SD-WAN is a software-driven approach to managing wide area networks that improves visibility, performance, and security across distributed sites.
In IoT deployments, SD-WAN helps organizations connect, secure, and manage large numbers of geographically dispersed devices and gateways.
When paired with cellular IoT connectivity, SD-WAN can enable , flexible, centrally managed network architectures, and improve resilience when multiple paths are available.
What is SD-WAN?
Software-Defined Wide Area Network (SD-WAN) is a networking technology that uses software and centralized control to manage how traffic is routed across wide area networks. Unlike traditional WAN architectures, often built around fixed MPLS circuits and static routing, SD-WAN abstracts the underlying network hardware and enables policies to be defined and enforced centrally.
With SD-WAN, traffic can be intelligently routed over multiple connection types, including:
Broadband internet
MPLS
LTE and 5G cellular
Satellite or other wireless links
This software-driven approach can help organizations to optimize performance, improve reliability, and enhance security while reducing operational complexity.
The Role of SD-WAN in IoT Deployments
IoT deployments often involve large numbers of devices distributed across many locations, such as factories, farms, vehicles, retail sites, or remote infrastructure. These environments introduce challenges that traditional WANs struggle to address, including variable connectivity quality, limited local IT support, and the need for secure remote access.
SD-WAN plays a critical role in IoT by enabling:
Centralized network management across thousands of remote sites
Dynamic path selection,Dynamic path selection, steering traffic based on policy and measured link conditions
Secure segmentation, isolating IoT traffic from other enterprise systems
Rapid deployment, especially for locations without wired infrastructure
When cellular connectivity is used as a primary or secondary link, SD-WAN becomes a powerful tool for building resilient, always-on IoT networks.
Practical SD-WAN Applications in IoT
Industrial IoT
Manufacturing plants and industrial facilities often rely on SD-WAN to connect production equipment, sensors, and gateways across multiple sites. SD-WAN enables:
Secure backhaul of machine data to cloud platforms
Failover between wired and cellular connections
Consistent security policies across factories and edge locations
Agriculture and Environmental Monitoring
In agriculture, IoT devices are frequently deployed in remote or rural areas where wired connectivity is unavailable. SD-WAN combined with cellular IoT connectivity allows operators to:
Aggregate data from distributed sensors and gateways
Centralize monitoring and analytics without local IT infrastructure
Healthcare and Remote Facilities
Healthcare environments increasingly depend on connected devices for monitoring, diagnostics, and operations. SD-WAN helps support:
Secure transmission of sensitive device data
Redundant connectivity for critical systems
Simplified management across clinics, mobile units, and temporary facilities
SD-WAN and Cellular IoT: A Natural Fit
Cellular connectivity, particularly LTE and 5G, plays an important role in modern SD-WAN architectures. In IoT deployments, cellular links are often used as:
Primary connectivity for remote or mobile sites
Backup links to improve availability if wired connections fail.
Rapid deployment options when speed and flexibility matter
By treating cellular as a first-class network path, SD-WAN enables organizations to build IoT networks that are both flexible and resilient.
Why SD-WAN Matters for IoT — and How Soracom Fits In
As IoT deployments grow in size and complexity, managing connectivity becomes just as important as managing devices. SD-WAN provides the control plane needed to orchestrate traffic across distributed environments, while IoT connectivity platforms provide the foundation for secure, scalable network access.
Soracom supports this architecture by delivering global, cloud-native cellular connectivity designed specifically for IoT. With features such as:
Soracom enables organizations to integrate cellular connectivity seamlessly into SD-WAN and hybrid network designs.
Together, SD-WAN and Soracom’s IoT connectivity services help organizations build secure, flexible, and scalable IoT networks, allowing teams to focus less on network complexity and more on delivering real-world business outcomes.
ICCID at a Glance:
ICCID is the unique identifier assigned to a physical SIM card that is commonly used by connectivity platforms to provision, track, and manage SIMs throughout their lifecycle.
In IoT, ICCIDs are essential for SIM provisioning, activation, lifecycle management, and troubleshooting.
Understanding ICCID helps organizations scale IoT deployments efficiently and maintain visibility across large device fleets.
What is an ICCID?
An Integrated Circuit Card Identifier (ICCID) is a globally unique identification number assigned to every SIM card, including IoT SIMs and embedded SIMs. It allows mobile network operators (MNOs) and connectivity platforms to recognize, provision, and manage individual SIM cards within a cellular network.
