This disclosure describes systems, methods, and devices related to testing servers provisioned in an edge computing device. An edge computing device may detect that a server has been provisioned to access a public network cloud using backbone routers of the edge computing device; provide a neural network for evaluating a probability that a performance of the server will satisfy performance criteria, the neural network trained based on training data comprising labeled settings data and feature weights; input settings and configurations associated with the provisioning of the server as inputs to the neural network; and generate, using the neural network, based on the inputs and the training data, a confidence score indicative of the probability.
H04L 41/16 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets en utilisant l'apprentissage automatique ou l'intelligence artificielle
H04L 43/55 - Test de la qualité du niveau de service, p.ex. simulation de l’utilisation du service
2.
EFFICIENT PROVISIONING OF INTERNET CIRCUIT AND SECURE DOMAIN NAME SYSTEM
The present application describes systems and methods for automatically provisioning a domain name system (DNS) firewall service for an Internet circuit. In examples, customer premises equipment and a DNS firewall system are automatically configured to work with the Internet circuit without requiring technical knowledge or intervention by a customer.
H04L 41/00 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets
H04L 61/4511 - Répertoires de réseau; Correspondance nom-adresse en utilisant des protocoles normalisés d'accès aux répertoires en utilisant le système de noms de domaine [DNS]
3.
INTENT-BASED IDENTITY ACCESS MANAGEMENT SYSTEMS AND METHODS
An identity and access management system including: a processor; and memory including instructions that, when executed by the processor, cause the processor to: receive an API token request for an authorization token to authorize an application function associated with a target API of an application; determine identity information from the API token request; retrieve attributes associated with the identity information; identify the target API and an API function profile associated with the target API for the application function; filter the attributes associated with the identity information based on the API function profile; generate the authorization token according to the filtered attributes; and transmit the authorization token in response to the API token request.
External customer data (ECD) may be efficiently stored in a network. When ECD is received at an edge node, the node may determine if the ECD is subject to a compiling procedure. For example, if the ECD comprises a list of entries that all have the same data type, the ECD may be placed into an array, and the array may be sorted and stored. In other examples, if the ECD received at a node includes references to other ECD, the referenced ECD may be retrieved, and the received ECD and referenced ECD may be combined and stored. In other examples, the ECD received at the node may be script instructions that can then be compiled into, and stored as, a runtime version. Any compiled ECD stored at nodes may be subject to the same invalidation and expiration policies as the uncompiled ECD from which it was derived.
The present disclosure describes providing robust network connectivity by creating a virtual overlay network over a plurality of communication network channels, such that if there is a failover on a first network, a failover overlay tunnel may be used to prevent an interruption in service when the first network drops. An SD-WAN remote may be deployed at an edge location of a network and an SD-WAN base may be installed at a client premises. A first overlay tunnel using a first communication transport may be utilized as a default route and a second overlay tunnel using a second communication transport may be used as a failover route.
H04L 45/00 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données
H04L 45/28 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données en utilisant la reprise sur incident de routes
H04L 45/64 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données à l'aide d'une couche de routage superposée
H04L 45/655 - Interaction entre les entités de calcul de routes et les entités de transmission, p.ex. pour la détermination de la route ou pour la mise à jour des tables de flux
H04L 45/76 - Routage dans des topologies définies par logiciel, p.ex. l’acheminement entre des machines virtuelles
H04L 45/741 - Routage dans des réseaux avec plusieurs systèmes d'adressage, p.ex. avec IPv4 et IPv6
H04L 41/122 - Découverte ou gestion des topologies de réseau des topologies virtualisées, p.ex. les réseaux définis par logiciel [SDN] ou la virtualisation de la fonction réseau [NFV]
H04L 41/5019 - Pratiques de respect de l’accord du niveau de service
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
A method for registering a handler in a configured sequence of handlers includes: receiving, by a processor and memory implementing a sequencer infrastructure, a configuration script defining a sequence including one or more handler identifiers and corresponding one or more handler arguments; invoking a handler initialization entry point for a handler corresponding to a handler identifier, the invoking the handler initialization entry point including: selecting, based on the corresponding one or more handler arguments, a handler type from among two or more of: a configured instance of the handler; a configured alternate handler different from the handler; an alternate sequence of handlers; an expression; and a no-op handler; and initializing a configured handler based on the handler type selected and the corresponding one or more handler arguments; and adding the configured handler to a configured sequence of handlers.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 45/12 - Routage ou recherche de routes de paquets dans les réseaux de commutation de données Évaluation de la route la plus courte
8.
UNIFORMITY OF INSTRUCTIONS FOR CONTENT REQUESTS AND RESPONSES IN A CONTENT DELIVERY NETWORK
Examples described herein relate to standardizing content requests and responses in a content delivery network (CDN). An edge node receives a control object including sets of instructions each implementing portions of a customer's business logic. The edge node may receive, from a client, a content request identifying a content item, and may apply a set of the instructions which causes the edge node to (i) determine whether any changes are needed for the benefit of a cache server and whether any changes are need for the benefit of an origin server, and (ii) generate a processed client request identifying the content item and including, if needed, any changes for the benefit of the cache server and the origin server. The edge node transmits the processed client request to the cache server, receives a response from the cache server, and transmits a processed client response to the client.
Examples described herein relate to systems and methods for tiered updating of configuration data. Updated configuration data is transmitted to different tiers of nodes. The nodes of a first tier are commanded to use the updated configuration data. After waiting to see if any nodes of the first tier communicate a fault after using the updated configuration data, for each of the additional tiers in the CDN it is sequentially repeated to: transmit a command to the nodes of that additional tier to use the updated configuration data; and after waiting to see if any nodes of any tier communicate a fault after using the updated configuration data, transmitting a command to the nodes of another additional tier to use the updated configuration data.
Systems and methods for recommending and implementing computing services at a provider network site are provided. A provider network may comprise multiple provider sites, such as edge computing sites. Edge computing sites may not be uniform – e.g., they may differ in computing capability, security certification, capacity for expansion, data storage availability, type of network connectivity, etc. An optimization system uses both service information and optimization criteria to determine one or more optimized provider site(s) for hosting a computing service. Further, service information and optimization criteria may be stored and updated to allow the computing service to be dynamically moved in response to a change event, such as a site failure or a determination that an improvement metric exceeds a threshold for a minimum period of time.
H04L 41/5025 - Pratiques de respect de l’accord du niveau de service en réagissant de manière proactive aux changements de qualité du service, p.ex. par reconfiguration après dégradation ou mise à niveau de la qualité du service
H04L 41/0896 - Gestion de la bande passante ou de la capacité des réseaux, c. à d. augmentation ou diminution automatique des capacités
H04L 67/52 - Services réseau spécialement adaptés à l'emplacement du terminal utilisateur
H04W 48/18 - Sélection d'un réseau ou d'un service de télécommunications
A tool is provided to configure an edge compute environment of a network. The edge compute network configuration tool may generate a configuration process for instantiating an edge compute environment at an edge site of a network including configuring one or more of the components of the edge compute environment. The configuration process may include generating automatically executed configuration instructions that communicate with the devices of the edge compute environment to configure operational processes of the devices, provision communication ports, establish one or more network addresses with the devices, etc. In some instances, the edge compute configuration tool may execute one or more micro-services to communicate with and control configuration of the devices of the edge compute environment. In addition, in some instances, a content delivery network may be used to deliver configuration data to the device being configured.
H04L 41/5051 - Service à la demande, p.ex. définition et déploiement des services en temps réel
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p.ex. prêt à l’emploi [plug-and-play]
H04L 41/084 - Configuration en utilisant des informations préexistantes, p.ex. en utilisant des gabarits ou en copiant à partir d’autres éléments
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
A server configuration tool is presented for autonomously configuring servers located in a network. The tool may autonomously configure multiple servers in parallel based on individual states of the servers, which may be periodically and simultaneously determined. For example, the tool may determine which action to take to begin or continue configuring the server based on the present state of each server. Server states (and corresponding actions) can be edited through a user interface to alter the server configuration process without code changes. At any one time, multiple servers may be in different states requiring different configuration operations to configure the servers to be ready for use. The present systems and methods can be used to move multiple servers iteratively through different configuration actions based on the individual state of each server and to perform non-conflicting configuration operations for multiple servers in parallel.
