Disclosed are various embodiments for on-demand application-driven network slicing. In one embodiment, it is determined that an application implemented in a particular computing device has an increased quality-of-service requirement in order to send or receive data via a communications network. The increased quality-of-service requirement is greater than an existing quality-of-service provided to the application by the communications network. The application sends a request that causes capacity in a network slice having the increased quality-of-service requirement in the communications network to be allocated for the application. The data is transmitted to or from the application using the network slice.

Provided a management apparatus including a maintenance mode setting unit that transitions a first virtualization infrastructure (NFVI0) to a maintenance mode, a mobility control unit that at least instructs a virtualization deployment unit (VDU) on the first virtualization infrastructure in the maintenance mode to move to a second virtualization infrastructure (NFVI1), and a maintenance mode release unit that releases the maintenance mode of the first virtualization infrastructure (NFVI0).

A method includes polling, via a service specific manager operating on a software container in a cloud infrastructure, usage of different application resources and parameters for each service of a plurality of services provided in the cloud infrastructure to yield respective polled data for each service, collating, at the service specific manager, the respective polled data for each service to yield a collation, and based on the collation, deriving a respective weight for each service which a container manager can use to create multiple instances of a new service. The method further includes communicating the respective weight for each service to the container manager and determining, via the container manager, whether to scale up or scale down container services based on the respective weight for each service.

Next generation network architectures enable instantiation of network slices in which traffic may be transported via one or more virtual networks overlaying the physical network infrastructure. To enable a slice management system to be able to obtain information on virtual networks of instantiated network slices, such as utilization data indicative of at least one of: a bandwidth capacity, computing capacity and storage capacity of one or more physical links via which traffic of the virtual networks is routed, an interfacing system is provided. The interfacing system may establish an interface between the slice management system operating in the domain of network slices and the network management system operating in the domain of physical network equipment, and thereby enable the slice management system to take into account such utilization data in its slice management operation.

Next generation network architectures enable instantiation of network slices in which traffic may be transported via one or more virtual networks overlaying the physical network infrastructure. To enable a slice management system to be able to obtain information on virtual networks of instantiated network slices, such as utilization data indicative of at least one of: a bandwidth capacity, computing capacity and storage capacity of one or more physical links via which traffic of the virtual networks is routed, an interfacing system is provided. The interfacing system may establish an interface between the slice management system operating in the domain of network slices and the network management system operating in the domain of physical network equipment, and thereby enable the slice management system to take into account such utilization data in its slice management operation.

A system includes an orchestrator for a software-defined network and configured to receive a request for operation of the software-defined network, a software-defined network controller in communication with the orchestrator through a northbound application programming interface, at least one network element in communication with the software defined network controller though a southbound application programming interface, and a mutable network element configured to receive the request and instantiate a virtual function within the mutable network element to test the at least one network element in accordance with the request.

Sharing data in a data exchange across multiple cloud computing platforms and/or cloud computing platform regions is described. An example method can include generating a consumer account corresponding to a first cloud entity and receiving, by the first cloud entity, a copy of a data set from a provider account corresponding to a second cloud computing entity, wherein the first cloud computing entity and the second cloud computing entity represent different regions of a cloud computing platform. The method may also include accessing, by the consumer account, the copy of the data set.

Described herein are a device and a method for performing a network analysis. In one aspect, the device includes a reconfigurable neural network circuit to determine an indication of a predicted network characteristic. In one aspect, the reconfigurable neural network circuit includes a control circuit to select a packet attribute or a flow attribute of a raw packet stream from a pipeline, and determine a configuration setting corresponding to the packet attribute or the flow attribute. The configuration setting may indicate a configuration of the reconfigurable neural network circuit to implement a neural network. In one aspect, the reconfigurable neural network circuit includes a storage to provide neural network parameters of the neural network, according to the configuration setting. In one aspect, the reconfigurable neural network circuit includes computational circuits to perform computations based on the neural network parameters from the storage to determine the indication of the predicted network characteristic.

Some embodiments provide a set of one or more network controllers that communicates with a wide range of devices, ranging from switches to appliances such as firewalls, load balancers, etc. The set of network controllers communicates with such devices to connect them to its managed virtual networks. The set of network controllers can define each virtual network through software switches and/or software appliances. To extend the control beyond software network elements, some embodiments implement a database server on each dedicated hardware. The set of network controllers accesses the database server to send management data. The hardware then translates the management data to connect to a managed virtual network.

A method and an apparatus are provided for deploying a security access control policy in the field of network security. The method, executed by a cloud management platform, includes: determining, according to an application creation instruction, an application template used for an application that needs to be created and a security profile corresponding to the application template; instructing a virtualization platform to create, according to the application template, a corresponding virtual machine for each application component in the application, and obtaining an IP address of each virtual machine created by the virtualization platform; generating a group of security access control policies corresponding to the application according to the IP address of each virtual machine and by using the security profile; and delivering the group of security access control policies to a corresponding firewall. Therefore, a security access control policy is automatically deployed.