Abstract: Methods are provided for a collaborative, decentralized insight engineering based on exchanging telemetry vectors with peer network devices. Each network device independently detects a deviation in its functioning using machine learning of generated feature vectors. Specifically, the methods involve obtaining, from at least one peer network device, at least a first feature vector that represents at least one insight generated from telemetry data of a respective peer network device. The intermediate network device and the at least one peer network device are configured to forward packets of a traffic flow. The methods further involve determining whether a deviation related to one or more of the network devices, exists based at least on the first feature vector and performing the at least one predefined action based on determining that the deviation exists.

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.

Abstract: Techniques for system self-assessment using a state identity vector are described. In one embodiment, a method includes obtaining a policy that includes a combination of a plurality of features and a set of desired values for the features. The method also includes comparing the policy to a device fingerprint for a network device and determining compliance with the policy based on the comparison between the device fingerprint and the combination of features. The device fingerprint comprises a multi-bit word having a plurality of positions, with each position representing a feature associated with the network device. Upon determining that the network device is not in compliance with one or more features included in the combination of features of the policy, the method includes implementing a responsive action by the network device according to a schema that defines instructions for each feature represented by the plurality of positions in the device fingerprint.

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.

Abstract: Techniques for system self-assessment using a state identity vector are described. In one embodiment, a method includes obtaining a policy that includes a combination of a plurality of features and a set of desired values for the features. The method also includes comparing the policy to a device fingerprint for a network device and determining compliance with the policy based on the comparison between the device fingerprint and the combination of features. The device fingerprint comprises a multi-bit word having a plurality of positions, with each position representing a feature associated with the network device. Upon determining that the network device is not in compliance with one or more features included in the combination of features of the policy, the method includes implementing a responsive action by the network device according to a schema that defines instructions for each feature represented by the plurality of positions in the device fingerprint.

Abstract: A management entity receives device fingerprints representing corresponding devices connected to one or more networks. Each device fingerprint includes a multi-bit word indicating hardware, software, network configuration, and failure features for a corresponding one of the devices. The management entity processes the device fingerprints using different methods including statistical risk of failure scoring methods and machine learning risk of failure scoring methods, to produce from each of the methods a respective risk of failure for each device. The management entity combines the respective risk of failures for each device into a composite risk of failure for each device, ranks the devices based on the composite risk of failures for the devices, to produce a risk ranking of the devices, and outputs the risk ranking.