pruned link state data from other routers of the flooding domain. A routing device comprises a network interface to send and receive packets over a layer-two (L2) communication medium. The routing device includes a control unit coupled to the network interface, and a flooding-based link state routing protocol executing on a processor of the control unit. The link-state routing protocol establishes an adjacency with a peer router. A database of the routing device includes entries that store a plurality of link state messages for a flooding domain of the link state routing protocol, wherein at least one of the entries in the database stores a partial link state message having a header portion and a payload having pruned link state data. | 05-16-2013 |
20130121341 | MULTI-BANK QUEUING ARCHITECTURE FOR HIGHER BANDWIDTH ON-CHIP MEMORY BUFFER - A network device includes a main storage memory and a queue handling component. The main storage memory includes multiple memory banks which store a plurality of packets for multiple output queues. The queue handling component controls write operations to the multiple memory banks and controls read operations from the multiple memory banks, where the read operations for at least one of the multiple output queues alternates sequentially between the each of the multiple memory banks, and where the read operations and the write operations occur during a same clock period on different ones of the multiple memory banks. | 05-16-2013 |
20130121343 | METHODS AND APPARATUS FOR TRANSMISSION OF GROUPS OF CELLS VIA A SWITCH FABRIC - In one embodiment, a method can include receiving at an egress schedule module a request to schedule transmission of a group of cells from an ingress queue through a switch fabric of a multi-stage switch. The ingress queue can be associated with an ingress stage of the multi-stage switch. The egress schedule module can be associated with an egress stage of the multi-stage switch. The method can also include determining, in response to the request, that an egress port at the egress stage of the multi-stage switch is available to transmit the group of cells from the multi-stage switch. | 05-16-2013 |
20130124837 | ANALYSIS OF SHORT TERM CPU SPIKES IN AN OPERATING SYSTEM KERNEL - A profiler may analyze processes being run by a processor. The profiler may include logic to periodically sample a value of an instruction pointer that indicates an instruction in the first process that is currently being executed by the processor and logic to update profile data based on the sampled value. The profiler may additionally include logic to determine, in response to a context switch that includes the operating system switching the active process from the first process to another of the plurality of processes, whether the first process executes for greater than a first length of time; logic to stop operation of the profiler when the first process executes for greater than the first length of time; and logic to clear the profile data when the first process fails to execute for greater than the first length of time. | 05-16-2013 |
20130128734 | SYSTEMS AND METHODS FOR DROPPING DATA USING A DROP PROFILE - A system selectively drops data from queues. The system includes a drop table that stores drop probabilities. The system selects one of the queues to examine and generates an index into the drop table to identify one of the drop probabilities for the examined queue. The system then determines whether to drop data from the examined queue based on the identified drop probability. | 05-23-2013 |
20130128736 | CALL ADMISSION CONTROL METHOD AND SYSTEM - A call admission control technique allowing flexible and reliable call admissions at an ATM switch in the case of an ATM network including both QoS-specified and QoS-unspecified virtual connections is disclosed. In the case where a QoS (Quality of Service) specified connection request occurs, an estimated bandwidth is calculated which is to be assigned to an existing QoS-unspecified traffic on the link associated with the QoS-specified connection request. A call control processor of the ATM switch determines whether the QoS-specified connection request is accepted, depending on whether a requested bandwidth is smaller than an available bandwidth that is obtained by subtracting an assigned bandwidth and the estimated bandwidth from a full bandwidth of the link. | 05-23-2013 |
20130128901 | LAYER 1 FRAME CONSTRUCTION - A method includes appending, by a network device, a first layer | 05-23-2013 |
20130132504 | ADAPTIVE NETWORK CONTENT DELIVERY SYSTEM - A method and apparatus stores media content in a variety of storage devices, with at least a portion of the storage devices having different performance characteristics. The system can deliver media to a large number of clients while maintaining a high level of viewing experience for each client by automatically adapting the bit rate of a media being delivered to a client using the client's last mile bit rate variation. The system provides clients with smooth viewing of video without buffering stops. The client does not need a custom video content player to communicate with the system. | 05-23-2013 |