For IoT deployments, SIM cards represent the foundational building block of cellular connectivity. In order for an IoT device to connect to a network, the network must be able to identify and authenticate the SIM it is using. The ICCID helps to identify the SIM hardware itself – independent of the device or modem it is installed in.
Although the ICCID is not the only identifier associated with an IoT SIM, it is one of the most important for inventory control, activation, and ongoing lifecycle management.
Why Identifiers Matter in Cellular IoT
At a basic level, a cellular network could theoretically identify devices using only hardware-based identifiers. However, tying connectivity directly to device hardware limits flexibility and scalability—especially in IoT environments where devices may be replaced, upgraded, or redeployed.
This is where Subscriber Identity Modules (SIMs) come in. SIM cards separate the subscription credentials from the identity of the hardware. By associating connectivity with a SIM rather than a specific modem, organizations gain the ability to:
Move SIMs between devices
Replace or upgrade hardware without re-provisioning service
Maintain consistent billing and connectivity profiles
This same principle that enables consumers to move a SIM between smartphones is even more valuable in IoT deployments, where hardware lifecycles and deployment environments vary widely.
ICCID Structure Explained
The ICCID is typically a 19-digit numeric code (including one randomized digit called a check digit), often printed on the SIM card or its packaging. Each segment of the ICCID provides specific information about the SIM.
Example ICCID:
8942310000012345678
The components include:
Major Industry Identifier (MII): The first two digits are always 89, indicating telecommunications.
Country Calling Code (CC): One to three digits identifying the country of the issuing organization, assigned by the International Telecommunication Union (ITU).
Mobile Network Code (MNC): One to four digits identifying the issuing mobile network operator.
Together, these sections form the Issuer Identification Number (IIN).
Individual Account Identification: The remaining digits uniquely identify the SIM card itself, except for EUICC SIMs, which just identifies the profile.
Check Digit: The final digit is calculated using the Luhn algorithm, allowing systems to validate the ICCID’s accuracy.
This structure provides a globally unique identifier that systems can use to track SIMs or eSIM profiles anywhere in the world.
ICCID vs Other SIM and Device Identifiers
While ICCID is essential, it works alongside several other identifiers in IoT deployments:
IMSI (International Mobile Subscriber Identity): Identifies the subscriber and is used for network authentication and billing. Unlike ICCID, IMSI determines how a device accesses cellular networks.
IMEI (International Mobile Equipment Identity): Identifies the cellular modem hardware installed in the device, not the SIM.
MSISDN: A phone-number used when voice or SMS services are involved.
EID: A unique identifier associated with eUICChardware. Each eSIM profile on the eUICC has its own ICCID.
In simple terms: ICCID identifies the SIM card itself, while IMSI and IMEI govern network access and hardware identity.
Why ICCID Matters for IoT Deployments
In large-scale IoT deployments, ICCIDs are a common operational identifier for inventory and provisioning. They are used to:
Activate and deactivate SIMs
Track SIM inventory across thousands of devices
Associate devices with data plans and billing
Diagnose connectivity issues
Automate lifecycle management through APIs
Because IoT deployments often involve long-lived, remotely deployed devices, having clear ICCID-level visibility can speed up troubleshooting, simplify operations, and support scalable growth.
How Soracom Uses ICCID to Simplify IoT Connectivity
Soracom’s IoT connectivity platform is built around SIM-level management, where ICCID serves as a primary identifier for provisioning, monitoring, and automation. With Soracom SIMs, available in multiple form factors including embedded SIMs, organizations can:
Manage SIMs and devices centrally using ICCIDs
Automate provisioning and lifecycle workflows via APIs
Maintain visibility across global deployments
Easily scale from pilot to production
By combining standardized identifiers like ICCID with cloud-native management tools, Soracom helps teams deploy secure, flexible, and globally scalable IoT solutions, starting with the SIM card itself.
IMSI at a GlanceIMEI at a Glance
IMEI is a unique identifier assigned to the cellular modem inside an IoT device, allowing networks to recognize the hardware itself.
In IoT deployments, IMEI can help operators identify devices, enhance security, and prevent SIM misuse.
Features like Soracom’s IMEI Lock add an extra layer of protection by blocking new network sessions when the device-reported IMEI does not match an allowed IMEI.
