A system for troubleshooting network problems is disclosed. A model can use demographic information, network usage information, and network membership information to determine an importance of a problem. The importance of the problem for the user who reported the problem, a number of other users affected by the problem, and the importance of the problem to the other users can be used to determine a priority for resolving the problem. Before and after a work order is executed to resolve the problem, network metrics can be gathered, including aggregate network metrics, and automatically presented in various user interfaces. The analysis of the metrics can be used to update a database of which work orders are assigned in response to which problems.

Various embodiments of the present disclosure are directed to automatic network architecture configuration maintenance. A network architecture for a particular organization, user, or other entity, may include various networked devices, any of which may be vulnerable to one or more cyberattacks due to outdated software, hardware, and/or firmware configurations. Embodiments include apparatuses, computer program products, and methods for retrieving an updated device configurations data object, identifying a vulnerable networked device set based at least in part on the updated device configurations data object and a detected networked device set, and generating a device cyber risk score data object set that may be output and/or otherwise provided to one or more systems, devices, or the like. Some example embodiments further include identifying update recommendation(s), generating device cyber risk priority data object(s), and/or providing various combinations of such data for rendering to one or more displays associated with a user.

A system and method for dynamically creating distributed, self-adjusting and optimizing core network with machine learning is disclosed. The method includes receiving a request to access one or more services and establishing a secure real time communication session with one or more client devices and a set of service layers based on the received request. The method further includes determining one or more service parameters based on the received request and sending one or more handshake messages to each of the set of service layers. Further, the method includes determining one or more environmental parameters and determining best possible service layer capable of processing the received request by using a trained service based ML model. The method includes processing the request at the determined best possible service layer and terminating or transferring the secure real time communication session after the request is processed.

The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. Although Internet service providers may act as autonomous systems, the WAN may control routing from the partner network by advertising unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The WAN selects a path within the WAN for the service. The WAN exports a routing rule to the agent. The agent forwards data packets for the service to the respective BGP address prefix via the Internet. The WAN receives data packets for the service of the partner network at the selected device.

The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. The WAN advertises unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The agent provides measurements of the plurality of paths to the WAN. The WAN selects a path within the WAN for the service. The agent receives a routing rule specifying a unicast address prefix for a selected device of the plurality of front-end devices of the WAN. The agent forwards data packets for the service to the respective border gateway protocol address prefix of the selected device via the Internet.

The present technology provides a system, method and computer-readable medium for configuration pattern recognition and inference, directed to a device with an existing configuration, through an extensible policy framework. The policy framework uses a mixture of python template logic and CLI micro-templates as a mask to infer the intent behind an existing device configuration in a bottom-up learning inference process. Unique values for device/network identifiers and addresses as well as other resources are extracted and accounted for. The consistency of devices within the fabric is checked based on the specific policies built into the extensible framework definition. Any inconsistencies found are flagged for user correction or automatically remedied by a network controller. This dynamic configuration pattern recognition ability allows a fabric to grow without being destroyed and re-created, thus new devices with existing configurations may be added and automatically configured to grow a Brownfield fabric.

A control node can be automatically deployed at a remote location according to some examples described herein. In one example, a system can automatically set up a control node at a remote location by performing various operations. The operations can include interacting with the remote location to deploy an instance of the control node at the remote location. The operations can include providing a configuration script to the remote location for use by the instance in configuring one or more managed nodes. The operations can include providing connection information to the remote location for use by the instance in establishing a network connection to the one or more managed nodes. The system can then initiate a configuration process in which the control node establishes the network connection to the one or more managed nodes and then configures the one or more managed nodes in accordance with the configuration script.

A method of provisioning a network may include, with a network controller, identifying a first network intent of a computing network based at least in part on an execution of a user interface (UI) or API layer at a client device, and identifying a modification of at least one object within the first network intent within the UI or API layer at the client device as the first network intent is being modified. The modification defines a delta between the first network intent and a second network intent. The method may further include, with a provisioning service executed by the network controller, receiving the delta as a payload from the client device, and provisioning at least one computing device within the computing network based at least in part on the delta. The method further includes automatically modifying the at least one object based on the received delta, including a further modification of the second network intent.

Systems and methods for managing a network are disclosed. One method can comprise determining presence of a first network device associated with a network. If the first network device is not present, a second network device can be configured to assume authority of the network. If the first network device is present, the second network device can be configured to join the network. Other aspects relate to providing services in an environment having multiple service providers.

Techniques are provided for managing resources among clusters of computing devices in a computing system. Resource reassignment message are generated for indicating that servers are reassigned and in response to resource compute loads exceed or fall below certain thresholds. Techniques also include establishing communications with the reassigned servers to assign compute loads without physically relocating the servers from one cluster to another cluster.