H04L 41/0806 - Réglages de configuration pour la configuration initiale ou l’approvisionnement, p.ex. prêt à l’emploi [plug-and-play]
H04L 41/0893 - Affectation de groupes logiques aux éléments de réseau
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 43/0817 - Surveillance ou test en fonction de métriques spécifiques, p.ex. la qualité du service [QoS], la consommation d’énergie ou les paramètres environnementaux en vérifiant la disponibilité en vérifiant le fonctionnement
A system and method for providing on-demand edge compute. The system may include an orchestrator that provides a UI and that contorls an abstraction layer for implementing a workflow for providing on-demand edge compute. The abstraction layer may include a server configuration orchestration (SCO) system (e.g., a Metal-as-a-Service (MaaS) system) and API that may provide an interface between the orchestrator and the SCO. The API may enable the orchestrator to communicate with the SCO for receiving requests that enable the SCO to integrate with existing compute resources to perform various compute provisioning tasks (e.g., to build and provision a server instance). The various tasks, when executed, may provide on-demand edge compute service to users. The SCO API may further enable the ECS orchestrator to receive information from the SCO (e.g., compute resource information, status messages).
H04L 41/5051 - Service à la demande, p.ex. définition et déploiement des services en temps réel
H04L 41/04 - Architectures ou dispositions de gestion de réseau
H04L 41/0895 - Configuration de réseaux ou d’éléments virtualisés, p.ex. fonction réseau virtualisée ou des éléments du protocole OpenFlow
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/50 - Gestion des services réseau, p.ex. en assurant une bonne réalisation du service conformément aux accords
14.
SYSTEMS AND METHODS FOR PROVIDING ENHANCED SECURITY IN EDGE COMPUTING ENVIRONMENTS
Examples of the present disclosure describe systems and methods for providing enhanced security in edge computing environments. A first aspect describes a method for moving security features dynamically applied to an application at a first deployment location to an application at a second deployment location. A second aspect describes a method for locally expanding/contracting an instance of a deployed application. A third aspect describes a method for redirected network traffic associated with detected malicious conduct from a first application deployment environment to a secured second application deployment environment. A fourth aspect describes a method for performing multi-stage network traffic filtering.
A system and method for providing on-demand edge compute. The system may include an orchestrator that provides a UI and controls an abstraction layer for implementing a workflow for providing on-demand edge compute. The abstraction layer may include a network configuration orchestration (NCO) system (e.g., a Network-as-a-Service (NaaS) system) and an API that may provide an interface between the orchestrator and the NCO. The API may enable the orchestrator to communicate with the NCO for receiving requests that enable the NCO to integrate with existing network controllers, orchestrators, and other systems and perform various network provisioning tasks (e.g., to build and provision a communication path between server instances). The various tasks, when executed, may provide end-to-end automated network provisioning services as part of providing on-demand edge compute service to users. The API may further enable the ECS orchestrator to receive information from the NCO, (e.g., network resource information, status messages).
H04L 41/5051 - Service à la demande, p.ex. définition et déploiement des services en temps réel
H04L 41/04 - Architectures ou dispositions de gestion de réseau
H04L 41/40 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets en utilisant la virtualisation des fonctions réseau ou ressources, p.ex. entités SDN ou NFV
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/50 - Gestion des services réseau, p.ex. en assurant une bonne réalisation du service conformément aux accords
H04L 41/342 - Canaux de signalisation pour la communication dédiée à la gestion du réseau entre entités virtuelles, p.ex. orchestrateurs, SDN ou NFV
A network interface system defines standardized network service requests and related abstracted tasks. In examples, commands needed to configure particular network elements are dependent on the network being utilized and/or the network element(s) being utilized. The network interface system may include a standardization layer, an abstraction layer, and an application programming interface for each of a variety of available networks. Upon a request for a network service, the related abstracted tasks may be translated into network-specific commands to configure network elements of disparate networks to provide the requested service.
H04L 41/5051 - Service à la demande, p.ex. définition et déploiement des services en temps réel
H04L 41/022 - Intégration multifournisseurs ou multistandards
H04L 41/22 - Dispositions pour la maintenance, l’administration ou la gestion des réseaux de commutation de données, p.ex. des réseaux de commutation de paquets comprenant des interfaces utilisateur graphiques spécialement adaptées [GUI]
H04L 41/12 - Découverte ou gestion des topologies de réseau
H04L 41/50 - Gestion des services réseau, p.ex. en assurant une bonne réalisation du service conformément aux accords
17.
UPDATING CONFIGURATION DATA IN A CONTENT DELIVERY NETWORK
Examples described herein relate to systems and methods for updating configuration data. A method implemented by a computer may include receiving updated configuration data from a control core. Earlier configuration data with a time stamp may be stored in an archive storing additional earlier configuration data with respective time stamps. Responsive to the updated configuration data not being faulty, content may be distributed using the updated configuration data. Responsive to the updated configuration data being faulty, a fault may be communicated to a monitoring system, and commands from the monitoring system may be received and executed to: revert to an earlier configuration data corresponding to a specific earlier time, and disregard any further updated configuration data from the control core until instructed otherwise by the monitoring system. Content may be distributed using the earlier configuration data to which the computer is reverted.
G06F 11/14 - Détection ou correction d'erreur dans les données par redondance dans les opérations, p.ex. en utilisant différentes séquences d'opérations aboutissant au même résultat
Aspects of present disclosure include devices within a transmission path of streamed content forwarding received data packets of the stream to the next device or "hop" in the path prior to buffering the data packet at the device. In this method, typical buffering of the data stream may therefore occur at the destination device for presentation at a consuming device, while the devices along the transmission path may transmit a received packet before buffering. Further, devices along the path may also buffer the content stream after forwarding to fill subsequent requests for dropped data packets of the content stream. Also, in response to receiving the request for the content stream, a device may first transmit a portion of the contents of the gateway buffer to the requesting device to fill a respective buffer at the receiving device.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04N 21/231 - Opération de stockage de contenu, p.ex. mise en mémoire cache de films pour stockage à court terme, réplication de données sur plusieurs serveurs, ou établissement de priorité des données pour l'effacement
19.
ARTIFICIAL INTELLIGENCE LOG PROCESSING AND CONTENT DISTRIBUTION NETWORK OPTIMIZATION
Examples of the present disclosure relate to artificial intelligence log processing and CDN optimization. In examples, log data is processed at a node of the CDN rather than transmitting all of the log data for remote processing. The log data may be processed by a model processing engine according to a model, thereby generating model processing results. Model processing results are communicated to a parent node, thereby providing insight into the state of the node without requiring transmission of the full set of log data. Model processing results and associated information may be used to alter the configuration of the CDN. For example, a model processing engine may be added or removed from a node based on a forecasted amount of log data. As another example, edge servers of a node may be added or removed based on expected computing demand.
Examples described herein relate to systems and methods for containing a faulty stimulus in a Content Delivery Network, CDN. Every received stimulus including the faulty stimulus is listed in a suspect list, and is implicitly tested by acting upon those stimuli by a software application. Responsive to successfully acting upon a stimulus besides the faulty stimulus, each non-faulty stimulus is deleted from the suspect list and made available to a downstream node. Responsive to acting upon the faulty stimulus, the software application crashes which leaves the faulty stimulus listed in the suspect list. The software application then restarts and deems the faulty stimulus as being faulty based upon the faulty stimulus still being listed in the suspect list after the restart. The faulty stimulus is not made available to a downstream node. The stimuli relate for example to configuration commands to configure the nodes of the CDN.
Examples of the present disclosure relate to hostname pre-localization. In examples, a service uses a content distribution network (CDN) to provide at least a part of the computing functionality associated with the service. A pre-localized hostname may be used to direct the client computing device to a specific edge server of the CDN that is associated with the computing functionality. In examples, a service receives an initiation request from a client computing device for the computing functionality provided by the CDN. The service generates a pre-localization request comprising pre-localization information and provides the pre-localization request to the CDN. Accordingly, the CDN generates a pre-localized hostname associated with an edge server based on the pre-localization information. The pre-localized hostname is provided to the service, which is then provided to the client computing device, thereby directing the client computing device to the specific edge server of the CDN.
A DNS resolution request for a hostname of a CDN is received. An edge server of the CDN may be identified, which may be associated with a subnet. The subnet is used to generate a response IP address, where the remaining bits of the response IP address may be used to store requestor information (e.g., a requestor IP address). When a client computing device uses the response IP address to access the edge server, requestor information is extracted and associated with client computing device information (e.g., an IP address and/or location, etc.) in an association record. Association records may be used to determine predicted characteristics for devices served by a requestor. When the authoritative DNS server resolves a request from the requestor, such predicted characteristics may be used rather than relying solely on information about a requestor. Thus, an edge server proximate to the predicted location may be returned instead.
