327 results about "Network strategy" patented technology

A unified policy management system for an organization including a central policy server and remotely situated policy enforcers. A central database and policy enforcer databases storing policy settings are configured as LDAP databases adhering to a hierarchical object oriented structure. Such structure allows the policy settings to be defined in an intuitive and extensible fashion. Changes in the policy settings made at the central policy server are automatically transferred to the policy enforcers for updating their respective databases. Each policy enforcer collects and transmits health and status information in a predefined log format and transmits it to the policy server for efficient monitoring by the policy server. For further efficiencies, the policy enforcement functionalities of the policy enforcers are effectively partitioned so as to be readily implemented in hardware. The system also provides for dynamically routed VPNs where VPN membership lists are automatically created and shared with the member policy enforcers. Updates to such membership lists are also automatically transferred to remote VPN clients. The system further provides for fine grain access control of the traffic in the VPN by allowing definition of firewall rules within the VPN. In addition, policy server and policy enforcers may be configured for high availability by maintaining a backup unit in addition to a primary unit. The backup unit becomes active upon failure of the primary unit.

Devices and methods are disclosed which relate to dynamically adapting network policy on a wireless communications device to account for changes in network environment. These network policies are enforced, at least in part, at the device level, as opposed to solely at the network edges. The network policy is broad so as to encompass changes in network environment, such as increases and decreases in available bandwidth and presence or absence of security.

Techniques for efficient and secure implementation of network policies in a network interface controller (NIC) in a host computing device operating a virtualized computing environment. In some embodiments, the NIC may process and forward packets directly to their destinations, bypassing a parent partition of the host computing device. In particular, in some embodiments, the NIC may store network policy information to process and forward packets directly to a virtual machine (VM). If the NIC is unable to process a packet, then the NIC may forward the packet to the parent partition. In some embodiments, the NIC may use an encapsulation protocol to transmit address information in packet headers. In some embodiments, this address information may be communicated by the MC to the parent partition via a secure channel. The NIC may also obtain, and decrypt, encrypted addresses from the VMs for routing packets, bypassing the parent partition.

A method and an apparatus for analyzing a network configuration against a corporate network policy and determining violation(s) against the corporate network policy. A report indicating the violation(s) can be generated indicating instances of the violation(s). An analysis platform reads in a network policy. The analysis platform collects configuration files from the relevant network devices in the network and builds up an internal instance of a network configuration model based on the configuration files and the network topology. The analysis platform analyzes this network configuration model according to the network policy and adds an entry to its final report each time that it detects a violation against the network policy in the network configuration model. The data in the entries pinpoints the cause of the deviation(s) from the network policy.

A peer-to-peer novel video streaming scheme is described in which each peer stores and streams videos to the requesting client peers. Each video is encoded into multiple descriptions and each description is placed on a different node. If a serving peer disconnects in the middle of a streaming session, the system searches for a replacement peer that stores the same video description and has sufficient uplink bandwidth. Employing multiple description coding in a peer-to-peer based network improves the robustness of the distributed streaming content in the event a serving peer is lost. Video quality can be maintained in the presence of server peers being lost. The video codec design and network policies have a significant effect on the streamed video quality. The system performance generally improves as the number of descriptions M for the video increases, which implies that a higher video quality can be obtained with the same network loading.

A prevention-based network auditing system includes an audit repository storing network information gathered by a plurality of heterogeneous information sources. A semantic normalization module identifies semantic equivalencies in the gathered information, and generates a map listing for each fact gathered by an information source, an equivalent fact or set of facts gathered by each of the other information sources. A network policy is then uniformly applied to the information that is identified as being semantically equivalent.