A method for a connection mechanism in a public cloud network is disclosed. The method includes acquiring a plurality of connection credentials from a public cloud portal (PCP) Admin Device; pairing and registration with a private cloud virtual private network (VPN) server (PCVS) from a private matter gateway (PMG); establishing a plurality of initial VPN tunnels between the PCVS and the PMG; connecting to the PMG on demand between a PCVS smart device client and the PMG through the PCVS; and running a plurality of vertical peer-to-peer (P2P) private and secure PCVS smart device client applications between at least one PCVS smart device client and one of at least one PMG smart device client, at least one PMG network service and another PCVS smart device client.

A device implementing the subject system may include at least one processor configured to receive, by a first system process, a first network address that corresponds to a domain name that was resolved by a second system process, the resolving having been responsive to a resolution request therefor by an application process. The at least one processor may be further configured to receive, by the first system process, a second network address for which a network connection was opened by the application process. The at least one processor may be further configured to, responsive to determining that the application process opened a network connection for a network address for which the application process did not provide, to the second system process, a resolution request for the corresponding domain name, provide, by the first system process, an indication of the network address in conjunction with an indication of the application process.

Techniques are described for provisioning Wi-Fi network connectivity for a wireless device without requiring a user to provide network credentials to allow the wireless device to establish a network connection. In some implementations, a method is performed by a computing device to provision a wireless network connection. A MAC address associated with a property is obtained. A temporary network credential for the wireless device is determined based on the MAC Address of the wireless device. The temporary network credential permits the wireless device to connect to a temporary network. The temporary network credential for the wireless device is available over the temporary network. A determination that the wireless device has connected to the temporary network using the temporary network credential for the wireless device is made. An instruction is transmitted to the wireless device over the temporary network in response to the determination.

In an embodiment, a computer-implemented method for DHCP-communications monitoring by a network controller in software defined networks is disclosed. A method comprises detecting that a virtualized compute instance is instantiated on a host computer; generating, and transmitting to a port manager executing on the host computer, instructions to set a BLOCK-EXCEPT-DHCP status on a port assigned to the virtualized compute instance; determining whether an IP address has been assigned to the port by a DHCP service; and if it has: generating, and transmitting to the port manager, instructions to set a NORMAL status on the port; generating, and transmitting to the port manager, a SpoofGuard configured with the IP address assigned to the port; based on notifications received from the SpoofGuard, determining whether the IP address assigned to the port of the virtualized compute instance has been misused, expired or spoofed; and if it has, transmitting instructions to set the BLOCK-EXCEPT-DHCP status on the port.

In an embodiment, a computer-implemented method for DHCP-communications monitoring by a network controller in software defined networks is disclosed. A method comprises detecting that a virtualized compute instance is instantiated on a host computer; generating, and transmitting to a port manager executing on the host computer, instructions to set a BLOCK-EXCEPT-DHCP status on a port assigned to the virtualized compute instance; determining whether an IP address has been assigned to the port by a DHCP service; and if it has: generating, and transmitting to the port manager, instructions to set a NORMAL status on the port; generating, and transmitting to the port manager, a SpoofGuard configured with the IP address assigned to the port; based on notifications received from the SpoofGuard, determining whether the IP address assigned to the port of the virtualized compute instance has been misused, expired or spoofed; and if it has, transmitting instructions to set the BLOCK-EXCEPT-DHCP status on the port.

Disclosed are an electronic device for wireless communication and a method thereof. The electronic device may include an interface module and a processor. The processor may be configured to establish a first Ethernet tethering connection with an external electronic device by using an Ethernet driver, provide an Internet service to the external electronic device using a first IP address allocated to the external electronic device, deactivate the Ethernet driver in response to identifying that the IP address of the electronic device is changed and the first Ethernet tethering connection is in the bridge mode, reactivate the deactivated Ethernet driver, establish a second Ethernet tethering connection with the external electronic device by using the reactivated Ethernet driver, and provide the Internet service to the external electronic device using a second IP address allocated to the external electronic device.

Detection of squatting domains is disclosed. A set of new fully qualified domain names (FQDNs) is received. The set of new FQDNs is analyzed to detect domain squatting by identifying a subset of the new FQDNs as candidate squatting domains. The candidate squatting domains are distributed to a security device/service.

A device may receive provisioning data identifying an application server and a user equipment. The device may provide a request for reachability data associated with the user equipment and may receive the reachability data. The device may cause a trigger for a packet and data identifying the application server to be provided to the user equipment. The device may receive, from the user equipment, the packet that includes a network address and a port identifier of a port of the user equipment. The device may provide, to a firewall associated with the application server, an identifier, the network address, and the port identifier. The device may cause, via the firewall, the reachability data, the network address, and the port identifier to be provided to the application server to enable the application server to provide data to the user equipment.

Some examples relate to controlling network traffic pertaining to a domain name based on a Domain Name System-Internet Protocol address (DNS-IP) mapping, An example includes receiving, in a cloud computing system, a local DNS-IP mapping for a domain name from respective Access Points (APs) in a virtual local area network (VLAN) along with geographical information of respective APs; generating a global DNS-IP mapping database comprising the local DNS-IP mapping for the domain name received from respective APs in the VLAN along with geographical information of respective APs, in the cloud computing system; and determining appropriate APs to distribute the global DNS-IP mapping, based on location information of respective APs.

Some examples relate to controlling network traffic pertaining to a domain name based on a Domain Name System-Internet Protocol address (DNS-IP) mapping, An example includes receiving, in a cloud computing system, a local DNS-IP mapping for a domain name from respective Access Points (APs) in a virtual local area network (VLAN) along with geographical information of respective APs; generating a global DNS-IP mapping database comprising the local DNS-IP mapping for the domain name received from respective APs in the VLAN along with geographical information of respective APs, in the cloud computing system; and determining appropriate APs to distribute the global DNS-IP mapping, based on location information of respective APs.