Described is a system (and method) that provides the ability to create an endpoint to allow cloud-based components to access services directly using network infrastructure of a cloud system. To provide such an ability, access connections from components of a production system to the cloud system may be monitored to derive a storage service and a datastore based on portions of a domain name. The derived storage service and datastore are then used to determine configuration settings required to automatically create a service endpoint. The service endpoint may then be deployed within the cloud system allowing the cloud-based component to access the storage service directly. Accordingly, the system provides the ability to automatically configure and deploy service endpoints by leveraging information derived from monitoring network access connections between a production environment and a cloud environment.

A system for dynamically managing a configuration file of a switch is provided. During operation, the system can determine one or more groups of line specifications in a specification file. A respective line specification can indicate a format of a respective variant of a configuration command of the switch. The system can then annotate a respective group in the specification file with a corresponding label. Subsequently, the system can associate a respective configuration command of the configuration file with a label of a group based on matching the configuration command with the group.

Systems and methods for configuration vulnerability checking and remediation are provided. The systems provided herein identify risk based upon service indications of a particular configuration, such that automated risk analysis may be facilitated.

A method of assigning IP addresses to devices of a building control network includes receiving a selection of selected devices of a plurality of devices from a user interface. The selected devices are displayed in a predetermined order on a display. A proposed static IP address for a first device in the predetermined order of the selected devices is received from the user interface. A static IP address is sequentially assigned to each of the selected devices following the first device in accordance with the predetermined order, assuming the subnet mask has been confirmed as valid. The selected devices in the predetermined order along with the assigned static IP addresses for each of the selected devices are displayed on the display. The assigned static IP address for each of the selected devices are downloaded to the corresponding one of the selected devices.

A computer network risk mitigation system includes a computerized platform configured to utilize gathered contextual data regarding cyber-risk metrics in are operational technology network. The computerized platform is configured to conduct network configuration changes in accordance with the gathered contextual data in order to mitigate cyber-security threats. Methods for refining a network attack graph and for utilizing risk score evaluation are also described.

Disclosed are various examples of an action framework for configuring a gateway to perform actions on the gateway itself or in conjunction with connected IoT devices. In some examples, a command is transmitted from a management service to a gateway device to permit a gateway client application to execute on the gateway device. A command to register an action in association with the gateway client application is also transmitted. The management service then commands the gateway device to perform the action, and receives an action results message with information about the action.

A method implements a web application that designs components. The method includes configuring a network interactively by receiving a network selection, updating network selection options using the network selection, and presenting network view updated using the network selection. The method includes generating a component listing for at least a part of the network of the network and using the network selection. The method includes configuring a component from the component listing interactively by receiving a component selection, updating component selection options using the component selection, and presenting a component view updated using the component selection. The method includes presenting a schedule, for the component listing, generated by simulating assembly of components, including the component, of the component listing using a planning system.

An information processing apparatus that outputs data to an outside through a connected network includes a plurality of communication interfaces connected to a plurality of different networks, at least one service providing unit for outputting the data, interface selection information for associating the service providing unit with the communication interface, and an output unit for outputting the data from a communication interface corresponding to a type of the service providing unit by referring to the interface selection information.

A method, a device, and a non-transitory storage medium are described in which an application layer network management service is provided. The service may allow third parties associated with an application layer network to develop and on-board application-aware logic that manages application services. The application-aware logic may include optimization of the application service and remedial procedures that address events associated with degradation and/or performance of the application service. The application-aware logic may be implemented in conjunction with other logic provisioned by a network provider.

During operation, an electronic device receives a packet or a frame associated with a second electronic device, where the packet or the frame includes information specifying a factory reset command. For example, the second electronic device may be a dynamic host configuration protocol (DHCP) server or may perform functions of a DHCP server. Moreover, the packet or the frame may include an acknowledgment (ACK) in a discover, offer, request and acknowledgment (DORA) procedure, and the information may be included in an option 43 subfield or an option 52 subfield in the packet or the frame. In response to receiving the factory reset command, the electronic device performs a factory reset. Note that the factory reset may restore firmware in the electronic device to a factory-fresh version and a configuration of the electronic device to a factory-fresh state, may erase memory in the electronic device.