A network controller and a method for automatically define forwarding rules to configure a computer networking device, The network controller (100) is connected to a sub-network (A) of a communication network and comprises: a controller manager (101) that receives a request for a given service, defines forwarding rules related to said service and installs the defined forwarding rules into a computer networking device (120a) in order to configure it for said given service; a deciding module (102) configured to communicate with the controller manager (101) and configured to interact with a DNS server (150) to receive a determined resolution for a DNS request of said request for said given service, and with a database (300) to retrieve information supplementary for the DNS request, in order to assist the controller manager (101) in performing the defining of the forwarding rules; and a plurality of interfaces (S.sub.A, S.sub.B, S.sub.D) for allowing the communication between the different elements.

Systems and methods for providing services are disclosed. One aspect comprises detecting a compromised state of a user device, determining a device identifier associated with the user device, locating a service identifier the device identifier, and transmitting the service identifier to the user device.

A computer-implemented method is for providing a digital certificate to a device. In an embodiment, the method is based on receiving, from the device, authentication data via a secure communication channel. Furthermore, the method is based on receiving, from the device, or determining, by the server, a first certificate identifier. In particular, the first certificate identifier is a hash value. Further aspects of the method are verifying the authentication data and receiving, from the device, a first public key created by the device. In an embodiment, the method is furthermore based on sending a first certificate signing request related to a first domain name based on the first public key to a certificate authority. Herein, the first domain name comprises the certificate identifier, and a domain related to the first domain name is controlled by the server. In particular, the first domain name is a wildcard domain.

Address resolution information acquisition (ARIA) for a computing device is described. In some examples, ARIA includes a computing device (e.g., an Internet of things (IoT) node, a gateway, a server) determining, without use of an address resolution protocol (ARP), address resolution information of one or more other computing devices (e.g., a IoT node, a gateway, a server). In one example, the computing device uses data flowing to or from its application layer, transport layer, or network layer to determine address resolution information of another computing device. The address resolution information can comprise one or more of a link layer address (e.g., a media access control (MAC) address) and an Internet layer address (e.g., an Internet protocol (IP) address). Usage of a cache for storing or deleting address resolution information can also be part of ARIA.

Embodiments of the present disclosure provide a method and an apparatus for determining gateway information. A first device obtains first information of user equipment, where the first information of the user equipment is used to indicate an area in which the user equipment subscribes to a service, and the first device determines gateway information corresponding to a first domain name, where the first domain name includes the first information of the user equipment. The first domain name includes the first information of the user equipment, and the first information is used to indicate the area in which the user equipment subscribes to the service. Compared with a method in which a number segment is used to generate a domain name, this reduces a quantity of domain names that need to be configured and maintained, and reduces maintenance costs of an operator.

In one embodiment, an endpoint in a network sends a Session Initiation Protocol (SIP) registration request to a device. The device generates a first key using information included in the SIP registration request. The device also writes the first key to a storage location accessible by a Traversal Using Relays around Network address translators (TURN) server. The endpoint generates a second key based on the information included in the SIP registration request. The endpoint sends an allocate request to the TURN server that includes the second key. The TURN server authenticates the endpoint based in part by comparing the second key to the first key. The endpoint receives an allocate response from the TURN server, after the TURN server authenticates the endpoint.

Methods and systems are disclosed for discovering resources in a multi-access computing environment. The method may include receiving application parameters for an application to be serviced using multi-access edge computing (MEC) resources. The method may also include generating network address identifiers associated with the application based on the application parameters, and storing, in a memory, the network address identifiers associated with the application to be serviced using the MEC resources. The method may include deploying an instance of the application at a MEC cluster. The deployed instance of the application may be accessible by user equipment with one of the network address identifiers.

The present invention provides a method, device, and system for obtaining an address of a SIP registration server. The method includes: obtaining, by a branch device, a domain name system DNS resource record for specifying the location of service SRV response message; adding information of a SIP local survivable registration server to the DNS SRV response message; and returning the DNS SRV response message to which the information of the SIP local survivable registration server is added to a branch terminal, so that the branch terminal obtains an Internet protocol IP address of the SIP local survivable registration server according to the information of the SIP local survivable registration server in the DNS SRV response message. The solutions provided by the present invention ensure normal working of the branch terminal and saves costs.

Manage a request for a computing service through a hub solution available on a network. The underlying network fabric is the communication bus between individual processes that make up a service request. A process orchestrator may publish an Internet Protocol (IP) address for service requests such as printing services, email services, Active Directory (AD) services and similar service requests. The process orchestrator may determine which processes are to be executed to complete the service request and offload the processes to an available computing resources on the network. Examples of computing resources for each process include a virtual machine and a hardware based process engine. The process orchestrator may manage the processes and act as the primary point of interface for an endpoint host requesting the service.

A method for protecting a client domain, for example against a computing attack, implemented in a client node of the client domain. The method includes: discovering at least one other client node of the client domain, called a discovered node; detecting a conflict between at least two management rules for the traffic associated with the client domain; and resolving the detected conflict, including: if one of the rules was installed by a the discovered node, modifying the rule or a state associated with the discovered node; and otherwise, obtaining, from a the discovered node, an item of information for identifying at least one node of the client domain that installed one of the rules; and detecting and/or resolving the conflict using information obtained during the discovery of the at least one other node of the client domain.