Abstract: A mechanism by which handoff delay can be minimized while not compromising the IMS/MMD security and also protecting the media if required by certain applications is presented. Methods for mitigating delay during SA re-association and mitigating the IPSec tunnel overhead for signaling and media at the Mobile Node are given. In one embodiment, SA keys can be transferred from the old P-CSCF to new P-CSCF, enabling the establishment of SAs before Mobile Node physically moves to the new subnet in a network. Proactive handover is used. In another embodiment, SA keys are transferred from S-CSCF to new P-CSCF. In this case, the SA keys are transferred to the new P-CSCF by S-CSCF through a context transfer mechanism well in advance so that SAs may be established before Mobile Node physically moves to new subnet. In another embodiment, methods for mitigating IPSec tunnel overhead are presented.

Abstract: A mechanism by which handoff delay can be minimized while not compromising the IMS/MMD security and also protecting the media if required by certain applications is presented. One proactive method includes proactive authentication. Another proactive method includes proactive security association, such as transferring SA keys from old proxy to new proxy, or transferring keys through serving signal entities. Reactive methods include transferring SA keys from old proxy to new proxy, using either push or pull technology. Other reactive methods include transferring keys through serving signal entities using either push or pull technology.

Abstract: A communication network system is disclosed in which local-branch-site-line network switches accommodating local-branch-site lines, and at least one data-center-site-line network switch accommodating at least one data-center-site line, are interconnected via a carrier network.

Abstract: A system and method for mobility support of a mobile node having a home network in a heterogeneous roaming environment is presented. The method comprises the steps of authenticating the mobile node in a visited network and obtaining an address for the mobile node in the visited network, establishing a security connection between a functional component in the visited network and an agent in the home network, creating a home address for the mobile node, and using the home address to generate a SIP signaling address, a SIP media address, and a non-SIP media address, such that SIP non-media is transmitted using the security connection to the SIP signaling address, SIP media is transmitted using the security connection to the SIP media address, and non-SIP media is transmitted using the security connection to the non-SIP media address.

Abstract: The present invention advantageously provides several systems and methods for solving the trombone routing issues within an IMS/MMD network. These approaches avoid trombone routing, speed up handoff, and increase the efficiency of signaling and overall performance of an IMS/MMD network. These solutions can broadly be divided into the following categories. Piggy-backing SIP registration over MIP (Split at FA); Selective Reverse Tunneling and Tunneling between FA and P-CSCF; the SIP-based mobility protocol; use of CoA during SIP registration and call up in MIPv6; Piggy-backing SIP registration when HA and S-CSCF Co-exist; Using Dynamic Home Agents in MIPv4 FA-CoA; and the Interceptor-Caching Approach.

Abstract: A mechanism by which handoff delay can be minimized while not compromising the IMS/MMD security and also protecting the media if required by certain applications is presented. One proactive method includes proactive authentication. Another proactive method includes proactive security association, such as transferring SA keys from old proxy to new proxy, or transferring keys through serving signal entities. Reactive methods include transferring SA keys from old proxy to new proxy, using either push or pull technology. Other reactive methods include transferring keys through serving signal entities using either push or pull technology.

Abstract: The present invention provides a network operations management method and apparatus which realizes efficient power-saving by enabling virtual servers to move between physical servers beyond network segments. A reallocation design unit 13 designs reallocation of virtual servers to physical servers so that necessary resource amounts are assigned to all virtual servers. When virtual servers VS need to move between physical servers PS beyond network segments NS for the designed reallocation, a grouping unit 14 changes a network segment NS to which physical servers PS are connected by changing the configuration of a router and switches. A reallocation unit 15 realizes efficient power-saving by reallocating the virtual servers to the physical servers based on the design made by the reallocation design unit 13.

Abstract: A mechanism by which handoff delay can be minimized while not compromising the IMS/MMD security and also protecting the media if required by certain applications is presented. One proactive method includes proactive authentication. Another proactive method includes proactive security association, such as transferring SA keys from old proxy to new proxy, or transferring keys through serving signal entities. Reactive methods include transferring SA keys from old proxy to new proxy, using either push or pull technology. Other reactive methods include transferring keys through serving signal entities using either push or pull technology.

Abstract: A communication network system is disclosed in which local-branch-site-line network switches accommodating local-branch-site lines, and at least one data-center-site-line network switch accommodating at least one data-center-site line, are interconnected via a carrier network.

Abstract: A load balance server has a first database for recording a list of identifiers of the presence servers, a second database for recording a subscription message receiving rate, an entry retrieval means for selecting a presence server that the subscription message receiving rate is lowest, in presence servers included in the list of the entry based on the presence information, a presence server selecting means for selecting an additional presence server whichever subscription message receiving rate is lower than predetermined threshold Ts, when the subscription message receiving rate in the selected presence server is higher than predetermined threshold Ts, and a message sending/receiving control means for sending the public message to the selected presence server.

Abstract: The present invention provides a network configuration restoration method and system which can perform restoration by copying past configuration files in a short time. An updating judging unit 304 judges updating of each network device by comparing an acquired configuration file and a registered configuration file linked to a first identifier representing a copy timing. A new save unit 312 acquires an updated configuration file from a network device, and links the updated configuration file to a first identifier and a second identifier which sets the current timing as a new save timing and saves it in a configuration file database 301. A save unit 311 copies a registered configuration file of a network device whose configuration file has not been updated and links it to a first identifier representing the copy timing and a second identifier linked to this configuration file and saves it.

