Embodiments are described for a method and system of applying data protection software mechanisms to network equipment devices to auto-discover the networking equipment, save changes from memory (TCAM) to local storage, backup changes to protection storage, provide auditing and tracking history of changes, and provide the ability to deploy test/development copies of changes using software defined networking techniques.

Techniques for receiving operational preferences for operating network devices, and determining software updates for the network devices based on the operational preferences. A recommendation system may determine a group of network devices in a device network based on the network devices in the group performing a common functional role or have common attributes. The recommendation engine may further receive the operational preferences for the group of network devices from a user associated with the device network. These operational preferences may be continuously, or periodically, evaluated against actual operating conditions of the group of network devices to determine whether a risk metric associated with the actual operation conditions violates an operational preference. In some instances, the recommendation system may provide the user with access to a recommendation to run updated software that is more optimized for the network device and that satisfies the operational preferences of the user.

Various embodiments include an apparatus for operating a software-defined network having a number of network elements comprising: a memory unit storing an image of the software-defined network; a control unit programmed to use the stored image as a basis for controlling forwarding of data streams by the number of network elements; and a comparison unit programmed to compare the stored image against a network image published in a ledger of a blockchain.

Various embodiments include an apparatus for operating a software-defined network having a number of network elements comprising: a memory unit storing an image of the software-defined network; a control unit programmed to use the stored image as a basis for controlling forwarding of data streams by the number of network elements; and a comparison unit programmed to compare the stored image against a network image published in a ledger of a blockchain.

A system, method, and computer program product are provided for a determining a network situation in a communication network. In use, at least one threshold value of at least one operational parameter of a communication network is obtained, the at least one operational parameter representing at least one operational status of at least one of a computational device or a communication device. Additionally, log data of the communication network is obtained, the log data containing at least one value of the at least one operational parameter reported by at least one network entity of the communication network. The at least one value of the at least one operational parameter of the log data is compared with a corresponding threshold value of the at least one threshold value to form a detection of a network situation. Further, the detection of the network situation is reported if the at least one value of the at least one operational parameter of the log data traverses the corresponding threshold value of the at least one threshold value.

Some embodiments provide a novel method for collecting and reporting attributes of data flows associated with machines executing on a plurality of host computers to an analysis appliance and providing visual representations of the data to a user. Some embodiments provide a visual representation of the collected data that allows a user to select a set of machines and flows and initiate recommendation generation based on the selected machines and flows. The recommendation generation, in some embodiments, includes identifying flows for which rules have not been defined and filtering the identified rules to remove flows for which rules should not be defined. Some embodiments use the identified rues to identify services and groups associated with the rules and generate recommendations for rules, groups and services based on the identified flows, groups and services. The recommendations, in some embodiments, are implemented as a single PATCH API.

Disclosed herein is a method of a network operator controller for managing a plurality of Internet of Things (IoT)-devices associated with an IoT device owner and connected to a wireless network. The method comprises receiving a list of IoT devices that are scheduled for a firmware update, wherein the list is indicative of respective update data and update procedure for each IoT device of the list; determining at least one network node serving a geographical area covering a respective location of each of the IoT devices of the list of devices; causing caching of the respective update data; determining an updating schedule indicative of when each IoT device is to receive its respective update data; and instructing the at least one network node to update the IoT devices with the cached respective update data according to the updating schedule and update procedure.

Techniques are described for automatically generating a consistent configuration state version 2 for a network device with no or minimal help from a user and/or from a provider of the network device when updating from a configuration state version 1 to the configuration state version 2. The techniques and architecture also provide for migration from configuration state version 1 to configuration state version 2 when at least some of a configuration state are located in text files that are applied to the network device at start-up of the network device.

A system and method for comparative performance monitoring of software release versions is disclosed. A remote network management platform may include a computational instance for managing a network. Transactions between a server of the computational instance and a client device in the managed network may be logged to a database. Transactions may be carried out by a release version of a set of program code units executing on the server. A software application executing on a computing device may retrieve and analyze a first set of transactions carried out by a first release version of the set of program code units to determine a first set of performance metrics, and do the same for a second set of transactions carried out by a second release version of the set of program code units to determine a second set of performance metrics. A classification filter may be applied to the metrics, and a quantitative comparison of the filtered first and second sets of performance metrics may be displayed on graphical user device.

A network function virtualization (NFV) compute element installs an image supporting a virtualized network function (VNF) on the element. The image includes instructions/data to initiate a TCP connection between the element and a Software Defined Network (SDN) controller upon reboot of the element. Upon rebooting, the element establishes, as client in accordance with the instructions/data, a TCP connection with the controller. The element then accepts, as a cryptographic network protocol server, a connection via the TCP connection from the controller as a client in accordance with the instructions. Next, the element accepts, as a network management protocol server, a connection via the cryptographic network protocol connection from the controller as network management protocol client. The element receives, from the controller over the network management protocol connection, commands regarding the status of the rebooted element, and then transmits, to the controller over the network management protocol connection, responses to the commands.