Method for device commissioning in a network system and network system

What is claimed is: 1 . A method for admitting an application device in a network system with a network core unit, a network-managing unit, a device-managing unit, and a network data-infrastructure, the method comprising: authenticating the application device on network-level by the network core unit; notifying the network-managing unit about an authenticating result by the network core unit; configuring the network data-infrastructure by the network-managing unit to provide a connectivity between the network-managing unit and the device-managing unit; performing an authenticating action for the application device by the device-managing unit for authenticating the access device on application-level; notifying the network-managing unit by the device-managing unit about the authentication result; and configuring the network data-infrastructure by the network-managing unit to provide an isolated logical network connectivity between the application device and other equally authenticated application devices. 2 . The method according to claim 1 , the method further comprising, before authenticating by the network core unit an application device on network-level, configuring the network-managing unit and the device-managing unit as a network for commissioning. 3 . The method according to claim 2 , wherein configuring by the network-managing unit the network data-infrastructure to provide a connectivity between the network-managing unit and the device-managing unit further comprises admitting the application device to the commissioning network. 4 . A network system comprising: a network data-infrastructure; a network core unit connected to the network data-infrastructure and configured for authenticating an application device on network-level and for notifying the network-managing unit about an authenticating result; a network-managing unit connected to the network core unit and the network data-infrastructure and configured for configuring the network data-infrastructure to provide a connectivity between the network-managing unit and the device-managing unit, and admitting an application device to the network system; a device-managing unit connected to the network-managing unit and configured for performing an authenticating action for the application device for authenticating the access device on application-level; and notifying the network-managing unit about the authentication result; wherein the network-managing unit is further configured for configuring the network data-infrastructure to provide an isolated logical network connectivity between the application device and other equally authenticated application devices. 5 . The network system according to claim 4 , wherein the network managing unit comprises a network resource-managing unit configured to setup a commissioning network comprising the network-managing unit and the device-managing unit as a separated sub-network and to move the application device to the commissioning network when a verified network-level identity of the application device is available. 6 . The network system according to claim 5 , wherein the device-managing unit is further configured to perform the authenticating action within the commissioning network. 7 . The network system according to claim 6 , wherein the network resource-managing unit is further configured to move the application device from the commissioning network to an application network in a step after the performing the authenticating action by the device-managing unit. 8 . The network system according to claim 5 , wherein the commissioning network is configurable to be a temporary network or a resident network. 9 . The network system according to claim 5 , wherein the network-managing unit is further configured for checking connectivity requirements before moving the access requesting application device to the application network and configuring the data forwarding to fulfill these requirements. 10 . The network system according to claim 4 , wherein the authenticating action includes using predefined credentials. 11 . The network system according to claim 4 , wherein the authenticating action is based on a single secure identity used also in network-level authentication of the application device in the device-managing unit. 12 . The network system according to claim 4 , wherein the commissioning network and the application network are logical networks, wherein at least the commissioning network and/or the application network is a VLAN or a stream forwarding domain identified by any combination Ethernet and IP header and service information. 13 . The network system according to claim 4 , wherein the physical network is one or several of IEEE 802.3 Ethernet, IEEE 802.3cg APL, 3GPP rel15, 5G, 3GPP NB-IoT, Bluetooth Low Energy, BLE. 14 . The network system according to claim 4 , wherein the application is based on OPC UA client/server sessions or publish/subscribe or Representational State Transfer, REST-based application and management protocols. 15 . The network system according to claim 4 , wherein the device-managing unit is configured to use additionally location based data for authentication. 16 . The network system according to claim 4 , wherein the location is one of the following: a geospatial location, a radio direction, a wired connection point, a switch port, GPS coordinates, a radio beam direction, a distance, an IO port.