Examples described herein relate to systems and methods for storing content items. The methods may be implemented by a computer comprising a processor, primary storage device, secondary storage, device and network interface. The primary storage device may receive, via the network interface, a plurality of content items responsive to respective requests from clients. The plurality of content items may be distributed, via the network interface, from the primary storage device to clients responsive to the respective requests from the clients. The processor may generate a dynamic priority list for the content items based on the respective requests from the clients over time, and may write, based on the dynamic priority list, only a subset of the content items to the secondary storage device.
Aspects of the present disclosure involve systems and methods for a service activation system in a telecommunications network that utilizes one or more generic container files for building the configuration file to instantiate the service on the network. A request for service may be received from an order entry system that includes specific information about the requested service. A collection of generic configuration files may be selected based on the information included in the service order and arranged to build a configuration file to be executed on the network. The service activation system may also include a component or group of components to verify a received service order and alter the service order with default information or data where applicable. The configuration file may also be executed on the network through one or more drivers communicating with the affected devices to configure the one or more network devices.
A security platform of a data network is provided that includes security services for computing devices in communication with the data network. The security platform may apply a security policy to the computing devices when accessing the Internet via a home network (or other customer network) and when accessing the Internet via a public or third party network. To provide security services to computing devices via the home network, the security platform may communicate with a security agent application executed on the router (or other gateway device) of the home network. In addition, each of the devices identified by the security profile for the home network may be instructed or otherwise be provided a security agent application for execution on the computing devices. The security agent application may communicate with the security platform when the computing device connects to the Internet over a third party or public access point.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for an orchestrator device associated with a scrubbing environment of a telecommunications network that receives one or more announced routing protocol advertisements from a customer device under an attack. In response to receiving the announcement, the orchestrator may configure one or more scrubbing devices of the network to begin providing the scrubbing service to packets matching the received routing announcement. A scrubbing service state for the customer may also be obtained or determined by the orchestrator. With the received route announcement and the customer profile and state information, the orchestrator may provide instructions to configure the scrubbing devices of the network based on the received information to dynamically automate scrubbing techniques without the need for a network administrator to manually configure the scrubbing environment or devices.
A dynamic controller to automatically generate layer (3) network connections between devices and/or networks associated with a virtual computing environment in response to a request for such connections is provided such that communications associated with the computing environment may be transmitted between the endpoints. For example, the dynamic controller may connect one or more cloud service provider networks, one or more customer-controlled data centers, one or more customer networks, and the like, based on information provided in a connection request. A layer (3) communication controller may also be instantiated within a core network that manages the flow of communications between the connected networks, such as by translating messages between the connected networks so that messages intended for a connected network may match the supported communication protocols of that network and/or providing one or more security features to the transmitted communications.
Novel tools and techniques for predictive AI automated cloud service turn-up are provided. A system includes an AI pipeline and service orchestration server coupled to the Ai pipeline. The AI pipeline includes a processor and non-transitory computer readable media comprising instructions executable by the processor to obtain customer usage data associated with a first customer from one or more customer data sources, wherein the customer usage data is indicative of usage patterns of one or more cloud services by the first customer, and generate, via a predictive model, predicted usage data based on the customer usage data, wherein the predicted usage data includes a prediction of an individual cloud service of the one or more cloud services predicted to be used by the first customer. The service orchestration server may be configured to turn-up the individual cloud service based on the predicted usage data.
Examples described herein relate to apparatuses and methods for managing caching for a content delivery system, which may include receiving a content request indicating that the caching agent is requesting content data for a client, filling the content data in a first cache storage of the business logic agent, providing the cached content data to the caching agent, and while a second cache storage of the caching agent is being filled with the content data, maintaining the cached content data in response to receiving additional content requests from the caching agent. The additional content requests may indicate that the caching agent is requesting the same content data for additional clients.
Implementations described and claimed herein provide systems and methods for intelligent node type selection in a telecommunications network. In one implementation, a customer set is obtained for a communications node in the telecommunications network. The customer set includes an existing customer set and a new customer set. A set of customer events is generated for a node type of the communications node using a simulator. The set of customer events is generated by simulating the customer set over time through a discrete event simulation. An impact of the customer events is modeled for the node type of the communications node. The node type is identified from a plurality of node types for a telecommunications build based on the impact of the customer events for the node type.
H04Q 9/00 - Dispositions dans les systèmes de commande à distance ou de télémétrie pour appeler sélectivement une sous-station à partir d'une station principale, sous-station dans laquelle un appareil recherché est choisi pour appliquer un signal de commande ou
31.
SERVICE AREA DETERMINATION IN A TELECOMMUNICATIONS NETWORK
Implementations described and claimed herein provide systems and methods for correlating one or more service areas of a network with one or more geolocation coordinates to determine available services for customers to the network. A service polygon may be generated that define an area in which a particular service offered by a communications network is available. The boundaries of the service polygons may be adjusted based on information corresponding to physical features of the initial area. The service polygons may aid a communications network in providing a list of available services to potential customers or devices connected to the network by determining one or more geolocation coordinate values of a potential connection site and comparing the values to the service polygons. A network management system may determine the available services, current or in the future, to offer such services to a customer to the network.
Implementations described and claimed herein provide systems and methods for identification of connection areas in a telecommunications network. In one implementation, a customer set is obtained for a communications node in the telecommunications network. The customer set includes an existing connection type and a collection of network sites including the connection type is generated from the customer set. An overlay of customer sites without the conneciton type may be applied to the collection of network sites to generate an intersection of non-connected customer sites within the collection of network sites including the connection type. The intersection provides an indication of underserviced sites connection to the telecommunication network for potential network growth.
Improved methods for retrieval of content from CDNs is provided that includes a rendezvous controller that receives information of an identification of content being requested and an estimated location of a content requesting device. Based on this information, the rendezvous system identifies a server within a CDN from which the requested content may be retrieved. The selected server may be based on a repeatable hash function such that the likelihood that the content being requested is cached at the selected server. Steering requests to a server of the CDN which may have the content cached may reduce the number of servers within the CDN with the same cached content, particularly for the highest requested content. The rendezvous system may then return a corresponding domain name associated with the selected server and that can be subsequently submitted to a DNS for resolution to the IP address of the identified server.
Examples described herein relate to apparatuses and methods for managing communications within a supercluster or across superclusters, including a first supercluster having a plurality of first machines and a publish-subscribe (Pub-Sub) channel to which each of the plurality of first machines is subscribed. A second supercluster has a plurality of second machines and a bridge between the first supercluster and the second supercluster. A first machine is configured to receive, via the bridge, an availability status and resource allocation information of each second machine and publish, on the Pub-Sub channel of the first supercluster, the availability status and the resource allocation information.
A method on a device in a content delivery (CD) network (CDN) that distributes content on behalf of one or more subscribers. In response to receiving configuration information from a subscriber, the configuration information relating to at least one property of the subscriber, generating subscriber-specific platform configuration information for the at least one property. Storing the subscriber-specific platform configuration information in platform configuration storage. Invalidating prior platform configuration information associated with the particular subscriber. Responsive to a request from a CDN component for platform configuration information associated with the particular subscriber: obtaining the subscriber-specific platform configuration information from the platform configuration storage; and providing the subscriber-specific platform configuration information to the CDN component.
A server in a content delivery (CD) network that distributes content on behalf of one or more subscribers. Responsive to a request from a client for a particular resource, if the particular resource is already in a cache on the server, serving the particular to the client from the cache; otherwise if the particular resource is not already cached on the server, when a count value exceeds a first threshold value, obtaining, caching, and serving the particular resource. When the count value is less than a second threshold value, obtaining and serving the particular resource. When the count value is: (i) not less than the second threshold value, and (ii) not greater than the first threshold value, then obtaining the particular resource and selectively caching the particular resource; and serving the particular resource to the client.
A computer-implemented method on a device in a content delivery (CD) network. The device has hardware including storage with at least one first class of storage and at least one second class of storage, the first class of storage being faster than the second class of storage. A first portion of the first class of storage is allocated for log data, and a second portion of the second class of storage is allocated for log data. The method includes obtaining log event data from at least one component or service on the device that is to be delivered to a component or service on a distinct device. If a connection to an external location is lost, some of the log event data items are selectively stored in the storage based on priority of the log event data items.
