A machine-implemented method for controlling a configuration data item in a storage-equipped device having at least two security domains, comprising receiving, by one of the security domains, a configuration data item; storing the configuration data item; providing a security indication for the configuration data item; and when an event indicates untrustworthiness of the data item, invalidating a configuration effect of the stored configuration data item. Further provided is a machine-implemented method for controlling a storage-equipped device as a node in a network of devices, comprising receiving information that a data source or type of a configuration data item is untrusted; analysing metadata for the data source and the configuration data item; populating a knowledge base with analysed metadata; and responsive to the analysed metadata, transmitting security information to the network of devices. A corresponding device and computer program product are also described.

Techniques for deployment of policies to computing devices are described herein. The techniques can include a server deploying a passive policy to the computing devices. After deploying the passive policy, data is collected from each of the computing devices regarding operation of the computing device. The server monitors, based on comparing the passive policy to the collected data, compliance of each computing device with the passive policy. The server determines, based on the monitoring, a set of the computing devices that exhibit a policy violation associated with the passive policy. The server deploys an active policy to the set of computing devices. The active policy corresponds to the passive policy, and deploying the active policy causes one or more actions that correspond to the policy violation to be performed on each of the set of computing devices.

Examples described herein relate to systems and methods for updating configuration data. A method implemented by a computer may include receiving updated configuration data from a control core. Earlier configuration data with a time stamp may be stored in an archive storing additional earlier configuration data with respective time stamps. Responsive to the updated configuration data not being faulty, content may be distributed using the updated configuration data. Responsive to the updated configuration data being faulty, a fault may be communicated to a monitoring system, and commands from the monitoring system may be received and executed to: revert to an earlier configuration data corresponding to a specific earlier time, and disregard any further updated configuration data from the control core until instructed otherwise by the monitoring system. Content may be distributed using the earlier configuration data to which the computer is reverted.

Systems and methods for rollback of model-based provisioned network device configuration including a memory capable of storing a model-based provisioned data template that includes a data template sequence. Data associated with a request to transmit a target object request message are received and transmitted following a retrieval message that determines pre-configuration data of the target device. The pre-configuration data is stored and the target object request message is sent specifying CRUD semantics. A notification is received indicating an outcome of the execution and, if the execution outcome is unsuccessful, a rollback stack is retrieved that specifies CRUD semantics and the pre-configuration parameters are retrieved to restore the target device to a pre-request state. If the execution outcome is successful, a second target object request message is retrieved from a list of target devices.

Various embodiments disclosed herein are related to a non-transitory computer readable storage medium. In some embodiments, the medium includes instructions stored thereon that, when executed by a processor, cause the processor to receive, at a node of a cluster on an edge network, an indication that the cluster received a configuration update, compare a first parameter of a configuration state of the node to a second parameter of the configuration update, determine if the first parameter matches the second parameter, in response to determining that the first parameter matches the second parameter, apply the configuration update, and collect data in accordance with the configuration update.

Various embodiments are described herein to track and/or update the state of components within a network element. One embodiment provides for a network management system comprising a collector node including an ingest gateway to receive configuration and status data of a set of network elements coupled to the collector node via the network, the collector node further to store the configuration and status data from the set of network elements in a distributed database; a search engine to locate and retrieve the configuration and status data of a specified subset of the network elements at a specified time period; and an interface server to receive a request for the configuration and status data from an external requester, the interface server to facilitate provision of the configuration and status data in response to the request.

Various embodiments disclosed herein are related to a non-transitory computer readable storage medium. In some embodiments, the medium includes instructions stored thereon that, when executed by a processor, cause the processor to receive, at a node of a cluster on an edge network, an indication that the cluster received a configuration update, compare a first parameter of a configuration state of the node to a second parameter of the configuration update, determine if the first parameter matches the second parameter, in response to determining that the first parameter matches the second parameter, apply the configuration update, and collect data in accordance with the configuration update.

Various embodiments disclosed herein are related to an apparatus. In some embodiments, the apparatus includes a processor and a memory. In some embodiments, the memory includes instructions that, when executed by the processor, cause the apparatus to collect, at a cloud server, service data from a collector framework service of an edge network. In some embodiments, the memory includes instructions that, when executed by the processor, cause the apparatus to provide a configuration to the collector framework service based on the service data.

Examples include systems and methods for providing automatic techniques for provisioning a computing device with an operating system and network processing functions. Some examples include automatically initiating a network handling module for configuring or programming a network interface card in a computing device to enable a network processing function while rebooting the computing device post operating system installation.

Systems and methods for rollback of model-based provisioned network device configuration including a memory capable of storing a model-based provisioned data template that includes a data template sequence. Data associated with a request to transmit a target object request message are received and transmitted following a retrieval message that determines pre-configuration data of the target device. The pre-configuration data is stored and the target object request message is sent specifying CRUD semantics. A notification is received indicating an outcome of the execution and, if the execution outcome is unsuccessful, a rollback stack is retrieved that specifies CRUD semantics and the pre-configuration parameters are retrieved to restore the target device to a pre-request state. If the execution outcome is successful, a second target object request message is retrieved from a list of target devices.