Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.

Novel tools and techniques are provided for implementing tracking or storing of equipment configuration data using immutable ledger functionality of blockchains. In various embodiments, in response to receiving a first request for first configuration data that is output by first equipment, a computing system might determine whether a communicatively coupled data repository contains the first configuration data. If so, the computing system might retrieve and send (to the requesting device) the first configuration data. If not, the computing system might send, to a blockchain system, a second request for identifying a blockchain containing a block containing the first configuration data. In response to such a blockchain being identified, the computing system might receive the identified blockchain; might abstract the block containing the first configuration data from the identified blockchain; might abstract the first configuration data from the block; and might send the first configuration data to the requesting device.

Techniques are described herein that are capable of selectively throttling an implementation of configuration changes in an enterprise. For instance, incremental phases of the implementation on respective subsets of clients are selectively throttled during respective periods of time by performing operations for each subset during a respective phase that precedes a respective next phase of the implementation. The operations include gathering information regarding the phase from the clients in the subset; generating a score that indicates an extent to which metrics associated with the implementation are satisfied during the phase based at least in part on the information; comparing the score to a reference score for the subset to determine whether the score is within a tolerance associated with the reference score; and selectively throttling the next phase of the implementation based at least in part on whether the score is within the tolerance.

Techniques are described herein that are capable of selectively throttling an implementation of configuration changes in an enterprise. For instance, incremental phases of the implementation on respective subsets of clients are selectively throttled during respective periods of time by performing operations for each subset during a respective phase that precedes a respective next phase of the implementation. The operations include gathering information regarding the phase from the clients in the subset; generating a score that indicates an extent to which metrics associated with the implementation are satisfied during the phase based at least in part on the information; comparing the score to a reference score for the subset to determine whether the score is within a tolerance associated with the reference score; and selectively throttling the next phase of the implementation based at least in part on whether the score is within the tolerance.

Systems and methods are provided for providing continuous configuration deployment. A configuration definition object may be obtained from a remote datastore. The obtained configuration definition object may be stored in a local datastore. The configuration definition object may be obtained and stored in advance of a scheduled maintenance. The configuration definition object may be obtained in response to the configuration definition object being committed to the remote datastore. The configuration definition object may be used to generate different configuration objects. A configuration object may be generated from the configuration definition object and one or more system characteristics. A service request may be received, and the configuration object may be executed to perform a configuration of a computing system.

Systems and methods are provided for providing continuous configuration deployment. A configuration definition object may be obtained from a remote datastore. The obtained configuration definition object may be stored in a local datastore. The configuration definition object may be obtained and stored in advance of a scheduled maintenance. The configuration definition object may be obtained in response to the configuration definition object being committed to the remote datastore. The configuration definition object may be used to generate different configuration objects. A configuration object may be generated from the configuration definition object and one or more system characteristics. A service request may be received, and the configuration object may be executed to perform a configuration of a computing system.

Techniques are disclosed of detection and analysis of network-based assets under common management by an entity. Network-based assets that are under common management by an entity may be owned or associated with the entity. Some network assets may appear to be under the common management of an entity, but may be operated by an unauthorized entity. Detecting a relationship between or ownership of network assets for malicious network activity may be a challenge. Specifically, the connection between authorized assets and unauthorized assets may be difficult to identify, especially if assets are masked or changed to evade detection. A network analytic system is disclosed that can process different data from multiple sources (e.g., at least multiple, disparate data sources) to identify relationships between network-based assets.

Techniques described herein may be used to provide an operator of a network with a current configuration of computing nodes of a distributed system, and processes (e.g., virtual machines) hosted by the computing nodes, and/or a history of changes to the configuration of the computing nodes and/or hosted processes. An operator may cause a computing node, and the processes hosted by the computing node, to be configured based on configuration data stored by a configuration database. Another operator may change the configuration of the computing node, and/or the hosted processes, by changing the configuration data stored by the configuration database. The computing node may create a record of the change. Yet another operator may request that the current configuration of the computing node and the hosted processes (and/or a history of configuration changes to the configuration data) be provided, and the computing node may provide requested information.

Various embodiments are described herein to track the state of components within a network element. One embodiment provides for a network element comprising a control plane including logic to transmit configuration and status of the network element during network element operation, the configuration including a configured state of one or more agents of the control plane and the status including operational status of one or more agents of the control plane; and a data plane to forward network data from an ingress interface to an egress interface, each of the ingress interface and egress interface including one or more counters, wherein the status of the continuously transmitted status of the network element additionally includes the one or more counters of each of the ingress interface and egress interface.

Various embodiments are described herein to track the state of components within a network element. One embodiment provides for a network element comprising a control plane including logic to transmit configuration and status of the network element during network element operation, the configuration including a configured state of one or more agents of the control plane and the status including operational status of one or more agents of the control plane; and a data plane to forward network data from an ingress interface to an egress interface, each of the ingress interface and egress interface including one or more counters, wherein the status of the continuously transmitted status of the network element additionally includes the one or more counters of each of the ingress interface and egress interface.