A computer-implemented method, in a content delivery (CD) network. The method includes: receiving a request regarding a first hostname including at least one tag and an encoding of the at least one address; removing the tag and the encoding of the address to form a second hostname; resolving the second hostname to obtain a set of one or more addresses, wherein the set does not include the at least one address; and returning the address set. On a client, the method includes: making a request for resolution of a first hostname; receiving one or more addresses; attempting to connect to at least one of the addresses; generating a modified hostname including at least one tag and an encoding of the at least one address; and requesting resolution of the modified hostname.
A computer-implemented method in a content delivery network (CDN), wherein the CDN delivers content on behalf of at least one content provider. The CDN includes a rendezvous system that selects CDN servers for clients. In response to a request by a rendezvous mechanism in the rendezvous system, a first given function is evaluated. Based on the outcome of the evaluating, the rendezvous mechanism uses either a first table or a second table. The first table was generated by a first table generation mechanism for use by said rendezvous mechanism to select CDN servers for clients, and the second table was generated by a second table generation mechanism for use by the rendezvous mechanism to select CDN servers for clients.
A computer-implemented method, in a content delivery (CD) network that delivers content on behalf of multiple content providers. The method includes, at a server in the CDN, wherein the server is currently processing at least one other request in at least one other session: receiving a connection request from a client, the connection request being associated with a corresponding content request; determining whether handling the content request will cause the server to become overloaded; and, based on the determining in (B) and on information about the content request, conditionally (i) accepting the content request, and (ii) terminating or throttling at least one session on the server.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 15/173 - Communication entre processeurs utilisant un réseau d'interconnexion, p.ex. matriciel, de réarrangement, pyramidal, en étoile ou ramifié
A content delivery (CD) network delivers content on behalf of multiple content providers. A method includes determining that certain content is trending in a first geographic region during a first time period; and, based on the determining, causing the certain content to be prefetched by the CDN in a second geographic region by a given time after said first time period, wherein, during the first time period, the time in the second geographic region is earlier than the time in the first geographic region.
A computer-implemented method in a content delivery network (CDN), wherein the CDN delivers content on behalf of at least one content provider. The method includes: a first server: receiving a request from a client for particular content; determining at least one delivery server in the CDN; migrating the request to the at least one delivery server; and then providing the least one delivery server with first network traffic from the client. Then a second server, distinct from the first server, determines information about the least one delivery server; and then, based on the determining, provides the least one delivery server with second network traffic from the client.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 29/12 - Dispositions, appareils, circuits ou systèmes non couverts par un seul des groupes caractérisés par le terminal de données
43.
DYNAMIC BINDING AND LOAD DETERMINATION IN A CONTENT DELIVERY NETWORK (CDN)
A content provider has a plurality of content provider domain names, and a content delivery network (CDN) allocates a plurality of CDN domain names to the particular content provider. The content provider domain names are mapped to the CDN domain names. CDN domain names are bound to corresponding CDN clusters. The binding of the of CDN domain names to corresponding CDN clusters is modified.
H04L 12/24 - Dispositions pour la maintenance ou la gestion
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
Examples described herein relate to associating a first account with a second account, the first account being hosted by a first server, the second account being hosted by a second server, authenticating, by the first server, first login credentials associated with the first account, wherein the first login credentials are received from a user device, receiving, by the first server from the user device, second login credentials associated with the second account, sending, by the first server, the second login credentials to the second server for authentication, in response to determining that the second login credentials are authenticated by the second server, associating, by the first server, the first account with the second account, and connecting, by the first server to the second server, to allow the user device to access services commensurate with the second account without prompting the user device for the second login credentials.
Systems, methods, computer program products, and the like, for mapping requests for content received at a CDN to multiple mid-tier content servers. In an example, a method involves utilizing one or more hashing algorithms to map a URL associated with the mid-tier devices to one or more hostnames that may be utilized by the CDN to route requests for content to a particular mid-tier device when an edge device cannot service the request. In this manner, one content device of a particular metro receives requests for particular content and serves that content. By limiting the requests for particular content to a particular mid-tier device, storage may be more efficiently allocated across the mid-tier devices and content not replicated at multiple mid-tier devices.
Aspects of the present disclosure involve systems and methods for improving the performance of a telecommunications network by monitoring the performance of one or more storage drives. Operational data is received from a plurality of storage drives of a storage server of a telecommunications network. A plurality of operational coefficients for each of the plurality of storage drives is derived based on the operational data, and a cluster plot is created from the plurality of operational coefficients for each of the plurality of storage drives. A distance is calculated between a subset of operational coefficients of the plurality of operational coefficients of the cluster plot, and a remedial action is initiated on a storage drive of the plurality of storage drives when a calculated distance of an operational coefficient associated with the storage drive exceeds a distance value from a cluster of the cluster plot.
Methods and systems for storing and distributing content include executing storage rules against ingested content to determine in which of a plurality of storage systems to store the ingested content. A metadata collection that includes records corresponding to the stored content is maintained such that the content may be located by querying or otherwise searching the metadata collection. The metadata collection may be analyzed using various criteria to identify content to be migrated between different storage systems.
A system and corresponding method facilitate resolution of discontinuities in manifest files used in the distribution of stored content. Resolution of discontinuities includes identifying each of a discontinuity in a first manifest file and a corresponding entry in a second manifest file for the same or substantially similar content segment stored at a different location. A combined manifest file is then generated by inserting the entry of the second manifest file or otherwise inserting the location information of the second manifest file entry into the first manifest file. The systems and methods herein may be implemented at various locations within a system for providing content to a client device and may be implemented at various times in the process of generating or distributing content.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
49.
SYSTEM AND METHOD FOR NEXT HOP BGP ROUTING IN A NETWORK
Aspects of the present disclosure involve systems for providing multiple egress routes from a telecommunications network for a client of the network. In general, the system provides for a client of the network to receive intended packets of information through multiple connections to the network such that load balancing and failover services for traffic to the customer are provided. The process and system allows for telecommunications network to utilize a common next-hop value of announced border gateway protocol (BGP) routes to advertise multiple routes to reach a destination customer network or address. By utilizing a common next-hop value in the announced BGP information, the devices of the network may load balance communication packets to the destination customer or address among the multiple egress locations from the network, as well as providing fast failover to alternate routes when a failure at the network or customer occurs.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 12/701 - Routage ou recherche du chemin de transmission
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for detecting a spoofed source IP address on an incoming communication to any type of network, such as a telecommunications or content delivery network. Each interface to the network may include a classifier that defines or describes source IP addresses that are recognized by the interface as a valid source IP address. If a received communication packet includes a source IP address that is not included or defined by the interface classifier, the packet is considered as a possible spoofed IP address and one or more mitigation techniques may be applied to the incoming packet to prevent an attack on a device or network utilizing the spoofed packet. Such techniques may lessen or prevent an unauthorized access of the device or network or a DDOS attack on the network or device.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for providing a proxy server or scrubbing service for an authoritative domain name server (DNS) of a CDN to prevent or otherwise mitigate attacks on the server. The proxy server may receive incoming requests to the authoritative DNS and determine which requests are valid and which are potentially part of an attack on the network. In one embodiment, the proxy server may then "scrub" or otherwise remove the requests of the attack to mitigate the effect of the attack on the network. For example, the proxy server may ignore the request, may direct the request to a "dead-end" server or other device to prevent overloading of the target device, may instruct a device from which the request was sent to discard the request, etc.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
H04L 29/12 - Dispositions, appareils, circuits ou systèmes non couverts par un seul des groupes caractérisés par le terminal de données
H04L 12/879 - Opérations simples sur la mémoire-tampon, p.ex. pointeurs de mémoire-tampon ou descripteurs de mémoire-tampon
52.
OBJECT INTEGRITY VERIFICATION IN A CONTENT DELIVERY NETWORK (CDN)
A computer-implemented method, in a content delivery (CD) network, wherein said CD network delivers content on behalf of multiple content providers. The method includes, at a client, requesting one or more parts of a randomly generated test object; in response to said requesting, receiving one or more response objects; generating one or more portions of said randomly generated test object, and comparing the one or more response objects received to at least some of the one or more portions of the object generated. Based on said comparing, when said one or more response objects received do not match said at least some of the one or more portions of the object generated, reporting and logging an error.
A computer-implemented method, in a content delivery (CD) network, wherein the CD network delivers content on behalf of multiple content providers. The method includes, at an edge server in the CD network: receiving, from a client, uploaded content for a particular content provider; and determining that the particular content provider is a subscriber to the CD network. Based on the determining, when the particular content provider is determined to be a subscriber to the CD network, uploading the content from the edge server to multiple origin server platforms (OSPs), the uploading being based on at least one policy associated with the particular content provider.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
54.
