Systems, methods, and related technologies for device software monitoring and device software updating are described. In certain aspects, a device is selected based on being a smart device and a software version of associated with the software of the device is determined. The device software may then be automatically updated if newer software is available.

Systems, methods, and software for authorizing an application in User Equipment (UE) for direct discovery. In one embodiment, an authorization mechanism receives information (e.g., application ID) for a discovery request sent by an application in a UE. In response to the discovery request, the authorization mechanism challenges the UE for information regarding security parameters that are mapped to the application ID. Based on the information provided by the UE, the authorization mechanism determines whether the application is authorized for direct discovery.

Systems, methods, and software for authorizing an application in User Equipment (UE) for direct discovery. In one embodiment, an authorization mechanism receives information (e.g., application ID) for a discovery request sent by an application in a UE. In response to the discovery request, the authorization mechanism challenges the UE for information regarding security parameters that are mapped to the application ID. Based on the information provided by the UE, the authorization mechanism determines whether the application is authorized for direct discovery.

A system for monitoring the communication with a connected Internet of Things (IoT) device is provided. The system includes a first computing device including a least one processor in communication with at least one memory device. The at least one memory device stores a plurality of instructions, which when executed by the at least one processor cause the at least one processor to execute an IoT device communication application. The IoT device communication application monitors the IoT device. The instructions also cause the at least one processor to store IoT device data including a current location of the IoT device, determine an optimal communication path between the IoT device communication application and the IoT device based on the IoT device data, and transfer execution of the IoT device communication application to a second computing device based on the optimal communication path.

A system for monitoring the communication with a connected Internet of Things (IoT) device is provided. The system includes a first computing device including a least one processor in communication with at least one memory device. The at least one memory device stores a plurality of instructions, which when executed by the at least one processor cause the at least one processor to execute an IoT device communication application. The IoT device communication application monitors the IoT device. The instructions also cause the at least one processor to store IoT device data including a current location of the IoT device, determine an optimal communication path between the IoT device communication application and the IoT device based on the IoT device data, and transfer execution of the IoT device communication application to a second computing device based on the optimal communication path.

An approach for dynamically transitioning mobile client devices from one location to another within edge computing is disclosed. The approach includes retrieving locations for near edges and far edges and collecting one or more SCC(security compliance center) rules. The approach includes identifying edge access from one or more client devices and determining mobility pattern associated with the edge access. The approach includes determining edge recommendation based on the mobility patterns and applying the edge recommendation.

A client application manages a resolver configuration and sends DNS requests to a threat protection service when a mobile device operating the client application is operating off-network. The client application detects network conditions and automatically configures an appropriate system-wide DNS resolution setting. DNS requests from the client identify the customer and the device to threat protection (TP) service resolvers without introducing a publicly-visible customer or device identifier. The TP system applies the correct policy to DNS requests coming from off-network clients. In particular, the TP resolver recognizes the customer for requests coming from such clients and applies the customer's policy. The resolver is also configured to log the customer and the device associated with requests from the TP off-net client. Request logs from the TP resolver are provided to a cloud security intelligence platform for threat intelligence analytics and customer visible reporting.

A client application manages a resolver configuration and sends DNS requests to a threat protection service when a mobile device operating the client application is operating off-network. The client application detects network conditions and automatically configures an appropriate system-wide DNS resolution setting. DNS requests from the client identify the customer and the device to threat protection (TP) service resolvers without introducing a publicly-visible customer or device identifier. The TP system applies the correct policy to DNS requests coming from off-network clients. In particular, the TP resolver recognizes the customer for requests coming from such clients and applies the customer's policy. The resolver is also configured to log the customer and the device associated with requests from the TP off-net client. Request logs from the TP resolver are provided to a cloud security intelligence platform for threat intelligence analytics and customer visible reporting.

The present technology is directed to providing fault management with dynamic restricted access in a tenant network. The tenant network can be a private 5G cellular network or other wireless communication network. The present technology can identify a fault event within the tenant network based on received telemetry data, associate the fault event with a vendor component included in the tenant network, and generate a vendor fault context. The vendor fault context can be generated to include only the portion of telemetry data that is determined to be related to the fault event or the vendor component. The present technology can further use the vendor fault context to create a time-bound user account for remotely accessing the tenant network for fault triage and management. The time-bound user account can be associated to a static role-based access control (RBAC) scheme configured with access restrictions determined based on the vendor fault context.

An example system includes an access network intelligent controller comprising processing circuitry configured to communicate with a 3GPP access network control function and a non-3GPP access network control function. The non-3GPP access network control function comprises a first plurality of controllable functions. The 3GPP access network control function comprises a second plurality of controllable functions. The access network intelligent controller is configured to execute one or more applications, each application of the one or more applications configured to: issue a subscription request for a subscription to a first controllable function of the first plurality of controllable functions of the non-3GPP access network control function or a second controllable function of the second plurality of controllable functions of the 3GPP access network control function, and exchange messages with the first controllable function or the second controllable function in accordance with the subscription.