Abstract: In a network including equipment noncompliant to the topology management protocol, a message substitution response system executing substitution response to a message discovered or topology search message in lieu of the noncompliant equipment is provided. The substitution response module generation unit 22 generates a substitution response module which responds to Discover message and topology search message in lieu of each of LLTD noncompliant equipment for every LLTD noncompliant equipment. The network simulation module generation unit 23 generates a network simulation module for simulating message transmission on the home network. The substitution response functional unit 24 simulates message transmission between the home network and each of substitution response modules, and message transmission between each of substitution response modules by said network simulation module.

Abstract: A switch 1 having a tag VLAN function includes a plurality of physical ports P1, P2 . . . , and adds an ID tag unique to each physical port to the header of a packet received by the physical port and sends the packet, and on the other hand, refers to an ID tag attached to a packet received from a GW 2 and sends the packet to a physical port corresponding to the ID tag. The GW 2 searches for a server address corresponding to the ID tag attached to the packet received from the switch 1 and modifies a destination address of the packet into the server address. In addition, the GW 2 attaches an ID tag corresponding to a source address of the packet received from the shared server 3 to the received packet, and modifies the source address of the packet into a GW address.

Abstract: A gateway (GW) and a plurality of foreign agents (FA) are connected in a ring-like manner, and the procedures of (1) the GW receiving an IP packet, addressed from a corresponding node CN to a mobile node MNa; (2) the GW transferring the packet to a link L1 in one direction; (3) an FA1 transferring the received packet to a link L2 in the same direction; (4) FA1 furthermore transferring the received packet to a link L4, connected to MNa, if the destination address of the received packet is already registered in the visitor list; (5) an FA2 transferring the received packet to a link L3 in the same direction; (6) FA2 furthermore ending the process as it is if the destination address of the received packet is not registered; and (7) the GW discarding the received packet.

Abstract: An administrator 4 (2) registers configuration files of compliant equipment 31 and noncompliant equipment 32 and a configuration script into a management server, and (3) sends the network equipment to a user 33. When the user 33 constructs the local network 3 by connecting the network equipment and turns it on, (4) a configuration request message is transmitted from the compliant equipment 31 to the management server 2. (5) The management server 2 replies with the configuration file of the compliant equipment 31, the configuration file of the noncompliant equipment 32, and the compliant script to the compliant equipment 31 in response to the configuration request. The compliant equipment 31 (6) registers its own configuration file received from the management server 2 into itself, and then (7) configures the configuration file of the noncompliant equipment 32 into the noncompliant equipment by executing the received configuration script.

Abstract: The present invention provides a network operations management method and apparatus which realizes efficient power-saving by enabling virtual servers to move between physical servers beyond network segments. A reallocation design unit 13 designs reallocation of virtual servers to physical servers so that necessary resource amounts are assigned to all virtual servers. When virtual servers VS need to move between physical servers PS beyond network segments NS for the designed reallocation, a grouping unit 14 changes a network segment NS to which physical servers PS are connected by changing the configuration of a router and switches. A reallocation unit 15 realizes efficient power-saving by reallocating the virtual servers to the physical servers based on the design made by the reallocation design unit 13.

Abstract: A data communication method and apparatus for a mobile network. A destination foreign agent (FA2) recognizes a MAC address of an MN. The FA2 registers the MAC address of the MN in a handoff request message (FHReq), and the FA2 feeds the FHReq onto a transfer network. Each of foreign agents (FAs) receives the FHReq, registers an IP address corresponding to the MAC address in the FHReq when the MAC address is registered in a binding list of the FAs themselves, and feeds the IP address onto the transfer network. The FA2 receives the FHReq, and temporarily registers the MAC address and the IP address in the binding list of the FA2 itself. The FA2 transfers data sent from a homw agent (HA) to the MN, based on the information which has been temporarily registered.

Abstract: A switch 1 having a tag VLAN function includes a plurality of physical ports P1, P2 . . . , and adds an ID tag unique to each physical port to the header of a packet received by the physical port and sends the packet, and on the other hand, refers to an ID tag attached to a packet received from a GW 2 and sends the packet to a physical port corresponding to the ID tag. The GW 2 searches for a server address corresponding to the ID tag attached to the packet received from the switch 1 and modifies a destination address of the packet into the server address. In addition, the GW 2 attaches an ID tag corresponding to a source address of the packet received from the shared server 3 to the received packet, and modifies the source address of the packet into a GW address.

Abstract: An administrator 4 (2) registers configuration files of compliant equipment 31 and noncompliant equipment 32 and a configuration script into a management server, and (3) sends the network equipment to a user 33. When the user 33 constructs the local network 3 by connecting the network equipment and turns it on, (4) a configuration request message is transmitted from the compliant equipment 31 to the management server 2. (5) The management server 2 replies with the configuration file of the compliant equipment 31, the configuration file of the noncompliant equipment 32, and the compliant script to the compliant equipment 31 in response to the configuration request. The compliant equipment 31 (6) registers its own configuration file received from the management server 2 into itself, and then (7) configures the configuration file of the noncompliant equipment 32 into the noncompliant equipment by executing the received configuration script.

Abstract: In a network including equipment noncompliant to the topology management protocol, a message substitution response system executing substitution response to a message discovered or topology search message in lieu of the noncompliant equipment is provided. The substitution response module generation unit 22 generates a substitution response module which responds to Discover message and topology search message in lieu of each of LLTD noncompliant equipment for every LLTD noncompliant equipment. The network simulation module generation unit 23 generates a network simulation module for simulating message transmission on the home network. The substitution response functional unit 24 simulates message transmission between the home network and each of substitution response modules, and message transmission between each of substitution response modules by said network simulation module.