CROSS-CLUSTER DIRECT SERVER RETURN IN A CONTENT DELIVERY NETWORK (CDN)
A computer-implemented method, operable on a device in a content delivery network (CDN), wherein the CDN delivers content on behalf of at least one content provider, the device implementing a content delivery (CD) service, the method includes receiving a request from a client for particular content; determining a second device in said CDN, said first device being in a first cluster and said second device being in a second cluster distinct from said first cluster; migrating said request to said second device; and then providing said second device with network traffic from said client.
A computer-implemented method, in a content delivery (CD) network, wherein the CD network delivers content on behalf of multiple content providers. At a server in the CD network, wherein the serving is processing multiple requests from a plurality of distinct clients, and based on utilization of at least one capacity of the server, degrading processing of a first at least some of the requests. The server may continue to accept incoming requests while degrading processing of some requests. While processing of any requests is degraded, at least some new incoming requests may also be degraded. Based on the utilization of the at least one capacity of the server, a request may be un-degraded.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 15/173 - Communication entre processeurs utilisant un réseau d'interconnexion, p.ex. matriciel, de réarrangement, pyramidal, en étoile ou ramifié
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for providing services to customers or other users of a telecommunications network through implementation of one or more micro-services instantiated on the network. Through the micro-services, one or more of the processes or functions used to provide the services from the network may be separately located logically within the network, thereby divorcing such processes from dedicated service components of the network. The breaking apart of the processes to be instantiated within the network on a generic computing device of the network, otherwise known as "micro-services", allows the telecommunications to adjust or scale the available services in response to operating conditions of the network.
A computer-implemented method determines which content providers are under denial of service (DoS) attack in a content delivery network (CDN). The system maintains a mapping having, for each content provider, a corresponding set of cluster/virtual IP address (VIP) pairs, wherein the set of cluster/ VIP pairs is unique or nearly unique for each content provider, and wherein client requests for content from a particular content provider are directed to one or more VIPs in the set of cluster/VIP pairs associated with that particular content provider. The mapping is used to determine a set of one or more possible attack candidates when the system is under DoS attack. The system attempts to mitigate the DoS attacks on the possible attack candidates.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for collaboration conferencing with multiple participants over a communications network, and more specifically for utilizing a received Automatic Number Identification (ANI) value to validate an identification of a user of the collaboration system. In general, the ANI is a value associated with a telephone call or other communication of a telecommunications network that identifies the originating telephone number. For example, a telephone call placed from a communication device (such as a telephone at a person's home) may include the telephone number associated with the communication device, such as the ten-digit telephone number of the device. The ANI value may be obtained by one or more networking devices to determine the originating device or number of the communication.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for utilizing a CIC value field in signaling information of a communication to provide an identification of the ingress network to an egress or receiving network of a long distance telecommunications network. The system and method provides for the provisioning of a signaling CIC for an ingress trunkgroup or network to a telecommunications network for downstream signaling purposes by overriding a received CIC value with a provisioned CIC value specific to the ingress network. This provisioned CIC value identifies the ingress network to the long distance network to the egress network for use by the egress network.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 12/701 - Routage ou recherche du chemin de transmission
H04L 12/901 - Sélection du point d’entrée par le point d’extrémité source, p.ex. fournisseur d’accès à l’Internet [ISP] ou sélection du point d'accès [POP]
60.
DISTRIBUTED CALCULATION OF CUSTOMER BANDWIDTH UTILIZATION MODELS
In embodiments, methods and apparatus are disclosed for predicting bandwidth utilization for a customer of a connectivity service provider. A model that predicts bandwidth utilization is trained in a distributed manner at the network interface devices which connect customer networks to a connectivity service provider network, rather than in a centralized manner at a data center within the service provider network. The network interface devices leverage the storage of an aggregation server and the structure of bandwidth utilization trends to reduce the resources required to calculate the models. The distributed methodology allows for improved scalability in training bandwidth utilization models for all of the customers of the connectivity service provider. Relying on the periodicity of the bandwidth utilization, the method further includes predicting, using the trained model, future bandwidth utilization over time, and the identification and flagging of potential network faults when bandwidth utilization fails to meet expectations.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for controlling a congestion window (CWND) value of a communication session of a CDN. In particular, a content server may analyze a request to determine or receive an indication of the type of content being requested. The content server may then set the initial CWND based on the type of content being requested. For example, the content server may set a relatively high CWND value for requested content that is not particularly large, such as image files or text, so that the data of the content is received at the client device quickly. For larger files or files that a have a determined smaller urgency, the initial CWND may be set at a lower value to ensure that providing the data of the content does not congest the link between the devices.
Provided is a content delivery method and architecture for ways to improve the caching of content at one or more content providing devices of a Content Delivery Network (CDN). In particular, systems and methods are disclosed that vary the requirements to store resources or content within a caching device using a dynamic popularity threshold. This popularity threshold may be varied based on a measured fullness of the storage capacity of the cache device. In another example, the dynamic popularity threshold may be further varied based on a cache pressure, which is an indication of how often the cache replaces stored items with new items. The adjustment to the popularity threshold for caching particular content at the caching device may thus be based on a number of requests for content received at the device to tune the caching procedure for a particular region of the CDN.
G06F 12/0888 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p.ex. mémoires cache utilisant la mémorisation cache sélective, p.ex. la purge du cache
G06F 12/0802 - Adressage d’un niveau de mémoire dans lequel l’accès aux données ou aux blocs de données désirés nécessite des moyens d’adressage associatif, p.ex. mémoires cache
G06F 12/0806 - Systèmes de mémoire cache multi-utilisateurs, multiprocesseurs ou multitraitement
Provided is a content delivery method and architecture for delivering content from a node in a content delivery network (CDN) using an anycast address to direct a requesting device to access a content manifest. The manifest server of the CDN may select the provided manifest based on information received from the requesting device and/or any other network information, may alter attributes of the manifest itself, or direct the requesting device to a different device or manifest server of the CDN to obtain the manifest. The selection of the manifest, alteration of the manifest, or new location to obtain the manifest causes the connection for content to occur at one or more servers accessible through a unicast address, rather than an anycast address.
A computer-implemented method, operable on a device in a content delivery network (CDN), wherein the CDN delivers content on behalf of at least one content provider, the device implementing a content delivery (CD) service, the method includes, by the service on the device: receiving a request for a particular resource from a client; determining whether the client includes an optimization support mechanism;, when the client includes an optimization support mechanism, providing the client with a first version of the particular resource, optimized, at least in part, for the capabilities of the client in combination with the optimization support mechanism; otherwise providing the client with either (i) an un-optimized version of the particular resource, or (ii) a version of the particular resource optimized, at least in part, for the capabilities of the client without the capabilities of the optimization support mechanism.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
Aspects of the present disclosure involve systems and methods computing devices to access a public network posing as a user to the network to detect one or more malware programs available for downloading through the network. More particularly, a malware detection control system utilizes a browser executed on a computing device to access a public network, such as the Internet. Through the browser, sites or nodes of the public network are accessed by the control system with the interactions with the sites of the public network designed to mimic or approximate a human user of the browser. More particularly, the control system may apply the one or more personality profiles to the browser of the computing device to access and interact with the nodes of the public network. Further, the control system may monitor the information retrieved from the network sites to detect the presence of malware within the nodes.
Aspects of the present disclosure involve methods and systems for mapping network service paths between endpoint devices of a network. An aggregate network traffic database is used to store network traffic data retrieved from network devices of a network. A network service mapper then queries the database using endpoint device identifiers corresponding to endpoint devices to determine which network devices interacted with the endpoint devices during provisioning of previous network service instances. The set of network devices is then compared and analyzed to determine one or more network service paths between a pair of endpoint devices. In certain implementations, network architecture rules and/or network device configuration data is also analyzed to determine an order of the network devices along the one or more network service paths.