What is an IMEI?
The International Mobile Equipment Identity (IMEI) is a globally unique, 15-digit number assigned to every cellular-enabled device. Unlike identifiers stored on the SIM card, the IMEI is tied directly to the modem hardware inside the device and is used by mobile networks to identify the equipment attempting to connect.
In IoT deployments—where devices such as payment terminals, sensors, gateways, and trackers may operate unattended for long periods—the IMEI plays an important role in device identity, security, and fleet management. It allows operators to distinguish one physical device from another, even if SIM cards are moved or replaced.
The Role of IMEI in IoT Deployments
IMEI is especially important in IoT because connectivity is often decoupled from end-user interaction. Devices may be deployed in the field, installed in public or semi-public locations, or managed remotely at scale.
In these scenarios, IMEI helps enable:
Device-level identification independent of the SIM
Fraud and misuse detection, such as unauthorized SIM relocation
Fleet visibility, allowing operators to associate connectivity usage with specific hardware
Security controls, when paired with SIM and network management tools
IMEI does not grant network access on its own, but it can be used as an input for policies governing which device a SIM is allowed to operate in.
IMEI vs Other Cellular Identifiers
IMEI works alongside other identifiers commonly used in IoT:
ICCID (Integrated Circuit Card Identifier): Identifies the SIM card hardware.
IMSI (International Mobile Subscriber Identity): Identifies the subscriber and is used for network authentication and billing.
MSISDN: A phone-number identifier used for voice and SMS services.
In simple terms:
IMEI = device hardware
ICCID = SIM card
IMSI = subscriber identity
Understanding how these identifiers interact is key to building secure, scalable IoT architectures.
Why IMEI Matters for IoT Security
In real-world IoT deployments, SIM misuse can quickly become a costly and risky problem. If a SIM card is removed from its intended device and placed into another piece of hardware—such as a smartphone or hotspot—it can lead to unexpected data usage, security exposure, and billing overruns.
This risk is particularly high for devices deployed in accessible locations, including payment terminals, kiosks, industrial equipment, and shared facilities.
By tracking and enforcing IMEI associations, operators can ensure that SIMs behave as intended and remain bound to their approved devices.
Soracom IMEI Lock: Protecting IoT Deployments
Soracom offers an IMEI Lock feature that allows IoT SIMs to be restricted to a specific device IMEI. When enabled, Soracom blocks new data sessions if the device-reported IMEI does not match the configured IMEI Lock value.
If a SIM is moved to an unauthorized device:
Session establishment will be rejected due to an IMEI mismatch
No new data sessions can be established
Connectivity can be automatically blocked
IMEI Lock can be managed through the Soracom User Console, Soracom APIs, or automated using the Soracom Event Handler. For example, operators can configure rules that deactivate a SIM if an IMEI mismatch is detected or if excessive data usage occurs.
Importantly, IMEI Lock is not permanent. Administrators can remove or update the lock as devices are replaced, serviced, or redeployed – maintaining flexibility without sacrificing security.
Managing SIM Status Alongside IMEI Controls
IMEI Lock works in tandem with Soracom’s SIM status management capabilities. SIMs can be set to different operational states—such as Active or Standby—allowing teams to:
Disable connectivity during planned downtime
Automatically suspend SIMs that exceed data thresholds
Secure devices when they are not expected to be in use
These controls are especially valuable in regulated or high-risk environments like payment processing, healthcare, and industrial automation.
Why IMEI Control Matters – and How Soracom Helps
For IoT deployments at scale, managing connectivity at both the SIM level and the device level is essential. IMEI provides the hardware identity needed to prevent misuse, while Soracom’s IMEI Lock and SIM management tools turn that identity into actionable security controls.
By combining global IoT connectivity with features like IMEI Lock, API-driven automation, event-based controls, and centralized SIM management, Soracom helps organizations deploy IoT solutions that are not only scalable, but secure by design.
This approach allows teams to focus on delivering business value, confident that their devices, data, and connectivity are protected.
IMSI at a Glance
IMSI, or International Mobile Subscriber Identity, is the unique identifier that allows mobile networks to authenticate and connect IoT devices.
Modern IoT deployments often rely on Multi-IMSI SIMs, which enhance resilience, coverage, and cost efficiency by enabling devices to switch identities across networks.
For IoT deployments, IMSI flexibility improves uptime, simplifies global scaling, and reduces maintenance overhead.
