Abstract: Systems and methods to identify a plurality of different snapshot versions for a rollback to a previous configuration for subsets of network infrastructure devices is disclosed. A plurality of different network device configuration snapshots is identified and a set of snapshot checkpoints that each include a set of related parameter settings for each different network device are selected as a rollback configuration snapshot for that device. Each device may be associated with automated validation capabilities to validate a proposed rollback version. The computer system may iterate through a set of versions of snapshots and automatically initiate validation capabilities to validate a proposed rollback for the first logical grouping. Determination of a set of configurations may be based on a version control tag to restore a network to an operational state, never before seen in operation, that has a high degree of confidence, in part, because validation tests were successful.

Abstract: A method that includes receiving, from a client device, a pre-selected period of time, and determining whether multiple data values corresponding to the pre-selected period of time exceeds a threshold permitted by a network service request is provided. The method includes determining an interval at which the network service request is made based on the pre-selected period of time, and constructing a query that requests the data values with a constraint, wherein the constraint reduces the data values corresponding to the pre-selected period of time to a subset of data values that preserve a data quality. The method also includes making the network service request using the query and displaying results received in a response to the network service request.

Abstract: A computer-implemented method includes receiving, at a client device, a plurality of monitors each including at least one resource related to a network device; automatically displaying, on the client device, a subset of the plurality of monitors including the at least one resource on a first time series chart based on a pre-determined risk factor; at least one of (1) selecting, using the client device, at least one monitor not included in the subset and included in the plurality of monitors, and (2) un-selecting, using the client device, at least one monitor included in the subset, and thereby obtain a customized set of monitors and resources; accessing, using the client device, a time series database associated to the network device to query for data related to resources included in the customized set of monitors; and displaying, on the client device, the customized set of monitors and the included resources on a second time series chart.

Abstract: A computer-implemented method includes receiving, at a client device, a plurality of monitors each including at least one resource related to a network device; automatically displaying, on the client device, a subset of the plurality of monitors including the at least one resource on a first time series chart based on a pre-determined risk factor; at least one of (1) selecting, using the client device, at least one monitor not included in the subset and included in the plurality of monitors, and (2) un-selecting, using the client device, at least one monitor included in the subset, and thereby obtain a customized set of monitors and resources; accessing, using the client device, a time series database associated to the network device to query for data related to resources included in the customized set of monitors; and displaying, on the client device, the customized set of monitors and the included resources on a second time series chart.

Abstract: A method that includes receiving, from a client device, a pre-selected period of time, and determining whether multiple data values corresponding to the pre-selected period of time exceeds a threshold permitted by a network service request is provided. The method includes determining an interval at which the network service request is made based on the pre-selected period of time, and constructing a query that requests the data values with a constraint, wherein the constraint reduces the data values corresponding to the pre-selected period of time to a subset of data values that preserve a data quality. The method also includes making the network service request using the query and displaying results received in a response to the network service request.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing security in a network are disclosed. A plurality of security policies associated with a plurality of network data anomalies are provided at a network management system. Each one of the plurality of security policies defines a network data anomaly specific mitigation response for each one of the plurality of network data anomalies. A first network data anomaly is detected at the network management system. A determination is made at the network management system regarding whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly. A first mitigation command is issued from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination.

Abstract: A method of managing security in a network is described. A data anomaly at a first location on a network is detected. A source of this data anomaly is identified. The source is compared with a plurality of access control policies, wherein each of the plurality of access control policies comprises at least one access restriction instruction associated with one or more sources. Based on the comparing, the source is associated with a corresponding one of the plurality of access control policies.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing a potential security threat to a network are disclosed. Network data received at a network system within a network is monitored at a network management system. A determination is made at the network management system regarding whether the network data received at the network system poses a potential security threat to the network. A threat type associated with the potential security threat is identified at the network management system based on the determination. A threat assessment system operable to evaluate the identified threat type is identified at the network management system. A command is issued from the network management system to the network system to mirror network data received at the network system to the identified threat assessment system.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing a potential security threat to a network are disclosed. Network data received at a network system within a network is monitored at a network management system. A determination is made at the network management system regarding whether the network data received at the network system poses a potential security threat to the network. A threat type associated with the potential security threat is identified at the network management system based on the determination. A threat assessment system operable to evaluate the identified threat type is identified at the network management system. A command is issued from the network management system to the network system to mirror network data received at the network system to the identified threat assessment system.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing a potential security threat to a network are disclosed. Network data received at a network system within a network is monitored at a network management system. A determination is made at the network management system regarding whether the network data received at the network system poses a potential security threat to the network. A threat type associated with the potential security threat is identified at the network management system based on the determination. A threat assessment system operable to evaluate the identified threat type is identified at the network management system. A command is issued from the network management system to the network system to mirror network data received at the network system to the identified threat assessment system.

Abstract: A system on a computer network device for managing a network access device capability arranged to alert a computer network administrator if a network access device lacks the capability to implement a user access profile.

Abstract: A method of managing security in a network is described. A data anomaly at a first location on a network is detected. A source of this data anomaly is identified. The source is compared with a plurality of access control policies, wherein each of the plurality of access control policies comprises at least one access restriction instruction associated with one or more sources. Based on the comparing, the source is associated with a corresponding one of the plurality of access control policies.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing security in a network are disclosed. A plurality of security policies associated with a plurality of network data anomalies are provided at a network management system. Each one of the plurality of security policies defines a network data anomaly specific mitigation response for each one of the plurality of network data anomalies. A first network data anomaly is detected at the network management system. A determination is made at the network management system regarding whether a first one of the plurality of security policies defines a first network data anomaly specific mitigation response to the first network data anomaly. A first mitigation command is issued from the network management system to at least one network system to implement the first network data anomaly specific mitigation response for a pre-defined period of time in accordance with the first security policy based on the determination.

Abstract: Methods, systems and computer readable mediums storing computer executable programs for managing a potential security threat to a network are disclosed. Network data received at a network system within a network is monitored at a network management system. A determination is made at the network management system regarding whether the network data received at the network system poses a potential security threat to the network. A threat type associated with the potential security threat is identified at the network management system based on the determination. A threat assessment system operable to evaluate the identified threat type is identified at the network management system. A command is issued from the network management system to the network system to mirror network data received at the network system to the identified threat assessment system.

Abstract: Systems, methodologies, media, and other embodiments associated with network login security are described. One exemplary system embodiment includes a network edge logic configured to receive information related to a network login request, to gather information associated with the user, and, to gather information related to the user's system. The system further includes a server comprising an identity management agent configured to determine access rights to a network based on the user login request, gathered information associated with the user, gathered information related to the user's system, and, stored access profile information.

Abstract: A system on a computer network device for managing a network access device capability arranged to alert a computer network administrator if a network access device lacks the capability to implement a user access profile.