H04L 12/723 - Routage par labels ou étiquettes, p.ex. commutation d’étiquettes multi-protocoles [MPLS] ou commutation d’étiquettes multiprotocoles généralisée [GMPLS]
H04L 12/721 - Procédures de routage, p.ex. routage par le chemin le plus court, routage par la source, routage à état de lien ou routage par vecteur de distance
H04L 12/851 - Actions liées au type de trafic, p.ex. qualité de service ou priorité
H04L 12/725 - Sélection d’un chemin de qualité de service [QoS] adéquate
H04L 12/801 - Commande de flux ou commande de congestion
H04L 12/26 - Dispositions de surveillance; Dispositions de test
A dynamic provisioning system includes a computer-executed portal that controls a router to, when a request message is received over a broadcast virtual local area network (VLAN), control the router to establish a dedicated VLAN between the customer communication device and the portal over a dedicated VLAN. The dedicated connection directing communication traffic from the customer computing device to the portal while inhibiting other communication traffic from the customer computing device. The portal also generates a user interface at the customer computing device using the dedicated connection in which the user interface to receive unique identifying information from the customer computing device. The portal also authenticates the customer computing device using the unique identifying information such that, when the customer computing device has been authenticated, receives selection of a communication service from the customer computing device, and establishes the selected communication service for the customer computing device.
H04L 12/22 - Dispositions pour interdire la prise de données sans autorisation dans un canal de transmission de données
H04W 74/00 - Accès au canal sans fil, p.ex. accès planifié, accès aléatoire
H04L 12/911 - Contrôle d’admission au réseau et allocation de ressources, p.ex. allocation de bande passante ou renégociation en cours de communication
68.
VISUALIZING PREDICTED CUSTOMER BANDWIDTH UTILIZATION BASED ON UTILIZATION HISTORY
A method for providing a predicting bandwidth utilization for a customer of a connectivity service provider is disclosed. The method includes receiving bandwidth utilization data over time for a customer of a connectivity service provider. The method further includes training a machine learning model for the bandwidth utilization data during a time period based on the received data. In an embodiment, training the machine learning model includes determining a value for a parameter. The bandwidth utilization may be substantially periodic over the time period. Relying on the periodicity of the bandwidth utilization, the method further includes predicting, using the trained model, future bandwidth utilization over time.
H04J 3/16 - Systèmes multiplex à division de temps dans lesquels le temps attribué à chacun des canaux au cours d'un cycle de transmission est variable, p.ex. pour tenir compte de la complexité variable des signaux, pour adapter le nombre de canaux transmis
H04J 3/22 - Systèmes multiplex à division de temps dans lesquels les sources ont des débits ou des codes différents
69.
SYSTEM AND METHOD FOR VOICE SECURITY IN A TELECOMMUNICATIONS NETWORK
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for identifying and mitigating attacks on a voice component of a telecommunications network. In general, the process includes obtaining Layer 3 through Layer 7 transmission information from one or more edge devices to the telecommunications network. In one particular embodiment, a plurality of edge devices (also referred to herein as "session border controllers" or SBCs) is included in the telecommunications network in disparate geographical locations. Each SBC may provide Layer 3 through Layer 7 transmission information for each packet or communication transmitted through the SBC to a local database, which in turn may provide the information to a Central Analysis System or database. In one particular embodiment, the Layer 3 through Layer 7information includes Session Initiation Protocol routing information for the communications sent to each of the SBCs of the network.
H04W 80/10 - Protocoles de couche supérieure adaptés à la gestion de sessions, p.ex. protocole d'initiation de session [SIP Session Initiation Protocol]
H04L 29/02 - Commande de la communication; Traitement de la communication
H04L 9/32 - Dispositions pour les communications secrètes ou protégées; Protocoles réseaux de sécurité comprenant des moyens pour vérifier l'identité ou l'autorisation d'un utilisateur du système
70.
CONCURRENT COLLABORATION CONFERENCE PORT MANAGEMENT
Aspects of the present disclosure involve systems and methods for a collaboration conferencing system to track a total number of concurrently utilized ports across any number of conferencing bridges of the network for a particular customer and one or more billing actions may occur based on this tracking. This may result in an alternate billing option for the customer's use of the system. Further, a telecommunications network administrator may provide access to the collaboration conferencing system based on a total number of concurrently utilized ports rather than on a per conference or per minute basis. With the information of the number of purchased ports by the customer, the administrator may more accurately predict an available capacity for the collaboration conferencing system needed to support all of the users of the system and the potential collaboration conferences.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
71.
SYSTEMS AND METHODS FOR PREVENTING DENIAL OF SERVICE ATTACKS UTILIZING A PROXY SERVER
Aspects of the present disclosure involve systems, methods, and computer program products for utilizing an access log of a proxy server device of a content delivery network (CDN) to detect and mitigate a denial of service (DOS) on a web or content server hosted by the CDN. Through an analysis of the content requests received at the proxy server listed in the access logs, one or more IP addresses may be identified as involved in a potential DOS attack or other suspicious behavior. Once identified, the suspicious activities of the one or more IP addresses may be tracked and aggregated over a particular period of time, with each detected suspicious request to the content server being counted. The count of suspicious requests to the content server may then be compared to one or more threshold values and a remediation action may occur when the thresholds are met or exceeded.
G06F 21/56 - Détection ou gestion de programmes malveillants, p.ex. dispositions anti-virus
G06F 21/50 - Contrôle des usagers, programmes ou dispositifs de préservation de l’intégrité des plates-formes, p.ex. des processeurs, des micrologiciels ou des systèmes d’exploitation
G06F 21/55 - Détection d’intrusion locale ou mise en œuvre de contre-mesures
G06F 21/62 - Protection de l’accès à des données via une plate-forme, p.ex. par clés ou règles de contrôle de l’accès
72.
SYSTEMS AND METHODS FOR STAGING CUSTOMER PREMISE EQUIPMENT OF A TELECOMMUNICATIONS NETWORK
An order for telecommunications services is received comprising order parameters including a CPE device configuration request for a customer network. A warehouse is selected as a staging location based upon the order parameters, available inventory of the CPE device, and shipping information from the warehouse to the customer network. A bay of a rack at the staging location is selected to stage a CPE device that matches the specifications of the CPE device configuration request. The CPE device is validated by verifying hardware of the CPE device and whether the CPE device is loaded with certain predetermined software. A configuration is executed to the CPE device to provide the telecommunication services according to the order parameters. The configuration is saved and the CPE device is prepared for installation at a customer location. The CPE device may be shipped to the customer network using the order parameters and shipping information.
A route selection system includes a hub controller in communication with multiple network hubs of a first network domain in which each of the hubs are in communication with a corresponding multiple routers of a second network domain. The hub controller is executed to obtain at least one performance measurement associated with a route terminating at the network hub, generate a border gateway protocol (BGP) advertisement with a preference value that is proportional to the received performance measurement, and transmit the generated advertisement to the network hub, the network hub forwarding the advertisement to the router configured in the other network domain. Upon receipt of the advertisements, the second network domain selects one of the routers for processing the route through the second network domain according to the performance measurement included in the advertisement.
H04L 12/24 - Dispositions pour la maintenance ou la gestion
H04L 12/26 - Dispositions de surveillance; Dispositions de test
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 12/707 - Prévention ou récupération du défaut de routage, p.ex. reroutage, redondance de route "virtual router redundancy protocol" [VRRP] ou "hot standby router protocol" [HSRP] par redondance des chemins d’accès
H04L 12/721 - Procédures de routage, p.ex. routage par le chemin le plus court, routage par la source, routage à état de lien ou routage par vecteur de distance
74.
INTERNET PROTOCOL ENDPOINTS DATATBASE IN A TELECOMMUNICATIONS NETWORK
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for providing a directory or database of IP endpoints associated with users of a telecommunications network. The IP endpoints directory may be accessed by users or other networks to determine or obtain destinations within the network or accessible through the network that are associated with users or participants of the network. Through the database, networks and users may determine one or more endpoints for communications intended for a particular user. The results from the IP endpoint database may be then utilized to route communications along one or more routes through the network based on the information stored in the database.
A computer-implemented method in a content delivery network (CDN) having multiple delivery servers. The CDN delivers content on behalf of at least one content provider. Distinct delivery servers are logically grouped into delivery server groups. One or more CDN name servers are associated with some of the delivery server groups. Network map data are determined using network data determined by the CDN name servers associated with at least some of the deliver server groups. The network data with respect to a CDN name server relative to a resolver is based on an estimated popularity of that CDN name server for that resolver. Responsive to a client request, including a hostname associated with a content provider, at least one CDN name server determines, using network map data, at least one delivery server to process the client request.
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 12/741 - Traitement de l'adressage d’en-tête pour le routage, p.ex. table de correspondance
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
76.
MONITORING NETWORK TRAFFIC TO DETERMINE SIMILAR CONTENT
In an embodiment, a method monitors a plurality of data streams passing through a router in the connectivity service provider environment, and for each of the data streams, periodically samples packets at the router. The method further generates a stream signature based at least on the payload of the sampled packets. The method further includes, for each generated stream signature, attaching information to the stream signature. Such information may, for example, include time-stamp information for the stream signature, or an identification of the router. The method may further comprise storing the stream signatures corresponding to the data streams in a database. The stored stream signatures may be compared to determine matching stream signatures. Matching signatures may identify data streams that carry identical or similar content.
