A system and method for monitoring and modifying the security configurations of multiple devices is disclosed. The method includes monitoring multiple devices for security triggers and taking action in response to the triggers. The triggers include changes in security configurations, known security issues and pending updates. The devices may be any connected devices, including Internet of Things devices.

Techniques are described for automatically generating a consistent configuration state version 2 for a network device with no or minimal help from a user and/or from a provider of the network device when updating from a configuration state version 1 to the configuration state version 2. The techniques and architecture also provide for migration from configuration state version 1 to configuration state version 2 when at least some of a configuration state are located in text files that are applied to the network device at start-up of the network device.

Techniques are described for automatically generating a consistent configuration state version 2 for a network device with no or minimal help from a user and/or from a provider of the network device when updating from a configuration state version 1 to the configuration state version 2. The techniques and architecture also provide for migration from configuration state version 1 to configuration state version 2 when at least some of a configuration state are located in text files that are applied to the network device at start-up of the network device.

Physical assets in a network are graphically modeled and controlled using a monitoring and control interface. Prior to committing configuration changes to the physical assets, the draft configuration changes are analyzed to determine if they violate any logical configuration change rules. The logical configuration rules can be model-based according to target physical asset(s) for the draft configuration changes. A logical configuration change rule violation can be graphically displayed on the monitoring and control interface. The configuration changes can be stored to debug the physical assets and to roll back the configuration of the physical assets to a prior state.

A network initialization communication storage system includes a host device coupled to a storage system and an initialization issue analysis system via a network. The host device includes an initialization subsystem coupled to each of a plurality of ports. During network initialization of the host device via the storage system, the initialization subsystem identifies network initialization communications transmitted via the port(s) and the network, filters the network initialization communications to remove a subset of network initialization information and provide filtered network initialization communications, and transmits the filtered network initialization communications for storage in a remote access controller subsystem in the host device. In the event the network initialization of the host device fails, the initialization issue analysis system retrieves the filtered network initialization communications from the remote access controller subsystem, and uses them to identify at least one issue with the network initialization of the host device via the storage system.

A network initialization communication storage system includes a host device coupled to a storage system and an initialization issue analysis system via a network. The host device includes an initialization subsystem coupled to each of a plurality of ports. During network initialization of the host device via the storage system, the initialization subsystem identifies network initialization communications transmitted via the port(s) and the network, filters the network initialization communications to remove a subset of network initialization information and provide filtered network initialization communications, and transmits the filtered network initialization communications for storage in a remote access controller subsystem in the host device. In the event the network initialization of the host device fails, the initialization issue analysis system retrieves the filtered network initialization communications from the remote access controller subsystem, and uses them to identify at least one issue with the network initialization of the host device via the storage system.

A method for providing secure single sign on includes receiving a first data object from an application hosting server, the first data object indicating at least a service provider name and identifying a configuration file corresponding to the service provider name, wherein the configuration file includes at least trusted identity information. The method also includes determining, using the configuration file corresponding to the service provider name, whether the first data object is valid and, in response to a determination that the first data object is valid, generating a response message.

A method for providing secure single sign on includes receiving a first data object from an application hosting server, the first data object indicating at least a service provider name and identifying a configuration file corresponding to the service provider name, wherein the configuration file includes at least trusted identity information. The method also includes determining, using the configuration file corresponding to the service provider name, whether the first data object is valid and, in response to a determination that the first data object is valid, generating a response message.

Various examples for discovering policy bindings between group policy rules in a legacy management framework and unified endpoint management rules that are utilized in a modern mobile device management (MDM) device management framework. A configuration state view can allow an administrator to understand inconsistencies or conflicts between group policy rules and UEM rules.

When a configuration is generated in a distributed computing system, a first group of nodes is selected for validating the configuration and the configuration is deployed on the first group of nodes. When the first nodes in the group of nodes validate the configuration, the nodes sign the configuration with a signature. When a subsequent node is to implement the configuration, the subsequent node validates the signature on the configuration to ensure that the nodes in the first group of nodes validated the configuration. If the signature is validated, the subsequent node deploys the configuration.