The invention relates to an industrial system comprising machines, systems for controlling machines connected by a first communication network, and a gateway intended to connect the first communication network to a second communication network. The gateway comprises a memory and comprises a processor configured to copy to the memory first data transmitted over the second communication network and relating to the operation of the machines.

In one embodiment, a device in a network observes traffic between a client and a server for an encrypted session. The device makes a determination that a server certificate should be obtained from the server. The device, based on the determination, sends a handshake probe to the server. The device extracts server certificate information from a handshake response from the server that the server sent in response to the handshake probe. The device uses the extracted server certificate information to analyze the traffic between the client and the server.

This application discloses a method and an apparatus for defending against a network attack, to resolve a problem that network defense costs are relatively high. The method includes: a network security device receives a first packet sent by an external device, and matches a destination IP address of the first packet with configuration information of a fake network. If an IP address of a node in the configuration information of the fake network has a same subnet prefix as the destination IP address, the network security device processes the first packet based on a fake network policy; if no IP address of a node in the configuration information of the fake network has a same subnet prefix as the destination IP address, the network security device processes the first packet based on a firewall policy.

Systems and method of detecting and blocking malicious attacks on a computer network, including: receiving, by a memory constrained gateway in communication with the computer network, a communication request from at least one device, identifying the type of the at least one device based on the received communication request, verifying that the device is of an allowed type from a predetermined list of allowed device types, checking at least one signature of the received communication request of the allowed device to detect malicious signatures, and blocking communication requests from devices with at least one malicious signature.

A privatized link between an origin server and a content delivery network is provided. A privatized link can be a direct connection that does not route over the internet. Another privatized link is one that rotates IP addresses. An origin server may be assigned to use a set of multiple IP addresses for communication with the content delivery network. However, at any given time, the origin server is only using a small number of IP addresses. When one of the IP addresses being used to communicate with the content delivery network comes under attack, the origin server switches to another IP address in the set in order to continue serving content to the content delivery network via an IP address that is not under attack.

A method for managing data includes obtaining, by a service function chain (SFC) orchestrator, a SFC request for a SFC, wherein the SFC comprises at least one virtual network function (VNF) and one service, in response to the SFC request: determining a set of candidate local data systems (LDSs) based on a resource availability mapping, performing a LDS analysis on the set of candidate LDSs, based on the LDS analysis: assigning the VNF to a candidate LDS of the set of candidate LDSs, assigning the service to a second LDS of the set of candidate LDSs, and based on the assigning of the VNF and the assigning of the service, initiating a deployment of the VNF and the service.

A method at a first domain for obtaining at least one insight from a second domain, the method including synchronizing a permissions table at the first domain with a master permissions table at a network element; receiving a request for an insight from an application at a bridge in the first domain; confirming an identity of the application; verifying, at the bridge, application permissions using the permissions table at the first domain, the verifying confirming that the application has permission to access the insight; sending a request message from the first domain to the second domain, the request message being signed by a private key of the first domain and requesting the insight; and receiving the insight from the second domain.

An information processing apparatus stores a plurality of setting values prepared for making a setting of the information processing apparatus, receives selection of one item from a user from among a plurality of items associated with a plurality of use environments, as a use environment corresponding to a first communication interface, receives selection of one item from a user from among a plurality of items associated with the plurality of use environments, as a use environment corresponding to a second communication interface, and makes a setting based on a first setting value group that is included in the plurality of setting values and corresponds to an environment selected as a use environment corresponding to the first communication interface, and a second setting value group that is included in the plurality of setting values and corresponds to an environment selected as a use environment corresponding to the second communication interface.

A computer-implemented method for managing a memory in a network, to which, in particular, a unit for detecting or preventing undesirable network intrusions is assigned. A first message is received by a user of the network, and it is randomly decided whether or not the first message is to be stored in the memory. Depending on the random decision, the first message is stored or is not stored in the memory.

A flexible security system has been created that allows for fluid security operations that adapt to the dynamic nature of user behavior while also allowing the security related operations themselves to be dynamic. This flexible system includes ongoing collection and/or updating of multi-perspective “security contexts” per actor and facilitating consumption of these multi-perspective security contexts for security related operations on the users. These security related operations can include policy-based security enforcement and inspection. A security platform component or security entity uses a multi-perspective security context for a user or actor. Aggregating and maintaining behavioral information into a data structure for an actor over time from different sources allows a security platform component or entity to have historical context for an actor from one or more security perspectives. Descriptors that form a security context can originate from various sources having visibility of user behavior and/or user attributes.