What is an IMSI?
An International Mobile Subscriber Identity (IMSI) is a globally unique number assigned to every cellular subscriber. Stored on the SIM or eSIM, the IMSI allows mobile networks to identify and authenticate the subscriber, authorize connectivity, and manage services such as roaming and billing.
In IoT deployments, the IMSI is essential for ensuring that devices – whether sensors, gateways, or embedded modules – can attach to cellular networks securely and consistently. Because IoT devices are often deployed remotely and operate autonomously, the ability of the IMSI to facilitate reliable, secure authentication is critical.
An IMSI typically consists of three components:
MCC (Mobile Country Code) – Indicates the country of the operator.
MNC (Mobile Network Code) – Identifies the specific carrier.
MSIN (Mobile Subscriber Identification Number) – Uniquely identifies the subscriber.
Together, these elements allow any cellular infrastructure worldwide to recognize and authorize the connected device.
IMSI in IoT Deployments
IoT devices depend on stable and predictable connectivity. The IMSI plays a central role in enabling:
Global connectivity through roaming or multi-carrier profiles.
Device authentication on both home and partner networks.
Consistent access in environments where network conditions vary.
Network resilience for applications where downtime is unacceptable.
Because the IMSI hosts the ID that defines the user’s HLR network subscriptions, it directly influences coverage, connectivity quality, cost structure, and regulatory compliance.
The Role of Multi-IMSI SIMs in IoT
A multi-IMSI SIM supports multiple IMSIs on a single SIM card, enabling the device to switch between identities as needed. This capability is especially valuable for IoT deployments because it allows for:
Expanded coverage: Devices can connect to alternative networks if the primary one becomes unavailable.
Improved resilience: Failover between IMSIs reduces downtime.
Optimized costs: Devices can shift to networks or profiles with better pricing.
Compliance with regional requirements: Some markets restrict permanent roaming; multi-IMSI can ensure local-compliant profiles.
Remote adaptability: Switch IMSIs without physically accessing the device – critical for distributed or hard-to-reach deployments.
For IoT solutions that operate across borders, in mobile applications, or in mission-critical environments, multi-IMSI support significantly enhances performance and lowers operational burden.
Practical Applications of Multi-IMSI in IoT
Industrial IoT: Equipment in remote environments benefits from multi-IMSI failover to ensure always-on connectivity.
Logistics and asset tracking: Cross-border trackers maintain continuous access by switching to roaming and local IMSIs.
Agricultural IoT: Sensors deployed in rural areas leverage multiple networks to overcome coverage gaps.
Smart city infrastructure: Multi-IMSI ensures uninterrupted uptime for critical systems like parking, lighting, or traffic sensors.
Healthcare IoT: Medical devices in ambulatory or home-care settings stay connected by moving seamlessly between network partners.
Why Flexibility Matters – and How Soracom Helps
For IoT deployments, choosing SIMs with multi-IMSI capabilities is one of the most effective ways to ensure uninterrupted connectivity, reduce maintenance, and scale globally without friction. IMSI flexibility reduces coverage blind spots, mitigates roaming challenges, and keeps devices online even when network conditions change.
Soracom offers cloud-native IoT SIMs with multi-IMSI support, enabling devices to connect to the best available network automatically. With centralized SIM management, API-driven automation, and global connectivity coverage, Soracom helps teams deploy resilient IoT solutions that remain secure, scalable, and operational no matter where devices are deployed.
By pairing reliable IMSI technology with Soracom’s connectivity platform, organizations can build IoT systems that deliver higher uptime, better performance, and simplified large-scale operations.
EUICC at a Glance
eUICC is a programmable SIM component that allows remote carrier profiles to be added, switched, or managed over the air.
Ideal for IoT at scale, enabling future-proof connectivity without the need for physical SIM swaps.
Helps organizations reduce maintenance costs and improve deployment flexibility, especially for long-life devices in the field.
What is eUICC (Embedded Universal Integrated Circuit Card)?
eUICC is a SIM technology that allows devices to store multiple carrier profiles at once and download or switch between them remotely. Unlike traditional SIM cards, which typically contain a single carrier profile and cannot download new ones over the air, eUICCs offer remote provisioning, making connectivity far more flexible and scalable.
