A system for negotiating Ethernet link settings between interconnected nodes in a network having an Ethernet protocol stack that includes a PCS sub-layer with an auto-negotiation function. The system comprises connecting an intermediate device coupled between two network nodes via optical or copper interfaces, with the link settings between each node and the connected intermediate device being the same, thereby bypassing the auto-negotiation of the PCS sub-layer in the intermediate device. The intermediate device may transparently send negotiation messages from each node to the other during the link negotiation phase without interacting with those messages. Instead of the intermediate device, a single form pluggable (SFP) device may be connected between the two network nodes via optical or copper interfaces on the network side and via an SFP slot on the device side.

According to various embodiments, an electronic device may comprise: at least one communication circuit, and at least one processor, and the at least one processor may be configured to: receive, from an external electronic device through the at least one communication circuit, a message requesting network configuration information including network role information set to a configurator, transmit, to the external electronic device through the at least one communication circuit, a message including network configuration information of the electronic device, update the network configuration information, transmit, to the external electronic device through the at least one communication circuit, a message indicating that the network configuration information is updated, and transmit, to the external electronic device through the at least one communication circuit, a message including updated network configuration information.

Implementations of the present disclosure include receiving analytical attack graph data representative of an analytical attack graph, the analytical attack graph including: one or more rule nodes each representing a network configuration rule; and one or more impact nodes each representing an impact of one or more respective network configuration rules; converting the analytical attack graph to a tactic graph including one or more tactic nodes, each tactic node representing at least one rule node and at least one impact node; determining one or more paths of the tactic graph that lead to a particular network impact; generating a process model based on the paths that lead to the particular network impact, the process model representing network activity for execution of a process that leads to the particular network impact; and executing one or more remedial actions based on the process model to mitigate cyber-security risk to the enterprise network.

Techniques are described for enabling a cloud-based IT and security operations application to execute playbooks containing custom code in a manner that mitigates types of risk related to the misuse of cloud-based resources and security of user data. Users use a client application to create and modify playbooks and, upon receiving input to save a playbook, the client application determines whether the playbook includes custom code. If the client application determines that the playbook includes custom code, the client application establishes a connection with a proxy application (also referred to as an “automation broker”) running in the user's own on-premises network and sends a representation of the playbook to the proxy application. The client application further sends to the IT and security operations application an identifier of the playbook and an indication that the playbook (or the custom code portions of the playbook) is stored within the user's on-premises network.

This relates generally to create and manage cloud infrastructure, and more specifically, intelligently integrating one or more cloud infrastructure tools for creating cloud infrastructures. An example method includes, at a server associated with a cloud management platform, receiving a configuration file associated with a cloud infrastructure tool describing a desired state of a cloud infrastructure; creating a hybrid cloud template by incorporating content from the configuration file into a native cloud template within the cloud management platform; determining whether one or more updates for achieving the desired state of the cloud infrastructure based on the hybrid cloud template are valid; upon determining that the one or more updates are valid: creating the cloud infrastructure to achieve the desired state of the cloud infrastructure in accordance with the hybrid cloud template using the cloud infrastructure tool; and storing state information of the cloud infrastructure after the cloud infrastructure is created.

A configuration apparatus includes a processor and a memory. The processor is configured to obtain first data of a first device, the first data indicating that the first device is ready for network configuration. The memory is configured to store network configuration data of a second device. The processor is further configured to: obtain the network configuration data of the second device, and send the network configuration data to the first device, the network configuration data being used to configure the first device to be in a same network connection state as the second device. A power path exists between the first device and the second device, and at least one of the first data or the network configuration data is transmitted through the power path.

In one embodiment, a service associates a plurality of descriptive tags with a node in a network, based on an inspection of packets sent by the node that is performed by one or more sensors deployed to the network. The service identifies, based on the plurality of descriptive tags, data to be extracted from traffic of the node by an edge device located at an edge of the network. The service determines, based on the plurality of descriptive tags, an external destination to which the data should be sent by the edge device after extraction. The service sends a data pipeline configuration to the edge device, wherein the data pipeline configuration causes the edge device to extract the data from the traffic sent by the node and to send the data to the external destination.

A method for automated web resource deployment is provided. The method comprises creating web resource publication requests, wherein each web resource publication request comprises a number of configuration changes necessary to publish a web resource, on a network, at a particular uniform resource location. A standard format, validation workflow, and an approval workflow are provided for automation of the web resource publication requests. Once validated and approved, web resource publication requests are automatically converted to API calls which are executed on backend servers to implement the configuration changes required in the environment without further human intervention.

Methods, apparatuses and systems for cloud-based disaster recovery are provided. The method, for example, includes receiving, at a cloud-based computing platform, first internet protocol (IP) information relating to a first network environment associated with a server used by a client machine; translating the first IP information, without having to interpose a camouflage layer into the first IP information, and generating second IP information based on the translated first IP information, the second IP information used for creating a second network environment for the server; creating the second network environment for the server; and deploying the server in the created second environment.

Implementations generally relate methods, systems, and computer readable media for providing automatic access point registration. In some implementations, a method includes receiving an indication of automatic device onboarding activation. The method further includes receiving a selection of one or more reference devices. The method further includes determining one or more detectable devices of the one or more candidate devices to be onboarded that are detectable by at least one of the one or more reference devices. The method further includes obtaining one or more automatic configuration parameters from one or more of the reference devices. The method further includes configuring one or more of the detectable devices to be onboarded with the one or more automatic configuration parameters.