Abstract: Minimum guaranteed wireless network bandwidth is provided to client network devices by monitoring the performance of network connections to identify client network devices experiencing network congestion. Congested network connections are then analyzed to determine the source of the network congestion. Depending upon the source of the network congestion, an embodiment of the invention may undertake steps to either improve the quality of the network connection or to mitigate the impact of this network connection on other network connections. High quality network connections may be allocated additional bandwidth, airtime, or other resources to reduce the network congestion. Low quality network connections are not allocated additional bandwidth, airtime, or other resources. Instead, the impact of this network connection on the other network connections is mitigated.

Abstract: A technique for network authentication interoperability involves initiating an authentication procedure on a first network, authenticating on a second network, and allowing access at the first network. The technique can include filtering access to a network, thereby restricting access to users with acceptable credentials. Offering a service that incorporates these techniques can enable incorporation of the techniques into an existing system with minimal impact to network configuration.

Abstract: Techniques and systems for performing a network activity within a network. The technique includes assigning one or a plurality of network devices subnets with network devices for performing network activities. Network devices within the assigned network device subnets can be assigned to act as a primary network device and a backup network device. The primary network device can perform the network activity. The backup network devices can monitor the primary network device and continue performing the network activities if the primary network device fails or is rogue.

Abstract: A passphrase is assigned to an end user device for use in authenticating the end user device for a network using SAE. An identification of the end user device is determined during an authentication process. The passphrase assigned to the end user device is determined at a network side using the identification of the end user device. A shared secret is generated using the passphrase. Whether the end user device has generated the shared secret is determined. The end user device is authenticated for the network, if it is determined that the end user device has generated the shared secret.

Abstract: Disclosed is a system comprising: an authentication datastore; a device presence engine; a traffic monitor engine; an authentication presence monitor engine; an authentication server selection engine; and a traffic routing engine. In operation: the device presence engine is configured to detect presence of a user device on a trusted network; the traffic monitor engine is configured to monitor, in response to the detection, traffic on the trusted network from the device; the authentication presence monitor engine is configured to evaluate onboarding characteristics of the user device in response to the monitoring; the authentication server selection engine is configured to select one of a plurality of authentication servers to authenticate the user device to the trusted network, the selecting based on the onboarding characteristics; and the traffic routing engine is configured to route traffic from the user device to the selected authentication server.

Abstract: A first wireless operating mode of a plurality of wireless operating modes may be selected. The plurality of wireless operating modes may be related to a plurality of antenna configurations and a plurality of wireless radio frequencies. In some implementations, the selecting of the first wireless operating mode may be based on the identified power mode of the first digital device. The first wireless operating mode may be associated with a first antenna configuration of the plurality of antenna configurations. The first wireless operating mode may be associated with a first wireless radio frequency of the plurality of wireless radio frequencies for the data to be accessed by the first digital device over the wireless access device.

Abstract: Techniques for synchronizing a network device to selectively operate according to a selectable operation policy. A system utilizing such techniques can a self-configuring network device operation coordination system and a self-configuring network device operation management system. A method utilizing such techniques can include synchronizing a network device to selectively operate according to a first operation policy and a second operation policy in providing network service access.

Abstract: Techniques for managing IoT devices through multi-protocol infrastructure network devices are disclosed. A system utilizing such techniques can include a multi-protocol infrastructure network device and a WAN based IoT device management system and various network device based engines. A method utilizing such techniques can include management according to WAN based IoT device policies and LAN based IoT device policies.

Abstract: A hybrid low power network device comprising: a wave 1 radio configured to provide client devices wireless access to a network using SU-MIMO, a wave 2 radio configured to provide the client devices wireless access to the network using MU-MIMO, a radio management system configured to assign client devices to either the wave 1 radio or the wave 2 radio for communicating over wireless communication channels in accessing the network, first and second Ethernet ports, wherein at least one of the first and second Ethernet ports are configured to provide power to the hybrid low power network device and allow at least one of the wave 1 radio and the wave 2 radio to communicate with the network, in operation the hybrid low power network device is configured to operate at a power consumption level between 15 and 17 W in providing the client devices wireless access to the network.

Abstract: Maintaining layer 7 state as a client device roams between network devices during a session. Data packets used in executing a layer 7 application are received at a first network device that a client device is coupled to during a session. Data packets received by the first network device are stored in a layer 7 application buffer that is sent to a second network device that a client device roams to during a session. A layer 7 application buffer is used to classify a layer 7 application that is the subject of a session in order to maintain layer 7 state as a client device roams to a second network device during a session.