G01R 31/08 - Localisation de défauts dans les câbles, les lignes de transmission ou les réseaux
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 17/30 - Recherche documentaire; Structures de bases de données à cet effet
H04L 12/26 - Dispositions de surveillance; Dispositions de test
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
77.
USER-BASED DIFFERENTIATED ROUTING SYSTEM AND METHOD
A differentiated routing system includes an electronic service in communication with an ingress gateway that receives a communication service, such as a call from a terminal, over a trunk. The service receives a request from the ingress gateway for establishing a communication service for the calling party terminal. The service obtains information associated with the calling party terminal, which may be based on the trunk and its relationship to a customer, in which the information is to be used for applying at least one of a routing decision and policy decision to the communication service, and appends a tag to the request based on the information. The service may then transmit the request appended with the information to a routing device, which may then use the information when providing the service.
H04L 12/707 - Prévention ou récupération du défaut de routage, p.ex. reroutage, redondance de route "virtual router redundancy protocol" [VRRP] ou "hot standby router protocol" [HSRP] par redondance des chemins d’accès
H04L 12/715 - Routage hiérarchique, p.ex. réseaux en grappe ou routage inter-domaine
H04L 12/725 - Sélection d’un chemin de qualité de service [QoS] adéquate
H04W 40/02 - Sélection d'itinéraire ou de voie de communication, p.ex. routage basé sur l'énergie disponible ou le chemin le plus court
H04W 40/22 - Sélection d'itinéraire ou de voie de communication, p.ex. routage basé sur l'énergie disponible ou le chemin le plus court utilisant la retransmission sélective en vue d'atteindre une station émettrice-réceptrice de base [BTS Base Transceiver Station] ou un point d'accès
78.
PREDICTIVE FRAUD PREVENTION FOR COLLABORATION CONFERENCING SYSTEMS
Aspects of the present disclosure involve systems and methods for detecting a potentially fraudulent access of a collaboration conferencing system on a telecommunications network and executing a corrective action in response to the detected access attempt. In some instances, the corrective action includes denying access to the collaboration system when the fraudulent access attempt occurs. In other instances, the corrective action includes providing a warning to the caller, rerouting the communication to another system within the network, or reporting and storing of the fraudulent attempt. To detect the possible fraudulent access attempt, a device may detect more than one fraudulent access attempt to the collaboration conferencing system and determine a pattern. With the pattern of attempts known, the system accesses a database to determine if a valid account is likely to be accessed by the fraudulent attempts and takes actions to prevent access to the valid account.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for managing the distribution of content and/or communications from a telecommunications or computer network to an end user of the network. In general, the system receives a request for content from a user of the network and analyzes the request to determine an estimated geographic region and/or an access network associated with the requesting device. Based on the determined geographic region or access network, a networking device returns a specific anycast IP address from which the content may be received. In this manner, the content providing network may utilize multiple anycast IP addresses within the network to provide content to one or more end users of the network. The specific anycast IP address is provided to an end user device to obtain the requested content.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 15/173 - Communication entre processeurs utilisant un réseau d'interconnexion, p.ex. matriciel, de réarrangement, pyramidal, en étoile ou ramifié
A content delivery (CD) service in a CDN maintains property invalidation information on said CD service including, for each property, a list of one or more group invalidation commands. New group invalidation commands are added by selectively merging one or more invalidation commands to form a merged invalidation command and inserting the merged invalidation command into said list, wherein the merging is based on a length of common prefix of elements in said list. A per property common prefix list is maintained for invalidation commands in each property list.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 15/167 - Communication entre processeurs utilisant une mémoire commune, p.ex. boîte aux lettres électronique
G06F 15/173 - Communication entre processeurs utilisant un réseau d'interconnexion, p.ex. matriciel, de réarrangement, pyramidal, en étoile ou ramifié
G06F 13/00 - Interconnexion ou transfert d'information ou d'autres signaux entre mémoires, dispositifs d'entrée/sortie ou unités de traitement
G06F 13/28 - Gestion de demandes d'interconnexion ou de transfert pour l'accès au bus d'entrée/sortie utilisant le transfert par rafale, p.ex. acces direct à la mémoire, vol de cycle
81.
SYSTEMS AND METHODS FOR DYNAMICALLY CONNECTING NETWORK ELEMENTS TO ENABLE A SERVICE
Apparatuses and methods are disclosed for managing network connections. A computing device accesses a request to provision a network connection associated with a first device. The request includes a plurality of connection parameters defining desired specifications for a network connection from the first device to a second device. The connection parameters are validated against information from a database and other predetermined rules. A network connection path is generated to connect the first device with the second device. The network connection path is generated by selecting network elements for the network connection that satisfy the connection parameters. Configuration information for the network elements of the network connection path is aggregated for a configuration system. The configuration information is used to provision the network connection.
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 12/24 - Dispositions pour la maintenance ou la gestion
A data network analysis system includes a computer-executable set of instructions that obtain service account information associated with a route provided to a customer through a data communication network having network elements. Using the service account information, the instructions identify a termination port that terminates the route to a customer premises equipment of the customer, and at least one target port of the route and those network elements that are assigned to convey the route through one or more of the network elements. The instructions then obtain the routing information for the route from each of the network elements that are assigned to convey the route.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for providing multiple egress points from a telecommunications network for a client of the network. In particular, the process and system allows for multiple provider edges of the network to utilize a route reflector server to provide a border gateway protocol (BGP) route to other provider edges in the network. Further, the multiple provider edges may each announce similar interior gateway protocol (IGP) routes through the network such that a provider edge receiving a packet intended for the customer network may select from the multiple IGP routes to provide the intended packet to the customer network. In this manner, the receiving provider edge may load balance among the various connections of the customer network to the telecommunications network.
Systems and methods for receiving information on network firewall policy configurations are disclosed. Based on the received firewall configuration information, a configuration of a firewall and/or subnet of network devices is automatically provisioned and/or configured to control network traffic to and from the subnet.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
H04L 29/08 - Procédure de commande de la transmission, p.ex. procédure de commande du niveau de la liaison
85.
SYSTEMS AND METHODS FOR CONTENT SERVER RENDEZVOUS IN A DUAL STACK PROTOCOL NETWORK
Implementations described and claimed herein provide systems and methods for serving content over a network. In one implementation, a method of serving content is provided. The method includes maintaining a first address record associated with serving a resource and a second address record associated with serving the same resource. The first address record is further associated with a first protocol for a first device capable of serving the resource. Similarly, the second address record is associated with a second protocol, different from the first protocol, for a second device, distinct from the first device, capable of serving the resource. The method further includes providing, in response to at least one resolution request for the resource, the first address record and the second address record.
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 29/12 - Dispositions, appareils, circuits ou systèmes non couverts par un seul des groupes caractérisés par le terminal de données
Aspects of the present disclosure include a content delivery network (CDN) for delivering content associated with a plurality of different types of applications/devices. Using a CDN flow application, a plurality of network flow parameters are generated for content delivery unique to different types of applications or devices. The network flow parameters include customized data transmission rates. The network flow parameters include predetermined settings for transmission control protocol (TCP) connections between the CDN and devices using a TCP flow control mechanism. Upon receiving a content request, the CDN fulfills the content request based upon first network flow parameters. The network flow parameters may be adjusted for each of the plurality of different types of applications/devices. The network flow parameters may be generated based upon requests or based upon the performance of each of the plurality of applications/devices.
G06F 15/16 - Associations de plusieurs calculateurs numériques comportant chacun au moins une unité arithmétique, une unité programme et un registre, p.ex. pour le traitement simultané de plusieurs programmes
87.
SYSTEMS AND METHODS FOR SYSTEM CONFIGURATION FOR COMMUNICATION NETWORK DEVICES
Aspects of the present disclosure describe systems and methods for automatically configuring, managing, updating, and/or monitoring the configuration of various computing devices and/or network devices within a communications network, such as a telecommunications network. Basic input/output setting configurations for a network devices and/or cluster of network devices may be extracted from a template. Subsequently, a module may be identified and executed to configure the cluster based on configuration parameters defined within the template.