20130132773 | FAST RESOURCE RECOVERY AFTER THREAD CRASH - A resource recovery system may maintain a counter in memory that indicates a number of times one or more threads of execution, which use shared resources, have crashed. The system may associate a first value of the counter with a resource allocated to a thread of the one or more threads, and may set an indicator associated with the thread to indicate whether the thread has crashed. The system may determine whether to re-allocate the resource to the thread based on the first value of the counter associated with the resource and based on the indicator associated with the thread. | 05-23-2013 |
20130133027 | COMBINING NETWORK ENDPOINT POLICY RESULTS - An endpoint integrity system controls access to resources of a protected network for endpoint devices attempting to access the protected network. The system may include a number of evaluation modules that communicate with an endpoint device. The evaluation modules generate policy results for the endpoint device, in which each of the policy results assume one of three or more states, called a multi-state policy result. The multi-state policy results are combined to produce a combined Boolean policy result. | 05-23-2013 |
20130136134 | SEQUENCING PACKETS FROM MULTIPLE THREADS - A device may reserve a slot for a received packet in a packet ordering queue (POQ), convey the packet to one of a plurality of threads for processing, obtain the packet from the one of the plurality of threads after the packet has been processed, organize the packet in the POQ in accordance with a position of the reserved slot, and release the packet from the POQ if the reserved slot is a head of the POQ. | 05-30-2013 |
20130136137 | APPARATUS AND METHOD FOR DATA TRANSMISSION - Local concentration of accessing loads on a data buffer during data cell reading is reduced. Also, by providing sufficient time for a data cell reading operation with respect to data cell transmission timing, transmission rate fluctuation of CBR data cells in a transmitting side is reduced. When transmission of a new data stream is added, controller in a cell control unit refers to a transmitted data cell count of VC information processed through a slot immediately before. The controller determines whether a data cell transmitted through the slot immediately before is a head portion of a packet or not. If the data cell transmitted through the slot immediately before is the head portion of the packet, the controller only adds the VC information of the data stream to a shaper link list, and withholds transmission of the data cell. On the other hand, if the data cell transmitted through the slot immediately before is not the head portion of the packet, then the controller adds the VC information of the data stream, and transmits the data cell. | 05-30-2013 |
20130136141 | WRR SCHEDULER CONFIGURATION FOR OPTIMIZED LATENCY, BUFFER UTILIZATION - A method includes receiving network information for calculating weighted round-robin (WRR) weights, calculating WRR weights associated with queues based on the network information, and determining whether a highest common factor (HCF) exists in relation to the calculated WRR weights. The method further includes reducing the calculated WRR weights in accordance with the HCF, when it is determined that the HCF exists, and performing a WRR scheduling of packets, stored in the queues, based on the reduced WRR weights. | 05-30-2013 |
20130142197 | SYSTEMS AND METHODS FOR IMPLEMENTING VIRTUAL SWITCH PLANES IN A PHYSICAL SWITCH FABRIC - A switching device includes multiple interfaces and a switch fabric. The switch fabric includes switch integrated circuits arranged in a number of stages. Multiple virtual switch planes may be implemented in the switch fabric. Data traffic received at the interfaces is selectively assigned to different ones of the virtual switch planes. | 06-06-2013 |
20130142199 | VIRTUAL LOCAL AREA NETWORK (VLAN)-BASED MEMBERSHIP FOR MULTICAST VLAN REGISTRATION - A network node that includes a memory to store a multicast forwarding table that contains entries that govern how multicast traffic is to be forwarded from a multicast virtual local area network (MVLAN) associated with the network node, to receiver VLANs associated with the network node, where each entry includes a multicast group, that is associated with a group of ports on the multicast VLAN via which the multicast traffic is received, and information associated with the receiver VLANs to which the received multicast traffic is to be sent. The network node also includes a processor to receive multicast traffic associated with a particular multicast group, via a particular port on the multicast VLAN; perform, using the multicast forwarding table, a look up operation, based on the particular multicast group, to determine to which of the receiver VLANs the multicast traffic is to be sent; and transmit the multicast traffic, associated with the particular multicast group, to user devices, via the receiver VLANs, based on a determination that the entry, associated with the particular multicast group, includes information associated with the receiver VLANs. | 06-06-2013 |
