Techniques are disclosed for transmitting a message to a user device in accordance with a determination that another device is unreachable over a network. In one example, a server device, at a first location, may identify a controller device resident at a second location, whereby the controller device is configured to communicate with a router at the second location. The server device may also receive a list of user devices. The server device may transmit a ping message to the controller device via the router to determine whether the controller device is unreachable by the server device. The server device may subsequently transmit a message to a user device on the list in accordance with a determination that the controller device is unreachable by the server device, whereby the message includes instructions for the user device to determine whether the controller device is unreachable by the user device.

The present disclosure is directed to systems and methods for auto-provisioning hubs and spokes in a SD-WAN network, and includes the performance of operations and/or the steps of receiving first information from a first network hub, the first network hub one of a plurality of network hubs, the first information indicating a first set of properties associated with the first network hub; publishing the first information to a plurality of network spokes, the plurality of network spokes determining whether to subscribe to the first network hub based on the first information; receiving subscription information from a first network spoke of the plurality of network spokes, the subscription information indicating the first network spoke subscribing to the first network hub; and creating at least one dynamic control policy to establish a forwarding path for the first network spoke through the first network hub.

A communication control device includes: a processor configured to: acquire identification information of a communication terminal from the communication terminal that is authenticated by communication via a wide area communication network; and when the identification information is included in a storage storing an information set in which associated are (i) the identification information of the communication terminal and (ii) specific connection unit information indicating a specific connection unit that is predetermined for the communication terminal in a narrow area communication network different from the wide area communication network, perform control such that the communication terminal is connected to the specific connection unit as a connection destination of the communication terminal, based on the specific connection unit information of the information set including the acquired identification information.

A system for connecting sites of an enterprise organization over a wide area network, including: customer premises equipment (CPE) at sites of the enterprise organization; wherein the CPE are configured to communicate using at least two VPNs over a wide area network (WAN) with other CPEs of the enterprise organization; wherein each CPE is connected by a service provider edge router to the WAN; and wherein each VPN defines a tunnel for routing traffic in the IP layer between the service provider edge routers of any two CPEs.

Techniques are disclosed for transmitting a message to a user device in accordance with a determination that another device is unreachable over a network. In one example, a server device, at a first location, may identify a controller device resident at a second location, whereby the controller device is configured to communicate with a router at the second location. The server device may also receive a list of user devices. The server device may transmit a ping message to the controller device via the router to determine whether the controller device is unreachable by the server device. The server device may subsequently transmit a message to a user device on the list in accordance with a determination that the controller device is unreachable by the server device, whereby the message includes instructions for the user device to determine whether the controller device is unreachable by the user device.

A radio communication equipment installed on a vehicle comprises a radio communicator configured to perform radio communication with a network, and a controller configured to perform call origination to a public safety answering point (PSAP) via the network, wherein the controller is configured to perform first call origination to the PSAP upon occurrence of an emergency, determine whether there is an abnormality in call upon the first call origination, and perform second call origination to the PSAP by a scheme different from a scheme used for the first call origination when there is an abnormality in call upon the first call origination.

In the context of management of handover roaming, a communication system comprises a first LPWAN network of a first operator and a second LPWAN network of a second operator. The first network comprises gathering gateways, a first server managing the gathering gateways, and a second server controlling the MAC layer. The second network comprises a third server interfacing fourth and fifth servers with the second server. Uplink frames of application data are transported from an end device of the second operator to the fourth server by successive relayings of the first, second and third servers. However, when the end device of the second operator requests joining the communication system in order to benefit from the services of the fourth server, the gathering gateways communicate with the fifth server, short-circuiting the first, second and third servers.

Some embodiments of the invention provide a method for detecting and remediating anomalies in an SD-WAN that includes a controller, an enterprise datacenter, and multiple branch sites each having at least one edge node that includes a set of packet processing stages. At the controller, the method receives from a particular node of a particular branch site a flow notification indicating detection of an anomaly on the particular node. Based on the anomaly, the method dynamically generates trace monitoring rules that specify one or more flows to be traced and provides the trace monitoring rules to the particular node and at least one other node of another branch site. From the particular node and the at least one other node, the method receives trace monitoring results collected in response to the provided trace monitoring rules, and analyzes the results to identify any anomalies and dynamic actions to correct the anomalies.

This disclosure is directed to monitoring a crypto-partitioned, or cipher-text, wide-area network (WAN). A first computing device may be situated in a plain-text portion of a first enclave behind a first inline network encryptor (INE). A second device may be positioned in a plain-text portion of a second enclave behind a second INE. The two enclaves may be separated by a cipher-text WAN, over which the two enclaved may communicate. The first computing device may receive a data packet from the second computing device. The first computing device may then determine contents of a header of the data packet. The first computing device may, based at least in part on the contents of the header of the data packet, determine a status of the cipher-text WAN.

A module with an embedded universal integrated circuit card (eUICC) can include a received eUICC profile and a set of cryptographic algorithms. The received eUICC profile can include an initial shared secret key for authentication with a wireless network. The module can receive a key K network token and send a key K module token to the wireless network. The module can use the key K network token, a derived module private key, and a key derivation function to derive a secret shared network key K that supports communication with the wireless network. The wireless network can use the received key K module token, a network private key, and the key derivation function in order to derive the same secret shared network key K derived by the module. The module and the wireless network can subsequently use the mutually derived key K to communicate using traditional wireless network standards.