Systems and methods for controlling operations of a Computer System (“CS”). The methods comprise: collecting information about events occurring in CS; performing automated ontogenesis operations using the collected information to determine a context of a given situation associated with CS using stored ontogenetic knowledge, define parameters for different sets of actions that could occur in the context of the given situation, simulate the sets of actions to generate a set of simulation results defining predicted consequences resulting from the performance of certain behaviors by nodes of CS, select a best simulation result from the set of simulation results, and determine whether a system action specified by the best simulation result might cause an undesirable unintended consequence; and using the parameters associated with the best simulation result to optimize control and performance of CS, when a determination is made that the system action will not cause the undesirable unintended consequence.

Method and system embodiments for assessing control maturity in security operations environments are described. According to some embodiments, the method facilitates a nonintrusive, automated means to configure and detect security controls installed in an Information Technology (IT) environment. The system verifies that these controls function as expected over a specified period of time and then maps each security control to a cell in a matrix of operational functions crossed with asset classes. The system captures metrics for security control activity that are displayed in the matrix to facilitate an assessment of security control architectural maturity. The system automatically generates visual and textual reports that provide recommendations to improve cybersecurity by enhancing existing and adding new controls, specify a suggested timeline for introducing those controls, and document gaps in compliance. The reports include automated remediation recommendations per compliance framework, including the ability to apply custom frameworks.

This disclosure describes techniques for identifying blocked paths and network configuration settings that block paths in networks, such as network paths in a virtual private cloud (VPC). The configuration of virtual networks depends on the correct configuration of many networking resources, such as firewalls, security groups, routing lists, access control lists (ACLs), and the like. In some cases, an analysis that uses formal methods can be performed to determine a network configuration of a virtual network. Using the network configuration information, network paths that are blocked and network configuration settings that may be blocking one or more of the network paths can be determined. The PAS can provide an explanation of what is blocking the network paths. For example, the PAS may identify that a configuration setting of a firewall, router, network gateway, an access control list (ACL), and the like may be blocking a network path.

An approach is provided for managing the configurations of printing devices in a distributed environment where printing devices are initially configured at a first physical location and then reconfigured at a second physical location. A configuration manager provides configuration data to a configuration system at the first location to be used to initially configure printing devices. The configuration manager also provides the configuration data to a device management system at the second physical location. The configuration manager receives changes to the configuration data from the device management system at the second physical location and propagates the changes to the configuration system at the first physical location. The configuration manager also tracks the configuration state of printing devices at both the first physical location and the second physical location.

A configuration of a service of a cloud computing system is rendered in a user interface of an electronic display, according to a discovery chain generated by a networking tool using a service discovery function to establish the configuration. The configuration includes one or more of a router, a splitter, and/or a resolver, each having one or more configuration files that are represented as a graphical element within a graphical representation of the one or more of the router, the splitter, and/or the resolver. The configuration further includes data traffic routes between pairs of the configuration files, each being represented in the UI as a line between each pair of configuration files, where each line is rendered in the UI so as to avoid crossing over any graphical element that represents a configuration file.

Described herein are systems, methods, and software to enhance the management of responses to incidents. In one example, a method of improving incident response comprises identifying an incident in an information technology (IT) environment associated with a first entity of a plurality of entities, and identifying action implementation information related to the incident. The method further anonymizes the action implementation information for the incident, and determines action suggestions based at least on the anonymized action implementation information.

The application is at least directed to a core network including a non-transitory memory having instructions stored thereon for registering a network function or network function template in the core network. The network includes a processor, operably coupled to the non-transitory memory. The processor is configured to perform the instruction of determining that registration of the network function or network function template is acceptable. The processor is also configured to perform the instruction of transmitting a message including the network function or network function template to a repository in the core network. The processor is also configured to perform the instruction of verifying the network function or network function template against existing policies in the core network. The processor is also configured to perform the instruction of registering the network function or network function template in the repository after verification. The application is also directed to a core network that discovers a network function or network function template therein. The application is also directed to a core network that instantiates a network function.

Implementations described and claimed herein provide systems and methods for correlating one or more service areas of a network with one or more geolocation coordinates to determine available services for customers to the network. A service polygon may be generated that define an area in which a particular service offered by a communications network is available. The boundaries of the service polygons may be adjusted based on information corresponding to physical features of the initial area. The service polygons may aid a communications network in providing a list of available services to potential customers or devices connected to the network by determining one or more geolocation coordinate values of a potential connection site and comparing the values to the service polygons. A network management system may determine the available services, current or in the future, to offer such services to a customer to the network.

Systems and methods for implementing a network metering system which includes a classifier which measures network usage by device, application, device and application and time of day, where the device is given an end-user identifiable device type name based on characteristics of network traffic the device carried, and at least in part based on the upstream domain names the device has interacted with; and a traffic shaper that allows device network traffic and application network traffic to be individually controlled with control settings, including blocking, blocking by time of day, blocking when usage limits are reached, rate limiting and rate limiting by time of day.

Embodiments of a device and method are disclosed. In an embodiment, a method of network device troubleshooting involves at a cloud server, assigning a troubleshooting task for troubleshooting a network device deployed at a customer site to an operator, at the cloud server, receiving data regarding an issue in the network device that is gathered by the operator at the customer site, and, at the cloud server, recommending a remedy action for the issue in the network device to the operator based on the data regarding the issue in the network device.