The core value is freedom of choice. With an eUICC-equipped device, organizations no longer have to physically replace SIMs – or even touch devices – to change networks. Instead, carrier profiles can be swapped over the air using remote SIM provisioning platforms, reducing operational friction and future-proofing deployments for changing coverage, cost, or regulatory needs.
eUICC technology, implemented in removable SIMs, embedded eSIMs, or integrated SIM hardware, has become increasingly relevant as IoT deployments grow globally and require connectivity that can adapt to markets, roaming policies, and supply chain realities.
Role of eUICC in IoT Deployments
For IoT, connectivity longevity and accessibility matter. Devices may remain in service for years or face environments where manual SIM swaps are unrealistic – inside sealed enclosures, deployed across remote agriculture fields, mounted to streetlights, installed in medical equipment, etc.
eUICC support makes IoT deployments more resilient by:
Enabling remote network switching without dispatching technicians
Supporting global scalability, even as carriers or roaming rules evolve
Simplifying procurement and manufacturing, reducing SKU fragmentation
Allowing multi-profile provisioning for redundancy and fallback
Minimizing downtime and operational cost, especially for distributed fleets
Paired with a cloud-native connectivity platform like Soracom, organizations can remotely manage SIM profiles, optimize coverage, and extend device lifecycle with less overhead.
Real-world examples of eUICC in IoT
Industrial IoT
A smart manufacturing facility deploys thousands of sensors across multiple regions. With eUICC, connectivity can be provisioned to the best carrier in each zone remotely, even if network performance shifts over time.
Predictive maintenance gateways in hard-to-reach locations stay online longer because profile updates happen via API instead of manual swap.
Agriculture IoT
Soil sensors, weather stations, and irrigation controls operate in remote farmland where trucks and technicians are costly. eUICC enables OTA carrier changes, keeping coverage optimized year-round.
As deployments expand internationally, the same SIM SKU works everywhere, simplifying supply chain and scaling.
Healthcare IoT & Medical Devices
Patient monitoring equipment that moves between facilities or regions can automatically switch carriers for reliable uptime.
Regulated environments benefit from tamper-resistant eSIMs, improving security and reducing risk associated with physical access.
Why use eUICC for IoT?
For organizations deploying connected devices at scale, eUICC offers the flexibility, longevity, and operational efficiency that traditional SIMs cannot match. It helps devices stay connected even as network needs evolve, whether that be due to coverage shifts, international expansion, new roaming rules, or cost considerations. With the ability to switch carrier profiles remotely, eUICC reduces truck rolls and manual maintenance, accelerating deployment and lowering total cost of ownership.
In short:
More flexibility and future-proofing
Lower operational overhead
Simplified global scaling
Reduced dependence on physical SIM logistics
For teams building long-lifecycle IoT products, adopting eUICC is a strategic advantage.
How Soracom Helps
Soracom provides global IoT connectivity with eUICC/eSIM support, allowing developers to remotely manage SIM profiles, optimize coverage, and scale deployments across regions without changing hardware. With features like centralized SIM management, secure network integration options, and API-driven automation, Soracom helps teams get the most from eUICC by making provisioning and lifecycle management simple, cloud-native, and scalable.
Whether you’re launching a pilot or managing thousands of devices in the field, Soracom ensures your eUICC-enabled IoT deployment stays flexible, resilient, and ready for what comes next.
LTE-M at a Glance
LTE-M is a low-power, wide-area cellular network technology built on 4G LTE, designed specifically for IoT and M2M communications.
It offers extended coverage, mobility support, low power consumption, and moderate data throughput ideal for portable, battery‑powered IoT devices.
LTE-M enables scalable, reliable IoT connectivity for applications in asset tracking, smart metering, wearables, and industrial monitoring.
What is LTE-M?
LTE-M (Long Term Evolution for Machines) is a cellular communication standard optimized for IoT. Built on existing 4G LTE infrastructure, LTE-M delivers low-power, efficient data transmission suitable for devices that need to operate for long periods in the field, often on battery power. Unlike traditional LTE designed for smartphones, LTE-M supports reduced bandwidth, low energy usage, and deep indoor coverage, making it an ideal connectivity option for IoT deployments at scale.
LTE-M is part of the 3GPPLPWANfamily alongside NB-IoT, but is uniquely capable of supporting mobility and voice over LTE (VoLTE) within the LPWAN family, and is able to effectively handoff between towers (making it ideal for mobile devices), It is also capable of over-the-air firmware updates (FOTA) – key requirements for evolving IoT fleets.
