A system that enables end-user devices that operate within different enterprise networks to exchange data with one another. In particular, the disclosed system uses unique IP addresses that are dedicated solely to supporting a predefined communication service between enterprise computer networks, in order to identify and route each data packet according to the communications service. As part of the communications service, the data packets are transmitted, for example, from a first local service provider network hosting a first enterprise network, through a participating backbone service provider network on the public Internet and based on deterministic routing, and to a second local service provider network hosting a second enterprise network. In handling the data packets in this way, the disclosed system creates an Internet wide-area-network (WAN): the data packets are transmitted over the Internet and conceivably over a large geographic distance between enterprise networks.

The present invention provides a network system of a railcar, the network system being capable of efficiently performing maintenance work. One example of the network system of the railcar of the present invention includes: intra-car networks (N1 to N3) to which first and second apparatuses are connected; an inter-car network (NA) for transmission of information between the apparatuses mounted on different cars; routers (R1 to R3) each provided and connected between the corresponding intra-car network (N1 to N3) and the inter-car network (NA) and each including a network address translation portion configured to mutually convert a private address of the first apparatus and an IP address of the inter-car network (NA); and a maintenance transmission path forming unit configured to form a transmission path through which the transmission and reception of the information are performed between a maintenance terminal (5) and a maintenance target apparatus selected from the first and second apparatuses, the transmission path not passing through the network address translation portion of the car on which the maintenance target apparatus is mounted.

Systems and methods for connecting devices via a virtual global network are disclosed. In one embodiment the network system may comprise a first device in communication with a first endpoint device and a second device in communication with a second endpoint device. The first and second devices may be connected with a communication path. The communication path may comprise one or more intermediate tunnels connecting each endpoint device to one or more intermediate access point servers and one or more control servers.

A CPU box of each mounting machine module obtains MAC addresses of communication devices of both an internal device and a base by communicating with the communication devices of both the internal device and the base after the power is turned on, compares the obtained MAC address of the internal device side and the obtained MAC address of the base side, with storage data of the MAC addresses of both the internal device side and the base side read from a non-volatile storage medium of the CPU box, obtains management data of the mounting machine module stored in association with the MAC address of the internal device side from the non-volatile storage medium of a management computer in a case where the MAC address of the internal device side does not match the storage data, and obtains the management data of the mounting machine module stored in association with the MAC address of the base side from the non-volatile storage medium of the management computer in a case where the MAC address of the base side does not match the storage data.

The present disclosure provides a method for communication between a network device and a terminal device, where the network device stores a correspondence between a link-layer address and an IP address that are of the terminal device, and the method includes: obtaining, by the network device, a first link-layer address; determining whether a quantity of IP addresses corresponding to the first link-layer address reaches a threshold; if the quantity reaches the threshold, selecting an IP address from the IP addresses, where a quantity of selected IP addresses is not greater than the maximum quantity; saving a correspondence between the first link-layer address and the selected IP address; and sending, according to the selected IP address, a message to a terminal device having the first link-layer address, where the message is used to notify the terminal device whether an IP address is selected by the network device.

Described are methods, systems and computer readable media for data source refreshing.

An account adding method is performed by a social networking application running at a mobile terminal when communicating with a second terminal (e.g., using a chat session). The method includes: recording voice information from the second terminal using the social networking application; extracting character string information and voiceprint information from the voice information; sending the character string information and the voiceprint information to a server; receiving an account that matches the character string information and the voiceprint information and that is sent by the server; and adding the account to a contact list of the social networking application. For example, the social networking application is started before starting a telephone call with the second terminal and the voice information is recorded during the telephone call.

A method, apparatus and product for sub-networks based cyber security. One method for managing a local network, which is divided into subnets, comprises: monitoring communication traffic of devices in each of the subnets; performing anomaly detection to detect an abnormal communication of a device connected to a subnet; blocking the abnormal communication of the device; and removing the device from the subnet and connecting the device to a quarantine subnet of the local network, whereby reducing connectivity of the device with other devices connected to the local network.

Described systems and methods enable a swift and efficient detection of fraudulent Internet domains, i.e., domains used to host or distribute fraudulent electronic documents such as fraudulent webpages and electronic messages. Some embodiments use a reverse IP analysis to select a set of fraud candidates from among a set of domains hosted at the same IP address as a known fraudulent domain. The candidate set is further filtered according to domain registration data. Online content hosted at each filtered candidate domain is further analyzed to identify truly fraudulent domains. A security module may then prevent users from accessing a content of such domains.

Techniques for configuring a network based on a Domain Name System (DNS) or network metadata policy for network control are disclosed. In some embodiments, a system, process, and/or computer program product for a DNS or network metadata policy for network control includes receiving a DNS or network metadata update at a DNS server (e.g., an authoritative or recursive DNS server) or an IP Address Management (IPAM) server, in which the DNS or network metadata update is determined to be relevant to the DNS or network metadata policy for network control; and sending the DNS or network metadata update to a network controller for a network, in which the network controller configures a plurality of network devices on the network based on the DNS or network metadata policy for network control.