A method, a system and a storage medium for network failure protection belonging to the field of network technologies. The method comprises: allocating, for each forwarding link of the ring topology, a protection ring bit position opposite to the direction of a working path; newly adding BRFT for storing adjacent forwarding table entries related to forwarding along the direction of the protection ring bit position; and when a BIER message is forwarded along the working path, if a BFR detects that the downstream adjacency fails, searching for entry content of the BTAFT, finding the correlation between the link bit position of the fault forwarding link and the protection ring bit position, and forwarding, on the basis of entry content of the BRFT, the BIER message to the opposite end fault point of the opposite end along the direction of the protection ring bit position.

Examples disclosed herein relate to a method comprising collecting, by a network monitoring tool, network data from a first device on a network. The method comprises identifying, by the network monitoring tool, a potential issue from the network data, wherein the potential issue corresponds to one aspect of the network and transmitting, by the network monitoring tool, the potential issue to a network management tool. The method also comprises identifying, by the network management tool, a first network configuration that the potential issue relates to and creating, by the network management tool, a second network configuration for the network to fix the potential issue.

Disclosed herein are embodiments of systems, methods, and products comprise an analytic server, which provides a SilverlineRT system that prioritizes and analyzes security alerts and events. The server builds an attack tree based on attack detection rules. The server monitors large-scale distributed systems and receives alerts from various devices. The server determines attacks using the attack tree while excluding false alarms. The server determines impact and risk metrics for attacks in real-time, and calculates an impact score for each attack. The server ranks and prioritizes the attacks based on the impact scores. The server also generates real-time reports. By consider the mission and system specific context in the analysis alert information, the server gives insight into the overall context of problems and potential solutions, improving decision-making. By showing the impacts of alters, the server allows security personnel to prioritize responses and focus on highest value defense activities.

Provided is a client terminal access control method, and the method includes: allocating a communication process of a first client group comprising a plurality of client terminals to an edge server; when a failure occurs in an operation of the edge server, allocating a communication process of a second client group comprising at least one client terminal belonging to the first client group to a failure-handling edge server; and determining whether a failure occurs in an operation of the failure-handling edge serve.

A method, a computer-readable medium, and a device for dynamically identifying criticality of services and data sources. The computer-readable medium comprising instructions which, when executed, cause a programmable device to: determine, based on a plurality of service-related metrics from a network node, upstream network nodes and downstream network nodes in a network; query the upstream network nodes and the downstream network nodes with a multicast request for an additional plurality of service-related metrics; extrapolate a current network topology based on the plurality of service-related metrics and the additional plurality of service-related metrics; determine whether or not an upstream backup server is present for the network node; determine a set of critical service delivery points in the network based on the determination of the upstream backup server; and generate a network service alert responsive to a service interruption from the set of critical service delivery points.

Generally described, systems and methods are provided for monitoring and detecting causes of failures of network paths. The system collects performance information from a plurality of nodes and links in a network, aggregates the collected performance information across paths in the network, processes the aggregated performance information for detecting failures on the paths, analyzes each of the detected failures to determine at least one root cause, and initiates a remedial workflow for the at least one root cause determined. In some aspects, processing the aggregated information may include performing a statistical regression analysis or otherwise solving a set of equations for the performance indications on each of a plurality of paths. In another aspect, the system may also include an interface which makes available for display one or more of the network topology, the collected and aggregated performance information, and indications of the detected failures in the topology.

Described systems and techniques determine causal associations between events that occur within an information technology landscape. Individual situations that are likely to represent active occurrences requiring a response may be identified as causal event clusters, without requiring manual tuning to determine cluster boundaries. Consequently, it is possible to identify root causes, analyze effects, predict future events, and prevent undesired outcomes, even in complicated, dispersed, interconnected systems.

Example aspects include techniques for implementing peer group evaluation for comparative anomaly. These techniques may include determining a candidate group including a plurality of component metrics, and determining that the plurality of component metrics are a peer group based at least in part on a cluster profile of the candidate group and the candidate group exhibiting peer-like behavior of a period of time. In addition, the techniques may include detecting anomalous activity based at least in part on first performance information of a component metric deviating from second performance information for the peer group, and providing a notification of the anomalous activity.

A method, an apparatus, and a storage medium for dividing a neural network into regions for preventing data duplication and data loss in parallel movements of data between nodes. The method includes obtaining a neural network model comprising n operators; scanning all operator groups in the neural network model; dividing the neural network model into m regions; rescanning all operator groups in the neural network model and identifying broken operator group(s); analyzing input and output of each of the n number of operators in the broken operator group(s) and identifies operators of a specific sort; and adjusting the operators of the specific type to rearranged to keep individual inputs and outputs within a single region.

The present disclosure discloses a method and an apparatus for configuring an alarm rule for an IoT device, and a device and a storage medium thereof, which are applied to the field of IoT. The method includes: configuring at least two groups of alarm rules for a plurality of IoT devices of the same type in an IoT; obtaining n usage categories of the plurality of IoT devices by categorizing the plurality of IoT devices according to usage characteristics of the plurality of IoT devices; calculating a correlation between the at least two groups of the alarm rules and the n usage categories, and storing a corresponding relationship between a target usage category and a target alarm rule whose correlation is higher than a condition; and when an IoT device belonging to the target usage category is newly added, configuring an alarm rule of the newly added IoT device as the target alarm rule.