LTE-M Categories
LTE-M is typically available in two 3GPP-defined categories:
Cat‑M1 — 1.4 MHz bandwidth, peak data rates around 1 Mbit/s, extended coverage, low power, and full mobility/VoLTE support. This is the category used by today’s commercial LTE‑M networks.
Cat‑M2 — Defined in Release 14 as a higher‑bandwidth (5 MHz) evolution with much higher peak data rates (several Mbit/s), but it is not yet widely deployed in commercial networks.
When Should You Use LTE-M for IoT?
Organizations choose LTE-M when deployments require:
Battery‑efficient connectivity for devices in the field
Reliable coverage, including underground or indoor environments
Mobility support, such as tracking moving assets across regions
Low‑to‑moderate data usage, such as telemetry or sensor readings
Scalable global cellular connectivity with simple provisioning
Long‑term maintenance, including remote FOTA updates
The combination of low energy draw and cellular reliability makes LTE‑M a strong option for IoT devices expected to operate autonomously for years.
Key Advantages of LTE-M for IoT
Extended coverage & deep penetration — Improved signal reach in basements, industrial sites, and remote geography.
Low power consumption — Power Saving Mode (PSM) and eDRX enable multi‑year battery lifespan.
Mobility‑friendly — Designed for tracking and devices in motion.
Moderate throughput (up to ~1 Mbps) — Suitable for sensor data, logs, and OTA updates.
Lower device cost vs. full LTE — Reduced module complexity supports affordable scaling.
Future‑proof IoT functionality — Supports FOTA, voice (VoLTE‑M), and long‑term compatibility within 4G networks.
Example Use Cases for LTE-M in IoT
LTE‑M is used widely across industrial, commercial, smart city, and consumer IoT. Common deployments include:
Industrial IoT
Asset and fleet tracking — Mobile machinery, vehicles, and high‑value equipment report location and usage in real time.
Predictive maintenance — Sensors monitor vibration, temperature, or usage hours to prevent equipment failure.
Smart Utilities & Infrastructure
Smart metering — Gas, water, and electricity meters send scheduled readings without manual collection.
Environmental monitoring — Sensors track weather, air quality, or soil conditions in remote areas.
Consumer & Healthcare
Wearables and medical devices — LTE‑M enables mobility and energy efficiency for health monitoring devices.
Personal safety devices — Panic buttons, lone‑worker devices, or emergency wearables stay connected in motion.
Why Choose LTE-M for IoT Deployments?
LTE‑M provides a flexible balance of coverage, cost, and efficiency, making it one of the most versatile connectivity options for global IoT projects. With support for long‑life battery systems, mobility, and scalable provisioning, LTE‑M allows organizations to deploy thousands (potentially millions) of connected devices with confidence.
When paired with platforms like Soracom, LTE‑M becomes even more powerful. Soracom offers global cellular connectivity, eSIM/SIM support, device management tools, private networking options, and APIs for fleet automation, helping teams accelerate development and reduce operational overhead.
Whether you’re deploying a smart metering network, tracking assets across regions, or launching battery‑powered sensors in the field, LTE‑M delivers reliable IoT connectivity built for scale.
APN at a Glance
An APN (Access Point Name) is the gateway between a cellular network and the internet or private networks, determining how IoT devices connect and communicate.
In IoT, Private APNs offer secure, customizable, and controlled connectivity, reducing risks and enabling integration with enterprise systems.
Choosing the right APN type (public or private) is essential for balancing security, scalability, and flexibility in IoT deployments.
What is an Access Point Name (APN)?
An Access Point Name (APN) is the configuration that allows a device on a mobile network (such as LTE or 5G) to connect to external packet data networks like the internet, cloud platforms, or private enterprise networks.
When an IoT device connects to a cellular network, the APN defines:
Routing: Where device traffic is directed (public internet, VPN, or private network).
Authentication: Which devices are permitted to connect.
Network Services: Specific policies like firewalls, DNS resolution, or NAT rules.
Without an APN, devices cannot transmit data over cellular networks, making APNs fundamental to IoT connectivity.
Types of APNs
Public APN
Uses the default mobile carrier network, sharing infrastructure with consumer devices.
Provides internet access with minimal setup.
Best for: Prototyping, small-scale IoT deployments, or devices with low security requirements.