20130144454 | INCREASING MEAN TIME BETWEEN FAILURES FOR POWER SUPPLIES - A redundant power supply may obtain a rule for increasing mean time between failures (MTBF) for a first internal power supply and a second internal power supply connected to an electronic device, apply the rule to the first and second power supplies, activate the second internal power supply based on the rule to permit the second internal power supply to provide power to the electronic device, and deactivate the first internal power supply based on the rule. | 06-06-2013 |
20130145356 | AUTOMATIC SOFTWARE UPDATE ON NETWORK DEVICES - A method may include contacting, by a network device, another device to obtain at least one of a network address, authentication, or authorization, receiving, from the other device, software update information that identifies an up-to-date software that the network device should have installed and location information that identifies a location from which to retrieve the up-to-date software, comparing, by the network device, the software update information to software information that identifies software currently installed on the network device, retrieving, by the network device, the up-to-date software based on the software update information and the location information when the software update information and the software information do not match, and auto-installing, by the network device, the up-to-date software. | 06-06-2013 |
20130145421 | POLICY EVALUATION IN CONTROLLED ENVIRONMENT - A module may include interface logic to receive information identifying a state related to a client device via logic related to a controlled environment, and to send a valid policy result to a host device, where the valid policy result is related to the state. The module may include processing logic to process policy content according to a resource policy, where the processing is based on the information, and to produce the valid policy result based on the processing using the resource policy, where the valid policy result is adapted for use by the host device when implementing the network policy with respect to a destination device when the client device attempts to communicate with the destination device. | 06-06-2013 |
20130155861 | CONTENT SERVICE AGGREGATION SYSTEM - A network content service apparatus includes a set of compute elements adapted to perform a set of network services; and a switching fabric coupling compute elements in said set of compute elements. The set of network services includes firewall protection, Network Address Translation, Internet Protocol forwarding, bandwidth management, Secure Sockets Layer operations, Web caching, Web switching, and virtual private networking. Code operable on the compute elements enables the network services, and the compute elements are provided on blades which further include at least one input/output port. | 06-20-2013 |
20130156032 | DATA STRUCTURE-LESS DISTRIBUTED FABRIC MULTICAST - A network device receives a packet with a multicast nexthop identifier, and creates a mask that includes addresses of egress packet forwarding engines, of the network device, to which to provide the packet. The network device divides the mask into two portions, generates two copies of the packet, provides a first portion of the mask in a first copy of the packet, and provides a second portion of the mask in a second copy of the packet. The network device also forwards the first copy of the packet to an address of a first egress packet forwarding engine provided in the first portion of the mask, and forwards the second copy of the packet to an address of a second egress packet forwarding engine provided in the second portion of the mask. | 06-20-2013 |
20130159549 | DEVICE COMMUNICATIONS OVER UNNUMBERED INTERFACES - A method and a network device for enabling communication between unnumbered interfaces are provided. A device level address may be assigned to a network device. The network device may announce the assigned device level address to a neighboring network device over a link. A corresponding device level address associated with the neighboring network device may be received over the link. A route may be stored including the received device level address associated with the neighboring network device and the link. In some implementations, the announcement of the assigned device level address is performed during protocol configuration. | 06-20-2013 |
