Vadim Eydelman

Bio: Vadim Eydelman is an academic researcher from Microsoft. The author has contributed to research in topics: Server & Server farm. The author has an hindex of 16, co-authored 39 publications receiving 966 citations.

Distributable, scalable, pluggable conferencing architecture

Abstract: Architecture for a scalable, pluggable multi-party, and distributed multimedia conferencing. A centralized policy and control conferencing component allows the seamless plug-in of different distributed media components (e.g., data, audio/video, messaging) to accommodate client participation in a conference session. The centralized conference control component includes the following: a conference notification service for accepting subscriptions to the conference state and notifying subscribers about changes to that state; a conference policy and roster control service for storing and manipulating conference policy and rosters; a security service for user authorization/authentication based on user identity information; a scheduling service for conference scheduling; an allocation service for allocating the most available media component(s) for a conference session; and, an MCU management service for conference policy and roster management of the distributed media components.

Adaptive flow control protocol

Abstract: A method and system for directing data transfers between applications and devices residing on different computers or devices using an adaptive flow control protocol has been described. When an application or device requests to transfer data with another application or device, adaptive flow control protocol adapts the way data is transferred by observing when an application that is receiving data posts a receive buffer and detects the receive buffer's size. Based upon the application's or device's behavior, the adaptive flow control protocol transfers the data in a mode that is best suited for the application.

Signing and validating session initiation protocol routing headers

Abstract: A method, computer readable medium having computer executable instructions, and a computer readable medium having stored thereon a data structure for signing and validating Session Initiation Protocol ("SIP") routing headers are disclosed. A SIP node may receive a SIP request including a message header. A signature based upon at least a portion of the message header and a SIP node header entry may be generated. The signature may then be inserted into the SIP node header entry.

Server load balancing and draining in enhanced communication systems

Abstract: Resilient load balancing servers in an enhanced communication system is provided mitigating server failures or scheduled shutdowns. A repeatable but virtually random sequence of servers is generated for a given pool of homogeneous servers based on a user identifier in a request message. If a request cannot be routed to a first choice server, for any reason, then subsequent servers in the sequence are selected. A communication protocol within the system is adapted to permit an individual server to indicate that it cannot accept new requests. Following the indication from the server, traffic associated with existing dialogs is allowed to continue to be processed by the server, but new dialogs are directed to other servers.

Systems and methods for uniquely and persistently identifying networks

Abstract: A service is disclosed that discovers information about the logical networks to which a computer is connected and provides that information to applications. The information is keyed to names constructed by the service. There is a mapping between the names and the logical networks. Applications may rely on the names when selecting a configuration to use with a given logical network. The network name may be correlated with other information, such as physical network interface(s) on the computer through which the logical network is accessible, application programming interfaces of the transport protocols supported by the logical network, and the connectivity type of the logical network. Applications are notified when network information provided to them changes or when new information becomes available.

Secure data parser method and system

Abstract: A secure data parser is provided that may be integrated into any suitable system for securely storing and communicating data. The secure data parser parses data and then splits the data into multiple portions that are stored or communicated distinctly. Encryption of the original data, the portions of data, or both may be employed for additional security. The secure data parser may be used to protect data in motion by splitting original data into portions of data, that may be communicated using multiple communications paths.

Runtime adaptable search processor

Abstract: A runtime adaptable search processor is disclosed. The search processor provides high speed content search capability to meet the performance need of network line rates growing to 1Gbps, IOGbps and higher. The search processor provides a unique combination of NFA and DFA based search engines that can processincoming data in parallel to perform the search against the specific rules programmed in the search engines. The procesor architecture also provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. A security system is also disclosed that enables a new way of implementing security capabilities inside enterprise networks in a distributed manner using a protocol processing hardware with appropriate security features.

Distributed network security system and a hardware processor therefor

Abstract: An architecture provides capabilities to transport and process Internet Protocol (IP) packets from Layer 2 through transport protocol layer and may also provide packet inspection through Layer 7. A set of engines may perform pass-through packet classification, policy processing and/or security processing enabling packet streaming through the architecture at nearly the full fine rate. A scheduler schedules packets to packet processors for processing. An internal memory or local session database cache stores a session information database for a certain number of active sessions. The session information that is not in the internal memory is stored and retrieved to/from an additional memory. An application running on an Initiator or target can in certain instantiations register a region of memory, which is made available to its peer(s) for access directly without substantial host intervention through RDMA data transfer. A security system is also disclosed that enables a new way of implementing security capabilities inside enterprise networks in a distributed manner using a protocol processing hardware with appropriate security features.

System and method for exchanging information among exchange applications

Abstract: In a system and method for accessing messages in a data store in a gateway, a data frame request, which is a structured SQL query, is received at the gateway. The received data frame request is applied to the gateway data store, which stores messages. A data frame is generated that comprises messages from the data store that are responsive to the received data frame request, the data frame having a format that is readable by a character editor.

Highly scalable architecture for application network appliances

Abstract: A highly scalable application network appliance is described herein. According to one embodiment, a network element includes a switch fabric, a first service module coupled to the switch fabric, and a second service module coupled to the first service module over the switch fabric. In response to packets of a network transaction received from a client over a first network to access a server of a data center having multiple servers over a second network, the first service module is configured to perform a first portion of OSI (open system interconnection) compatible layers of network processes on the packets while the second service module is configured to perform a second portion of the OSI compatible layers of network processes on the packets. The first portion includes at least one OSI compatible layer that is not included in the second portion. Other methods and apparatuses are also described.