Private APN
Creates a dedicated, private network slice within the carrier infrastructure.
Offers enhanced security, control, and traffic management for enterprise and IoT applications.
Can be configured to connect devices directly to corporate data centers or cloud environments without touching the public internet.
Best for: Large-scale IoT deployments, regulated industries, or applications with sensitive data (e.g., healthcare, utilities, industrial IoT).
Core Components of an APN in IoT
1. Gateway
Serves as the interface between the mobile operator’s network and external networks.
Determines whether traffic flows to the internet, a VPN, or a private network.
2. Authentication
Ensures that only authorized devices with valid SIMs and credentials can access the APN.
Often tied to enterprise security policies for IoT deployments.
3. Routing Policies
Control how traffic flows, such as enforcing that all device traffic is routed through a secure enterprise firewall or cloud endpoint.
4. DNS and NAT Services
Allows users to configure preferred DNS server
NAT will be determined by the firewall traffic is routed toward
How APNs Work in IoT
When an IoT device connects to a cellular network:
The device uses its profile to request access via a specific APN.
The serving gateway authenticates the request and applies APN-specific policies.
The PGW will route traffic based on APN-specified settings (be it via public internet, enterprise VPN, or private cloud).
This setup ensures scalable and secure device connectivity, especially in IoT systems with thousands or millions of endpoints.
Private APNs in IoT: Why They Matter
Private APNs are increasingly essential for IoT because they provide:
Security: Keep traffic off the public internet, reducing attack surfaces.
Custom Control: Define routing, firewall, and monitoring policies specific to IoT use cases.
Scalability: Support thousands of devices under one cohesive network policy.
Integration: Seamlessly connect IoT devices to enterprise networks or cloud infrastructure.
Reliability: Prioritize device traffic and reduce risk of network congestion.
For IoT deployments in industries like utilities, smart cities, fleet management, or healthcare, Private APNs enable the level of control and compliance required for mission-critical systems.
Common IoT Use Cases for APNs
Industry
IoT Application Example
Smart Utilities
Secure smart meter data routing to private utility data centers
Fleet Management
Vehicle telematics devices sending data via Private APNs to HQ
Healthcare
Medical IoT devices transmitting sensitive data securely
Industrial IoT
Factory sensors communicating only within private networks
Retail
Point-of-sale systems and kiosks protected from public internet exposure
Benefits of Using Private APNs for IoT
Data Security: Isolate IoT traffic from consumer internet.
Custom Policies: Tailor firewall and routing to business needs.
Operational Visibility: Monitor device traffic patterns in real-time.
Seamless Cloud Integration: Direct traffic into AWS, Azure, or Google Cloud VPCs.
Compliance Support: Helps meet regulatory requirements around data protection.
Challenges of APNs in IoT
Cost: Private APNs often involve setup and monthly fees.
Complexity: Requires technical expertise to configure and maintain.
Scalability Across Borders: Managing APN access across multiple carriers can be difficult for global IoT deployments.
Public vs Private APNs in IoT
Feature
Public APN
Private APN
Connectivity
Routes device traffic through the public internet
Routes traffic wherever you want, even through a private, controlled network environment
Security
Shared infrastructure, higher exposure to cyber threats
Isolated traffic, reduced attack surface
Configuration
Minimal setup, carrier-provided defaults
Customizable routing, policies, and enterprise integration
Scalability
Suitable for smaller IoT deployments or prototypes
Designed for large-scale, mission-critical IoT networks
Cost
Lower upfront cost, included with most SIMs
Higher cost, often with setup fees and monthly service charges
Control
Limited visibility and traffic management
Full control over traffic routing, monitoring, and security policies
Choose a Public APN if you are running small-scale IoT projects, prototypes, or consumer-facing devices where ease of setup and low cost outweigh the need for strict security and traffic control.
Choose a Private APN if you are deploying large-scale, business-critical, or regulated IoT systems that require secure, private connectivity, integration with enterprise IT or cloud environments, and detailed control over how device traffic is routed and monitored.
How Soracom Enhances APN Use in IoT
Soracom simplifies APN management by providing secure, flexible Private APN solutions tailored for IoT. Unlike standard APN setups that share a mobile network operator’s packet gateway (PGW), Soracom offers the ability to create a Virtual Private Gateway (VPG) — giving you the benefits of a dedicated PGW without the overhead of building one yourself.