20130163740 | ASYNCHRONOUS CALLS USING INTERMITTENT CALLBACK FOR DELAY SENSITIVE APPLICATIONS - A call handling system receives an asynchronous call request, from a call requester, requesting performance of an operation, where the call request includes a delay parameter specified by the call requester. The call handling system performs the requested operation, and sends a callback to the call requester, which includes partial results from performance of the requested operation, at selected intervals determined by the delay parameter. | 06-27-2013 |
20130166856 | SYSTEMS AND METHODS FOR PRESERVING THE ORDER OF DATA - A device includes an input processing unit and an output processing unit. The input processing unit dispatches first data to one of a group of processing engines, records an identity of the one processing engine in a location in a first memory, reserves one or more corresponding locations in a second memory, causes the first data to be processed by the one processing engine, and stores the processed first data in one of the locations in the second memory. The output processing unit receives second data, assigns an entry address corresponding to a location in an output memory to the second data, transfers the second data and the entry address to one of a group of second processing engines, causes the second data to be processed by the second processing engine, and stores the processed second data to the location in the output memory. | 06-27-2013 |
20130166859 | IDENTIFYING UNALLOCATED MEMORY SEGMENTS - A network device that includes a first memory to store packets in segments; a second memory to store pointers associated with the first memory; a third memory to store summary bits and allocation bits, where the allocation bits correspond to the segments. The network device also includes a processor to receive a request for memory resources; determine whether a pointer is stored in the second memory, where the pointer corresponds to a segment that is available to store a packet; and send the pointer when the pointer is stored in the second memory. The processor is further to perform a search to identify other pointers when the pointer is not stored in the second memory, where performing the search includes identifying a set of allocation bits, based on an unallocated summary bit, that corresponds to the other pointers; identify another pointer, of the other pointers, based on an unallocated allocation bit of the set of allocation bits; and send the other pointer in response to the request. | 06-27-2013 |
20130170497 | VOICE RELAYING APPARATUS AND VOICE RELAYING METHOD - A voice relaying apparatus includes a receiving section for receiving a cell from an asynchronous transfer mode (ATM) network, a plurality of cell assembling/disassembling units for assembling and disassembling the cells, and a transmitting section for transmitting the cells assembled by each of the plurality of cell assembling/disassembling units. | 07-04-2013 |
20130173841 | CONVENIENT, FLEXIBLE, AND EFFICIENT MANAGEMENT OF MEMORY SPACE AND BANDWIDTH - A device may receive a request to read data from or write data to a memory that includes a number of memory banks. The request may include an address. The device may perform a mapping operation on the address to map the address from a first address space to a second address space, identify one of the memory banks based on the address in the second address space, and send the request to the identified memory bank. | 07-04-2013 |
20130176843 | ROUTING PROTOCOLS FOR ACCOMMODATING NODES WITH REDUNDANT ROUTING FACILITIES - Graceful restart in routers having redundant routing facilities may be accomplished by replicating network (state/topology) information. | 07-11-2013 |
20130177153 | USING FILE METADATA FOR DATA OBFUSCATION - A system and method may assist in securing data for transmission to a receiving entity. Received data may include metadata associated therewith. The data may be encrypted using an encryption key encoded within selected portions of the metadata, where the selection of the selected portions is based on a scheme shared with the receiving entity. The encrypted data including the metadata may be transferred to the receiving entity. The receiving entity may decrypt the encrypted data using the selected portions of the metadata. | 07-11-2013 |
20130194974 | NETCONF-ENABLED PROVISIONING IN ROLLBACK AGNOSTIC ENVIRONMENT - A method includes receiving configuration data for configuring network devices; generating remote procedure calls (RPCs) for configuring the network devices, which include provisioning and reverse provisioning RPCs, where each reverse provisioning RPC reverse provisions a particular pseudowire; providing to the network devices the provisioning RPCs; determining a success with respect to each of the provisioning RPCs, where the success indicates that all endpoints of a pseudowire have been successfully configured; providing the reverse provisioning RPCs to the network devices, when it is determined that the success has not been achieved; and storing an indication of success when it is determined that the success has been achieved with respect to the provisioning RPCs. | 08-01-2013 |