A deployment system may generate and deploy network topology models within one or more workload resource domains. In some examples, the deployment system may implement a hierarchical data structure to store and manage multiple variations of a network topology models, in which network topology definitions and other characteristics may be inherited between related elements in the data structure. Data structures storing network topology models may be implemented as hierarchical levels of elements storing related, overlapping, and/or alternative portions of network topologies. A network topology model may be generated for deployment by combining the portions of network topologies stored within a branch of elements in the hierarchy, and the model may be deployed across one or more workload resource domains. Modifications to network topology models may be applied to individual elements and/or propagated to related elements based on the relationships and metadata defined for the in the hierarchical structure.

A security system is described for managing a premises. The security system comprises security system components and a first controller. A takeover component receives security data of the security system from the first controller. The security data is used to configure a second controller to communicate with the security system. The second controller communicates with the security system components and replaces the first controller in management of the security system.

Described embodiments provide systems and methods for upgrading user space networking stacks without disruptions to network traffic. A first packet engine can read connection information of existing connections of a second packet engine written to a shared memory region by the second packet engine. The first packet engine can establish one or more virtual connections according to the connection information of existing connections of the second packet engine. Each of the first packet engine and the second packet engine can receive mirrored traffic data. The first packet engine can receive a first packet and determine that the first packet is associated with a virtual connection corresponding to an existing connection of the second packet engine. The first packet engine can drop the first packet responsive to the determination that the first packet is associated with the virtual connection.

A plurality of module twins that respectively correspond to a plurality of modules of edge applications on a plurality of edge devices are stored. The plurality of module twins individually include metadata associated with the corresponding module of the plurality of modules. At least one further module to be deployed is determined. Edge devices of the plurality of edge devices to receive the determined at least one module are identified. The determined at least one further module is caused to be deployed to the identified edge devices. In response to deploying the determined at least one further module, the plurality of module twins is updated by adding, to the plurality of modules twins, modules twins corresponding to the deployed modules.

Techniques described herein register an endpoint device, such as a utility meter, with multiple headend systems. A system described herein includes a utility meter, which measures consumption of a resource, and a Network Management System (NMS) headend system, which manages a network. The utility meter joins the network and obtains an Internet Protocol (IP) address of the NMS headend system. The utility meter transmits a network registration request to the NMS headend system using the IP address of the NMS headend system and receives, from the NMS headend system, network-related settings of the network. The utility meter obtains an IP address of a second headend system configured to provide a service over the network. Further, the utility meter receives, from the second headend system, configuration settings for using the service of the second headend system and, as such, configures the radio with the network-related settings and the configuration settings.

The disclosed technology relates to a process for zero touch provisioning to provide cloud enablement of legacy computing devices. Specifically, the disclosed technology provides the ability to automate the process of connecting computing devices that may not originally have the capabilities to connect to the Internet so that the computing devices can be managed by a cloud network or be provided updates by the cloud network. The cloud enablement for computing devices is performed by modifying the computing device with hardware and software that would direct the computing device to establish secure communications with the cloud network without user involvement.

A system securely provisions a resource for access by computing systems of an untrusted network. The provisioning is performed securely such that at no stage during the process the computing systems of the untrusted network have direct access to the computing systems of the trusted network. The system creates a temporary network connected to the trusted network and provisions the requested resource in the temporary network. The system connects the temporary network to the trusted network for provisioning of the resource. The system disconnects the trusted network from the temporary network before connecting the untrusted network to the temporary network for providing access to the resource.

According to one aspect, a system and method of exchanging GRUUs (Globally Routed User Agent URI (Uniform Resource Identifier)) between a first telephony-enabled device and a second telephony enabled device using a circuit-switched message is provided. Once exchanged, the telephony enabled devices can exchange SIP (session initiated protocol) communications routed by the GRUUs. Any one of the telephony-enabled devices can add a media component to the SIP communications. According to another aspect, a system and method of generating GRUUs is provided. According to another aspect, a system and method of handing off communications to a packet switched network, from a circuit switched network is provided.

A network building apparatus (2) includes a collection unit (11) configured to scan each node connected to a network and collect environmental data of the network, a design unit (21) configured to design a virtual network obtained by virtualizing the network based on the environmental data collected by the collection unit (11), and an output unit (31) configured to output design data of the virtual network designed by the design unit (21).

Some embodiments provide a method for distributing rules associated with a particular logical network element that is implemented across one or more physical sites. The method uses a set of attributes of a set of elements associated with the particular logical network element to identify a particular set of physical sites spanned by the particular logical network element. The method identifies a set of rules associated with the particular logical network element. The method distributes the identified set of rules to each site of the identified set of physical sites.