Abstract: Minimum guaranteed wireless network bandwidth is provided to client network devices by monitoring the performance of network connections to identify client network devices experiencing network congestion. Congested network connections are then analyzed to determine the source of the network congestion. Depending upon the source of the network congestion, an embodiment of the invention may undertake steps to either improve the quality of the network connection or to mitigate the impact of this network connection on other network connections. High quality network connections may be allocated additional bandwidth, airtime, or other resources to reduce the network congestion. Low quality network connections are not allocated additional bandwidth, airtime, or other resources. Instead, the impact of this network connection on the other network connections is mitigated.

Abstract: A network device comprising, a first radio module configured to transmit and receive first radio signals in a first frequency band, a first antenna array configured to transmit and receive the first radio signals for the first radio module in the first frequency band, a second radio module configured to transmit and receive second radio signals in the first frequency band, a second antenna array configured to transmit and receive the second radio signals for the second radio module in the first frequency band, wherein, in operation, the first radio module and the second radio modules function concurrently using the first frequency band while at least 40 dB of antenna isolation is maintained between the first antenna array and the second antenna array.

Abstract: Management of a proximity beacon transmitter using a network device. Operational characteristics are generated for a proximity beacon transmitter coupled to a network device. The proximity beacon is configured through the network device. It is determined if the proximity beacon transmitter is operating according to the operational characteristics generated for the proximity beacon transmitter. The proximity beacon transmitter is reconfigured to operate according to the operational characteristics if it is determined that the proximity beacon transmitter is operating in nonconformity with the operational characteristics.

Abstract: In various systems and methods, there can be received a request for a network service. A query for the network service can be formulated based on the request. A remote access device can be instructed to interrogate remote devices coupled to the remote network access device for the network service. Access parameters related to the network service can be received in response to the interrogation. The user device can be configured to access the network service based on the access parameters.

Abstract: Airtime usage may be used as a factor in controlling network traffic flow to and from client devices via a wireless network interface. Received packets or other data are assigned to a quality of service profile. Additionally, a cost value for communicating the received data is determined at least in part based on an actual or estimated airtime usage for the received packet. The cost value is used to allocate wireless network airtime to data. The allocation of wireless network airtime may be varied dynamically based on operating conditions. The cost value may be based on factors including the airtime used to communicate data; whether the data is a retransmission; and wireless network overhead. The cost value of data may also be different depending on whether the data is being sent from a client device or to a client device.

Abstract: Techniques for selectively synchronizing network devices to authenticate wireless device to access a network using a key. A system utilizing such techniques can include a unique pre-shared key assignment system and a network device selective synchronization system. A method utilizing such techniques can include unique pre-shared key assignment and selective synchronization management.

Abstract: A passphrase is assigned to an end user device for use in authenticating the end user device for a network using SAE. An identification of the end user device is determined during an authentication process. The passphrase assigned to the end user device is determined at a network side using the identification of the end user device. A shared secret is generated using the passphrase. Whether the end user device has generated the shared secret is determined. The end user device is authenticated for the network, if it is determined that the end user device has generated the shared secret.

Abstract: Techniques for seamlessly onboarding a wireless device. A system utilizing such techniques can include a key-based authentication system and a unique pre-shared key seamless onboarding system. A method utilizing such techniques can include key-based authentication management and unique pre-shared key seamless onboarding management.

Abstract: A multicast frame directed to a plurality of devices coupled to a network can be received, where the plurality of devices comprising at least one intended recipient device and at least one unintended recipient device. A destination unicast address corresponding to an intended recipient device can be identified. The multicast frame can be converted into a unicast frame directed to the intended recipient device, the unicast frame configured with the destination unicast address. The unicast frame can be blocked from accessing the unintended recipient device. The unicast frame can be provided to the intended recipient device.

Abstract: A hybrid low power network device comprising: a wave 1 radio configured to provide client devices wireless access to a network using SU-MIMO, a wave 2 radio configured to provide the client devices wireless access to the network using MU-MIMO, a radio management system configured to assign client devices to either the wave 1 radio or the wave 2 radio for communicating over wireless communication channels in accessing the network, first and second Ethernet ports, wherein at least one of the first and second Ethernet ports are configured to provide power to the hybrid low power network device and allow at least one of the wave 1 radio and the wave 2 radio to communicate with the network, in operation the hybrid low power network device is configured to operate at a power consumption level between 15 and 17 W in providing the client devices wireless access to the network.