A method for detecting attacks on a network component of an industrial network uses a component monitoring unit integrated in the network component. The component monitoring unit has at least one checking module for performing a check on the network component and a communication module for the component monitoring unit to communicate with at least one further network component of the industrial network. The component monitoring unit further has a management module for managing a communication between the at least one checking module and the communication module. When a predetermined criterion is satisfied, the at least one checking module collects and/or evaluates information concerning the network component and/or concerning the satisfied criterion for the purpose of checking the network component.

A method for detecting attacks on a network component of an industrial network uses a component monitoring unit integrated in the network component. The component monitoring unit has at least one checking module for performing a check on the network component and a communication module for the component monitoring unit to communicate with at least one further network component of the industrial network. The component monitoring unit further has a management module for managing a communication between the at least one checking module and the communication module. When a predetermined criterion is satisfied, the at least one checking module collects and/or evaluates information concerning the network component and/or concerning the satisfied criterion for the purpose of checking the network component.

A system and method for monitoring and modifying the security configurations of multiple devices is disclosed. The method includes monitoring multiple devices for security triggers and taking action in response to the triggers. The triggers include changes in security configurations, known security issues and pending updates. The devices may be any connected devices, including Internet of Things devices.

System, methods, and computer-readable media for validating and committing a shared O-RU configuration via a shared O-RU Operator. The shared O-RU Operator validates a partitioned configuration received from a tenant operator, with the ability to indicate to the tenant operator that the partitioned configuration is conformant to agreed-upon sharing rules and then commits the shared configuration to the shared O-RU. The shared O-RU operator shares the outcome of the commit operation to the tenant operator via defined operational-data that can be read by the tenant operator. A single radio in O-RAN is shared by multiple different operators and enables a neutral host to deploy a radio unit and then have that attached to different operators networks.

Presented herein are embodiments that use a language model to embed or encode configuration elements (e.g., commands, prompts, etc.) into dense, latent representations that incorporate semantic and contextual information. Using a trained language model, a configuration for a network device may be converted into a set of configuration path sentences. Given a first set of encoded configuration path sentences for a first configuration and a second set of encoded configuration path sentences for a second configuration, these two sets may be compared to gauge a degree of difference between the two sets. In one or more embodiments, an Optimal Transport method with Wasserstein distance metric may be used to obtain a comparison value that gauges difference between the two configurations. In one or more embodiments, the comparison valuation may be labeled or classified by comparing the comparison value to one or more pre-defined thresholds.

An information processing apparatus including: a memory; and a processor coupled to the memory, the processor being configured to: in a network coupling a plurality of storage nodes, at least one proxy, and at least one client; collect information of accesses executed most by the at least one client via the at least one proxy on a path of each access; based on the information of accesses, calculate network distances between the plurality of storage nodes and the at least one proxy; and based on the network distances, determine a leader to be one of the plurality of storage nodes that is close to one of the at least one proxy accessed most frequently.

An information processing apparatus including: a memory; and a processor coupled to the memory, the processor being configured to: in a network coupling a plurality of storage nodes, at least one proxy, and at least one client; collect information of accesses executed most by the at least one client via the at least one proxy on a path of each access; based on the information of accesses, calculate network distances between the plurality of storage nodes and the at least one proxy; and based on the network distances, determine a leader to be one of the plurality of storage nodes that is close to one of the at least one proxy accessed most frequently.

A network function virtualization (NFV) compute element installs an image supporting a virtualized network function (VNF) on the element. The image includes instructions/data to initiate a TCP connection between the element and a Software Defined Network (SDN) controller upon reboot of the element. Upon rebooting, the element establishes, as client in accordance with the instructions/data, a TCP connection with the controller. The element then accepts, as a cryptographic network protocol server, a connection via the TCP connection from the controller as a client in accordance with the instructions. Next, the element accepts, as a network management protocol server, a connection via the cryptographic network protocol connection from the controller as network management protocol client. The element receives, from the controller over the network management protocol connection, commands regarding the status of the rebooted element, and then transmits, to the controller over the network management protocol connection, responses to the commands.

Systems and methods for automatically prioritizing computing resource configurations for remediation include receiving information describing configuration issues that may result in impaired system performance or unauthorized access, parsing that information and automatically analyzing configuration details of a user's private computing environment to determine that assets provide an environment in which configuration issues may be exploited to produce undesired results. Such systems and methods can generate assessments indicating the likelihood an issue can be exploited and potential impacts of the issue being exploited. Such systems and methods can use these assessments to generate a report prioritizing remediation of specific configuration issues for specific vulnerable assets based on the actual configuration of the user's computing resources and the data managed using those resources. Issues deemed have a higher likelihood of resulting in problems can be prioritized over configuration issues which may appear to have severe consequences, but which are unlikely to affect the user's resources.

Example methods and systems are provided for location-aware service request handling. The method may comprise: generating and sending location information associated with virtualized computing instance to a service node or a management entity for transmission to the service node. The location information may identify logical element(s) to which the virtualized computing instance is connected. The method may further comprise: in response to detecting, from the virtualized computing instance, a service request for a service from the service node, generating a modified service request by modifying the service request to include the location information associated with the virtualized computing instance; and sending the modified service request towards the service node.