In an alternative embodiment (not shown), computer 220 may be placed in an isolation subnetwork that is separate from one or both of computer 202 and switch 210 and subnetwork 250.

FIG. 3 shows one exemplary provisioning process 300 for provisioning a new device onto a DSDN.

In step 302 of method 300, a device to be provisioned (hereinafter, “the device”) is connected to the network via a wireless or wired connection. One example of step 302 is guest device 181 of FIG. 1C wireless connection to router 106 of DSDN 100.

In step 304 of method 300, authentication data from the device is transferred to a DSDN capable system. This step may be the transfer of a strong authentication via a cert or may be accomplished by a manual process performed by the administrator of the DSDN. One example of step 304 is transmitting a strong authentication via a certificate or SIM card or user name and password to router 106, the user's service provider, or a DSDN cloud service.

In step 306 of method 300, step 304 data is utilized to authenticate the device. One example of step 306 is DSDN capable router 106 connecting to internet 190 to authenticate guest device 181 via the provided certificate.

In step 308 of method 300, the security/authentication data is forwarded to a network application management environment for processing. One example of step 306 is guest device 181's cert, username and password data, or SIM card data being forwarded to router 106, the user's service provider, or a DSDN cloud service.