A distributed security system can include instances of a compute engine that can execute either locally in security agents on client devices or as cloud instances in a security network. Event data can be processed by elements of the distributed security system according to centrally-defined ontological definitions and/or configurations. Bounding managers of local security agents can control how much event data is sent to the security network. A storage engine in the security network can store event data received from client devices, can route event data to other elements of the security network, including cloud instances of the compute engine. An experimentation engine of the security network can also at least temporarily adjust other elements of the distributed security system during experiments or tests.

Systems, software, and methods for managing networks of connected electronic devices are described. In one example, network management policy and network management applications are transferred automatically upon detection and identification of a new device, protocol or application on the network. In another example, information related to at least one aspect of the network is obtained by an NMAS, and at least one applicable management policy is identified by the NMAS; and the identified policy is used to manage at least one aspect of the network's operation.

Systems, software, and methods for managing networks of connected electronic devices are described. In one example, network management policy and network management applications are transferred automatically upon detection and identification of a new device, protocol or application on the network. In another example, information related to at least one aspect of the network is obtained by an NMAS, and at least one applicable management policy is identified by the NMAS; and the identified policy is used to manage at least one aspect of the network's operation.

Aspects of the disclosure provide a method performed by a central Network Data Analytics Function (NWDAF) in a communications network. The communications network comprises one or more local NWDAFs configured to develop a model using federated learning, in which each local NWDAF stores a copy of the model and trains the copy of the model by inputting training data into a machine-learning process. The method comprises receiving, from the one or more local NWDAFs, a respective local model update comprising an update to values of one or more parameters of the model generated by training a respective copy of the model using machine-learning. The method further comprises combining the local model updates received from the one or more local NWDAFs to obtain a combined model update.

Aspects of the disclosure provide a method performed by a central Network Data Analytics Function (NWDAF) in a communications network. The communications network comprises one or more local NWDAFs configured to develop a model using federated learning, in which each local NWDAF stores a copy of the model and trains the copy of the model by inputting training data into a machine-learning process. The method comprises receiving, from the one or more local NWDAFs, a respective local model update comprising an update to values of one or more parameters of the model generated by training a respective copy of the model using machine-learning. The method further comprises combining the local model updates received from the one or more local NWDAFs to obtain a combined model update.

The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. Although Internet service providers may act as autonomous systems, the WAN may control routing from the partner network by advertising unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The WAN selects a path within the WAN for the service. The WAN exports a routing rule to the agent. The agent forwards data packets for the service to the respective BGP address prefix via the Internet. The WAN receives data packets for the service of the partner network at the selected device.

The present application relates to communications between a partner network and a wide area network (WAN) via the Internet. The WAN advertises unicast border gateway protocol (BGP) address prefixes for a plurality of front-end devices in the WAN. An agent in the partner network measures a plurality of paths to a service within the WAN. Each of the plurality of paths is associated with one of the plurality of front-end devices and a respective unicast BGP address prefix. The agent provides measurements of the plurality of paths to the WAN. The WAN selects a path within the WAN for the service. The agent receives a routing rule specifying a unicast address prefix for a selected device of the plurality of front-end devices of the WAN. The agent forwards data packets for the service to the respective border gateway protocol address prefix of the selected device via the Internet.

A system configured to track network slicing operations within a 5G communication network includes processing circuitry configured to determine a network slice instance (NSI) associated with a QoS flow of a UE. The NSI communicates data for a network function virtualization (NFV) instance of a Multi-Access Edge Computing (MEC) system within the 5G communication network. Latency information for a plurality of communication links used by the NSI is retrieved. The plurality of communication links includes a first set of non-MEC communication links associated with a radio access network (RAN) of the 5G communication network and a second set of MEC communication links associated with the MEC system. A slice configuration policy is generated based on the retrieved latency information and slice-specific attributes of the NSI. Network resources of the 5G communication network used by the NSI are reconfigured based on the generated slice configuration policy.

The Distributed Software Defined Network (dSDN) disclosed herein is an end-to-end architecture that enables secure and flexible programmability across a network with full lifecycle management of services and infrastructure applications (fxDeviceApp). The dSDN also harmonizes application deployment across the network independent of the hardware vendor. As a result, the dSDN simplifies the network deployment lifecycle from concept to design to implementation to decommissioning.

The present invention faces the issues of re-selection of another NF Service instance (103, 201) for a subsequent request (S-520, S-535) with a same data consistency (Consistency 1) as a previously selected NF Service instance (101). To solve this issue, the present invention provides for identifying at configuration, based on the deployment and on the Storage solution for the Session/context data, which instances (101, 103, 201) of the same service type have access with strong consistency to the same data, and provide this information to the consumer (40), so it is allowed to prioritize selection of an alternative NF service instance that supports strong consistency, whenever possible.