Methods and systems are provided for service policy orchestration in a communication network. Orchestrating a service policy in a communication network may include, receiving first service event related data, with the first service event related data including data that defines an update of a current service execution policy; selecting an operator access domain linked to the first service event related data for executing a service linked to the service policy; sending to the operator access domain the first service event related data and an operator specific service identifier linked to a respective operator access domain; receiving first feedback data set from the operator access domain; and processing the first feedback data set.

A system and method for software defined network (SDN) management. Route information is received from a customer edge (CE) device. The route information is parsed to identify at least one virtual routing and forwarding (VRF) instance for which the route information is intended. The route information is imported into the VRF instance.

Techniques are disclosed for identifying faulty links in a virtualized computing environment. Network path latency information is received for one or more network paths in the networked computing environment. Based on the network path latency information, a probable presence of a faulty component is determined. In response to the determination, physical links for a network path associated with the probable faulty component are identified. Information indicative of likely sources of the probable faulty component is received from multiple hosts of the networked computing environment. Based on the identified physical links and information, a faulty component is determined.

A technology to create and manage a group network in a virtual network is described. A network address may be registered as a member of a network group in an overlay network within a virtualized computing environment. An open connection may be maintained to the network address. Membership information may be sent over the open connection to the network address as membership of the network group changes. Membership information may be used in communicating with the network group using unicast transmissions.

Embodiments of the present disclosure provide a VNF processing policy determining method, an apparatus, and a system, and relate to the field of communications technologies, to avoid a problem that an NS constituted by a VNF cannot normally run when an EM fails to configure an application parameter for the VNF. The method includes: receiving, by a management node, a configuration feedback message sent by an EM, and determining a processing policy for a VNF according to the configuration feedback message, where the configuration feedback message is used to indicate whether an application parameter of the VNF is successfully configured, and the processing policy is used by the management node to process the VNF. The method is applied to an NFV technology.

An illustrative network management system obtains sensor data from one or more sensors at a network facility at which network equipment of a communication network is deployed. The sensor data includes image data representing imagery of the network facility. The system determines a utilization of a utility at the network facility based on the sensor data and performs, based on the utilization, a management operation for the communication network. Corresponding methods and systems are also described.

A method performed by a physical computing system includes, with a first virtual entity manager of a first host machine, detecting an Address Resolution Protocol (ARP) request from a first virtual entity supported by the first virtual entity manager to a second virtual entity having a first logical address within a fan network. The method further includes, with the first virtual entity manager, translating the first logical address to a second logical address and transmitting the ARP request to a second host machine using a physical address resolved from the second logical address, the second host machine supporting the second virtual entity. The method further includes receiving a response to the ARP request, the response including a virtualized physical address of the second virtual entity. The method further includes with the first virtual entity manager, forwarding a data packet from the first virtual entity to the virtualized physical address.

Some embodiments provide novel inline switches that distribute data messages from source compute nodes (SCNs) to different groups of destination service compute nodes (DSCNs). In some embodiments, the inline switches are deployed in the source compute nodes datapaths (e.g., egress datapath). The inline switches in some embodiments are service switches that (1) receive data messages from the SCNs, (2) identify service nodes in a service-node cluster for processing the data messages based on service policies that the switches implement, and (3) use tunnels to send the received data messages to their identified service nodes. Alternatively, or conjunctively, the inline service switches of some embodiments (1) identify service-nodes cluster for processing the data messages based on service policies that the switches implement, and (2) use tunnels to send the received data messages to the identified service-node clusters. The service-node clusters can perform the same service or can perform different services in some embodiments. This tunnel-based approach for distributing data messages to service nodes/clusters is advantageous for seamlessly implementing in a datacenter a cloud-based XaaS model (where XaaS stands for X as a service, and X stands for anything), in which any number of services are provided by service providers in the cloud.

Example methods and systems for logical network visualization. One example may comprise a computer system obtaining and processing topology information identifying a set of logical network elements. To visualize the set of logical network elements, the computer system may configure logical network topology graph is configured to include a multi-level group node that is formed using (a) a parent group node and (b) a child group node. The parent group node may be configured in a folded state to visualize multiple first elements and associated with parent group node information. The child group node may be configured in a folded state to visualize multiple second elements and associated with child group node information. The computer system may interact with a user device to cause display of the parent group node and the child group node along with the respective parent group node information and child group node information.

A Distributed Security Information and Event Management System (DSIEMS) is a scalable, intelligent, security and fraud management platform that proactively collects information from a network's computer systems, applications, users, and external intelligence data feeds, and aggregates the information into a centralized repository where the information can then be analyzed and quickly acted upon when necessary. Further, according to one aspect, a DSIEMS analyzes aggregated information to discern patterns of potential attack, inappropriate data movement, and fraud from normal and legitimate network activity, account activity, user activity, and data access. According to one embodiment, aspects of the present disclosure are implemented in a distributed architecture. In particular, aspects of the present DSIEMS utilize an agent-based architecture in which intelligent software agents are deployed on each node (e.g., endpoint computing device) within the system.