According to one embodiment of the present disclosure, a virtualized communication device dynamic provisioning system includes a computer-based set of instructions that are executed to generate a user interface for receiving selection of one or more virtualized communication devices. The instructions may then receive provisioning information associated with the selected virtualized communication devices from the user interface, and provision the virtualized communication devices in accordance with the received provisioning information to prepare and equip the virtualized communication devices according to the financial transaction.
Systems and methods for automatically provisioning honeynets are disclosed. The honeynets continuously gather and capture unauthorized network traffic and/or other information being transmitted, processed, accessed, and/or executed within the honeynet network that is indicative of a network threat or attack by unauthorized users.
Systems and methods are provided for configuring a Network Element (NE) to transport data within a network. A system configured accordingly may include a Transport Automation Tool (TAT) which can initiate, at a server on a network, a communication channel with a NE on the network. The TAT can determine or receive a network plan providing information about a circuit to be initiated or decommissioned on the network. The network plan may include a first port on the NE which is to be connected via a cross-connect (or disconnected) to a second port on the NE. The TAT can then establish or remove, using the communication channel, the cross-connect on the NE such that the NE is added to or removed from a circuit design utilizing the NE as a transport NE within the circuit.
H04L 12/24 - Dispositions pour la maintenance ou la gestion
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
91.
COMMUNICATION NODE UPGRADE SYSTEM AND METHOD FOR A COMMUNICATION NETWORK
According to one embodiment of the present disclosure, a communication node upgrade system includes a computer-based set of instructions that are executed to identify an existing virtual machine (VM) to be upgraded, obtain upgraded software for the existing VM, create a new VM in a virtualized computing environment using the upgraded software, and copy configuration information from the existing VM to the new VM. Thereafter, the operation of the existing VM may be replaced with the new VM in the communication network. The existing VM comprising at least one communication node that provides one or more communication services for a communication network in which the existing VM is executed in a virtualized computing environment, and the configuration information includes information associated with configuration of the existing VM to provide the communication services by the existing VM.
G06F 21/00 - Dispositions de sécurité pour protéger les calculateurs, leurs composants, les programmes ou les données contre une activité non autorisée
Aspects of the present disclosure include an activation, consolidation, and transformation system (ACT) for a telecommunications network. A request is received to provision one or more devices in a network and includes a key and key value. The request is routed to a data source associated with the key or key value of the request. Data is queried from the data source and validated by the ACT. At least one template is identified from a plurality of digital templates based upon attributes of the data that is applied to the at least one template and the template transforms the data to an output. The output comprises instructions for configuring a device for a telecommunications service based on the request.
Aspects of the present disclosure involve systems and methods for providing routing of a communication received at a telecommunications network based on a unique identifier. In particular, a telecommunications network may route one or more communications based on a dynamically updated trunk group identifier associated with an egress user. Thus, in addition to routing the communication based on a telephone number or Internet Protocol (IP) address associated with a user, the network may also route the communication based upon a dynamically updated trunk group identifier included in an updated routing function of the network.
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for determining an estimated capacity for providing data from a telecommunications network to a plurality of end users. In one implementation, the estimated capacity for delivering the data to the end users is per transmission path or per access network connected to the telecommunications network. This information may be aggregated into a traffic flow table that illustrates the traffic flow and available capacity to one or more end user networks. Through analysis of the traffic flow table, the system determines an estimated available capacity to provide the data to the end users. The traffic flow table thus provides a more accurate estimate of the capacity of the telecommunications network to provide the data to the end users over previous capacity estimates.
H04L 1/00 - Dispositions pour détecter ou empêcher les erreurs dans l'information reçue
H04L 12/24 - Dispositions pour la maintenance ou la gestion
H04L 12/28 - Réseaux de données à commutation caractérisés par la configuration des liaisons, p.ex. réseaux locaux [LAN Local Area Networks] ou réseaux étendus [WAN Wide Area Networks]
H04L 29/06 - Commande de la communication; Traitement de la communication caractérisés par un protocole
95.
AUTOMATIC CUSTOMER BANDWIDTH UTILIZATION ANALYSIS FOR PROMOTING DYNAMIC CAPACITY
A network customer may support a plurality of network connectivity services (such as an E-line). A network connectivity service may experience spikes of traffic, and therefore, spikes of bandwidth usage. Dynamic capacity allows a network connectivity service to increase its available bandwidth during such traffic spikes. A computer-implemented method is disclosed that facilitates identifying network customers that might be interested in purchasing dynamic capacity. The method comprises collecting bandwidth utilization data of network connectivity services supported by each network customer, and identifying those connectivity services that exhibit patterns (e.g., cogent peaks) in their utilization data indicating the network connectivity service is a candidate for dynamic capacity. A trained pattern recognition algorithm is applied on collected utilization data of all network connectivity services and identifies those connectivity services that match the patterns, within a range of tolerance, in their utilization.
Aspects of the present disclosure involve systems, methods, computer program products for consolidating toll-free features of two or more telecommunications networks. In one implementation, the network services may be consolidated through utilization of an Enhanced Feature Server (EFS) or other type of application server deployed in a telecommunications network. The EFS may be configured to receive a toll-free communication and route the communication based on the dialed toll-free number and a carrier identification code (CIC) associated with the communication. Routing the communication based at least on the CIC associated with the communication allows the telecommunications network to consolidate (and ultimately remove) a redundant network or network components from the telecommunications network to improve the operation of the network. In circumstances where a CIC is not associated with a communication, the EFS may associate a CIC with the communication for routing.
H04M 7/14 - Dispositions d'interconnexion entre centres de commutation dans des systèmes comprenant des centres de commutation principaux et subordonnés
H04M 15/08 - Dispositions de comptage, de contrôle de durée ou d'indication de durée pour compter les appels de demandés
H04M 15/14 - Dispositions de comptage, de contrôle de durée ou d'indication de durée pour compter les appels à partir des demandeurs pour discrimination de comptage selon la catégorie du demandeur
A telecommunications network includes a network service computing device and a host routing device. The host routing device includes a switch. The host routing device is coupled with a remote network and a PSTN. The remote network is coupled to a plurality of communication devices. The network service computing device is in communication with a database. The database includes a plurality of tags associated with VoIP lines. The tags identify the physical location where a plurality of VoIP lines are being operated. The tags determine routing and billing of calls made from each of the VoIP lines. Using a tag as a main routing identifier, instead of just an actual phone number, increases the probability that calls made from the VoIP line are properly routed and correctly billed through the telecommunications network.
H04W 80/04 - Protocoles de couche réseau, p.ex. protocole Internet mobile [IP Internet Protocol]
H04L 12/701 - Routage ou recherche du chemin de transmission
H04N 21/4788 - Services additionnels, p.ex. affichage de l'identification d'un appelant téléphonique ou application d'achat communication avec d'autres utilisateurs, p.ex. discussion en ligne
98.
METHOD AND SYSTEM FOR GENERATING ROUTING TABLES FROM LINK SPECIFIC EVENTS
Aspects of the present disclosure involve systems, methods, computer program products, and the like, for managing routes through a telecommunications network in response to a change of state of a link between components of the network. In particular, a router may determine the nature of the link event and the link upon which the event occurred. If the link event is on the same link or in some way related to a previously detected link event, the component may ignore the occurrence of the received link event in determining when the shortest route path is calculated. In this manner, a toggling link may be ignored by the router when applying a dampening effect to the calculation of the shortest route such that the network can respond to a singular link event faster than when a traditional dampening effect with exponential back-off is applied.
Implementations described and claimed herein provide systems and methods systems and methods for managing network health, including optimizing a network. In one implementation, an alarm list for a subnetwork of a telecommunucations network is obtained. The alarm list has alarm data captured from a plurality of network elements forming the subnetwork. Network data associated with a subset of the network elements is captured by traversing a circuit path in the subnetwork from a source to a destination. The subset of network elements disposed is along the circuit path. The alarm list is correlated with the network data to identify a related network issue. A root cause of the related network issue is determined. One or more recommendations for resolving the root cause of the related network issue are generated, and at least one of the recommendations is deployed in the subnetwork.
Implementations described and claimed herein provide systems and methods systems and methods for managing network health, including alarm reduction in a subnetwork. In one implementation, an alarm list is received. The alarm list has alarm data captured from a plurality of remote nodes and consolidated at an aggregator node. A first alarm corresponding to an optical interface deployed in a circuit of a telecommunications subnetwork is identified from the alarm list. A topology associated with the optical interface is discovered by traversing a path of the circuit. An interface list is generated based on the topology. One or more alarms related to a root cause of the first alarm are identified based on a comparison of the interface list to the alarm list. The related alarms are correlated to the first alarm for concurrent resolution.