The present disclosure relates to a communication method and system for converging a 5th-generation (5G) communication system for supporting higher data rates beyond a 4th-generation (4G) system with a technology for Internet of Things (IoT). The present disclosure may be applied to intelligent services based on the 5G communication technology and the IoT-related technology, such as smart home, smart building, smart city, smart car, connected car, health care, digital education, smart retail, security and safety services. Embodiments herein disclose a network management apparatus, method, and computer-readable storage medium for or management of shared NSI in a communication system.

Systems, methods, and computer-readable media for scaling a source network. A system may be configured to receive a network configuration for a source network, wherein the source network comprising a plurality of nodes, receive and a scale target for a scaled network, and identify, based on the scale target, one or more selected nodes in the plurality of nodes in the source network for implementing in the scaled network. The system may further be configured to reconfigure data plane parameters and control plane parameters for each node in the one or more selected nodes.

Systems, methods, and computer-readable media for scaling a source network. A system may be configured to receive a network configuration for a source network, wherein the source network comprising a plurality of nodes, receive and a scale target for a scaled network, and identify, based on the scale target, one or more selected nodes in the plurality of nodes in the source network for implementing in the scaled network. The system may further be configured to reconfigure data plane parameters and control plane parameters for each node in the one or more selected nodes.

The present invention discloses the method and apparatus for topology discovery enabled intrusion detection. In information and communications technology (ICT) systems, end devices are organized into subnets that are communicated with the system center through the multi-service gateways. Any intrusion can incur the variations of the communications environments and the subnet topologies. The potential external intruding devices are detected by the varied communications environments and identified by the difference between the original and new subnet topologies constructed by the topology discovery method. The information of potential external intruding devices is sent to the system center for device authentication. If passed, the device is kept associated and the system topology is updated with the newly discovered subnet topology. If failed, the device is enforced to disassociate, and an enhanced secure mode is triggered where the messages communicated over the intruded subnet are encrypted.

The present invention discloses the method and apparatus for topology discovery enabled intrusion detection. In information and communications technology (ICT) systems, end devices are organized into subnets that are communicated with the system center through the multi-service gateways. Any intrusion can incur the variations of the communications environments and the subnet topologies. The potential external intruding devices are detected by the varied communications environments and identified by the difference between the original and new subnet topologies constructed by the topology discovery method. The information of potential external intruding devices is sent to the system center for device authentication. If passed, the device is kept associated and the system topology is updated with the newly discovered subnet topology. If failed, the device is enforced to disassociate, and an enhanced secure mode is triggered where the messages communicated over the intruded subnet are encrypted.

Various embodiments described herein disclose an endpoint modeling and grouping management system that can collect data from endpoint computer devices in a network. In some embodiments, agents installed on the endpoints can collect real-time information at the kernel level providing the system with deep visibility. In some embodiments, the endpoint modeling and grouping management system can identify similarities in behavior in response to assessing the data collected by the agents. In some embodiments, the endpoint modeling and grouping management system can dynamically model groups such as logical groups, and cluster endpoints based on the similarities and/or differences in behavior of the endpoints. In some embodiments, the endpoint modeling and grouping management system transmits the behavioral models to the agents to allow the agents to identify anomalies and/or security threats autonomously.

Various embodiments described herein disclose an endpoint modeling and grouping management system that can collect data from endpoint computer devices in a network. In some embodiments, agents installed on the endpoints can collect real-time information at the kernel level providing the system with deep visibility. In some embodiments, the endpoint modeling and grouping management system can identify similarities in behavior in response to assessing the data collected by the agents. In some embodiments, the endpoint modeling and grouping management system can dynamically model groups such as logical groups, and cluster endpoints based on the similarities and/or differences in behavior of the endpoints. In some embodiments, the endpoint modeling and grouping management system transmits the behavioral models to the agents to allow the agents to identify anomalies and/or security threats autonomously.

A connectivity enablement device includes one or more processors, one or more memories and a hardware input port. The memories store program instructions that when executed examine a token obtained from a token transfer device inserted into the port, and cause one or more messages to be transmitted to a virtualized computing service. The messages indicate (a) the connectivity enablement device, (b) the token transfer device, (c) the token's source and (d) a server. An indication that the server has been configured within an isolated virtual network is obtained at the connectivity enablement device.

A connectivity enablement device includes one or more processors, one or more memories and a hardware input port. The memories store program instructions that when executed examine a token obtained from a token transfer device inserted into the port, and cause one or more messages to be transmitted to a virtualized computing service. The messages indicate (a) the connectivity enablement device, (b) the token transfer device, (c) the token's source and (d) a server. An indication that the server has been configured within an isolated virtual network is obtained at the connectivity enablement device.

In some implementations, a first device may receive, from a second device, network function (NF) configuration information indicating that an NF instance is to be provisioned to support a combination of network slices. The NF configuration information may include first network slice information regarding the first network slice and second network slice information regarding the second network slice. The first device may obtain, from a data structure, first slice configuration information associated with the NF instance supporting the first network slice and second slice configuration information associated with the NF instance supporting the second network slice. The first device may generate configuration parameters to provision the NF instance to support the combination of network slices and provide the configuration parameters to cause the NF instance to be provisioned to support the combination of network slices.