A controller for an electric power distribution system includes processing circuitry and a memory that includes instructions. The instructions, when executed by the processing circuitry, are configured to cause the processing circuitry to determine that a first switch of the electric power distribution system is a primary switch communicatively coupled to an intelligent electronic device (IED) of the electric power distribution system, determine that a second switch of the electric power distribution system is a backup switch communicatively coupled to the TED, and distribute a first copy of a security association key (SAK) to the first switch and a second copy of the SAK to the second switch in response to determining that the first switch is the primary switch and the second switch is the backup switch to enable the first switch and the second switch to establish respective media access control security (MACsec) communication links with the IED.

The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

Systems and methods for managing a global virtual network connection between an endpoint device and an access point server are disclosed. In one embodiment the network system may include an endpoint device, an access point server, and a control server. The endpoint device and the access point server may be connected with a first tunnel. The access point server and the control server may be connected with a second tunnel.

Techniques for managing the distribution of configuration information that supports the flow of packets in a cloud environment are described. In an example, a virtual network interface card (VNIC) hosted on a network virtualization device NVD receives a first packet from a compute instance associated with the VNIC. The VNIC determines that flow information to send the first packet on a virtual network is unavailable from a memory of the NVD. The VNIC sends, via the NVD, the first packet to a network interface service, where the network interface service maintains configuration information to send packets on the substrate network and is configured to send the first packet on the substrate network based on the configuration information. The NVD receives the flow information from the network interface service, where the flow information is a subset of the configuration information. The NVD stores the flow information in the memory.

Techniques for managing the distribution of configuration information that supports the flow of packets in a cloud environment are described. In an example, a virtual network interface card (VNIC) hosted on a network virtualization device NVD receives a first packet from a compute instance associated with the VNIC. The VNIC determines that flow information to send the first packet on a virtual network is unavailable from a memory of the NVD. The VNIC sends, via the NVD, the first packet to a network interface service, where the network interface service maintains configuration information to send packets on the substrate network and is configured to send the first packet on the substrate network based on the configuration information. The NVD receives the flow information from the network interface service, where the flow information is a subset of the configuration information. The NVD stores the flow information in the memory.

The present technology pertains to receiving a tag associating at least one routing domain in an on-premises site with at least one virtual network in a cloud environment associated with a cloud service provider. The present technology also pertains to the automation of populating route and propagation tables with the cloud service provider.

Embodiments of this application relate to the field of communications technologies, and disclose a flow control method and apparatus, to resolve a prior-art problem such as packet loss, packet accumulation, or network congestion that occurs after a packet is switched between priority queues. A specific solution is as follows: A first device receives a first packet sent by a second device, where the first packet carries a first field and a second field, the first field carries a first priority, and the second field carries a second priority; the first device performs flow control based on the first priority in the first packet; and the first device performs queue scheduling on the first packet based on the second priority in the first packet.

Systems, methods, and apparatus for user mobility in a system with time-varying user-satellite and satellite-ground Ethernet links are disclosed. In some embodiments, A method for user mobility in a satellite system comprises transmitting, by a user device, a first signal comprising internet protocol (IP) data packets encapsulated in an Ethernet frame to a satellite. The method further comprises transmitting, by the satellite, a second signal comprising the IP data packets encapsulated in the Ethernet frame to a ground modem of a ground terminal. Further, the method comprises transmitting, by the ground modem, a third signal comprising the IP data packets encapsulated in the Ethernet frame to a default gateway, which is associated with user device, of a customer ground location via a virtual Ethernet switch. The virtual Ethernet switch utilizes one of a layer two (L2) overlay or a wide area network (WAN) L2 virtual private network (VPN) implementation.

An image processing device has a processor configured to form a virtual network, to which a function of the image processing device is allocated, and provide the function to another device connected to the virtual network.

Systems and methods for providing multi-perimeter firewalls via a virtual global network are disclosed. In one embodiment the network system may comprise an egress ingress point in communication with a first access point server, a second access point server in communication with the first access point server, an endpoint device in communication with the second access point server, a first firewall in communication with the first access point server, and a second firewall in communication with the second access point server. The first and second firewalls may prevent traffic from passing through their respective access point servers. The first and second may be in communication with each other and exchange threat information.