With Soracom, you can choose the right level of control and isolation for your IoT deployment:
Soracom VPG (Virtual Private Gateway): Functions like having your own PGW in the cloud. Instead of sharing an MNO’s PGW with other subscribers, your traffic is routed through a fully isolated environment where you control routing, firewall rules, and IP addressing. This ensures enterprise-grade security, custom traffic engineering, and private network segmentation.
Soracom Private Garden: Keeps device traffic fully isolated from the internet.
Soracom Canal: Connects IoT traffic directly to your AWS VPC.
Soracom Direct: Provides a dedicated leased line between Soracom and your data center.
Soracom Door: Enables IPsec VPN tunnels from devices to enterprise networks.
By combining Private APNs with Soracom VPG and cloud-native integrations, IoT developers gain end-to-end control of their traffic flow — from device to gateway to cloud — enabling secure, compliant, and globally scalable IoT connectivity.
Traditional MNO APN vs Soracom VPG
Feature
Traditional MNO APN
Soracom VPG (Virtual Private Gateway)
Packet Gateway (PGW)
Shared with other subscribers on the carrier’s infrastructure
Dedicated virtual gateway environment, isolated per customer
Traffic Control
Limited, fixed routing policies managed by the MNO
Full control over routing, firewall rules, and IP addressing
Security
Shared environment increases exposure and dependency on MNO
Private, enterprise-grade isolation with reduced attack surface
Integration Options
Difficult to directly connect to enterprise or cloud systems
Direct integration with AWS, Azure, GCP, or enterprise networks
Flexibility
Standardized, limited customization
Highly flexible, supports private peering, VPNs, and custom setup
Best For
Basic internet access for consumer or small-scale IoT
Large-scale, mission-critical, and regulated IoT applications
Conclusion: Why APNs are Critical in IoT
The Access Point Name (APN) is more than just a network setting—it is the foundation of secure and reliable IoT connectivity. With the rise of Private APNs, enterprises now have the tools to create controlled, scalable, and secure communication environments for their connected devices.
By leveraging Soracom’s Private APN solutions, IoT projects can balance flexibility, compliance, and scalability, ensuring connectivity that evolves with business and technology demands.
3GPP at a Glance
3GPP sets global mobile standards for 3G, 4G, 5G, and IoT (e.g., NB-IoT, LTE-M) to ensure interoperability across networks and devices.
Powers mobile broadband and IoT connectivity with scalable, low-power, and reliable communication technologies.
Key benefits: global reach, future-ready standards; challenges: higher costs, rural coverage gaps, and deployment complexity.
What is 3GPP?
The 3rd Generation Partnership Project (3GPP) is a collaboration between several telecommunications standard development organizations; its mission is to set the global standards for mobile broadband communications with an eye toward the Internet of Things (IoT). These standards are designed to set the benchmarks for communications technologies like 3G, 4G, 5G, and beyond, ensuring interoperability between different mobile networks, operators, and devices worldwide.
3GPP plays an important role in maintaining consistent global standards in mobile communication, providing a foundation for the rapid evolution of wireless technologies. As these new advancements arise, 3GPP continually adapts and introduces new standards to ensure that mobile networks continue to evolve efficiently and cohesively.
Key 3GPP Standards
3GPP standards cover various generations of mobile communication technologies. Here are some key Radio Access Technologies defined by 3GPP standards:
3G (UMTS): The Universal Mobile Telecommunications System (UMTS) is a standard for 3G networks, offering high-speed data transmission for mobile devices and services.
4G (LTE): Long-Term Evolution (LTE) is a 4G standard designed to provide faster data speeds, lower latency, and improved network efficiency compared to previous generations.
5G: The fifth-generation mobile standard aims to provide ultra-fast data speeds, reduced latency, massive connectivity, and support for emerging technologies like the IoT and autonomous vehicles.
NB-IoT (Narrowband IoT): A cellular technology designed specifically for IoT, providing low-power, wide-area coverage for devices that need intermittent data transmission.*
LTE-M: Another IoT-specific standard designed for mobile devices that require low power consumption, mobility, and low data rates.*
Note: These technologies are both part of LTE Release 13, meaning that though they are distinct radio access technologies, they are not technically separate standards themselves.
Each standard within the 3GPP framework plays a vital role in different areas of mobile communication. As mobile networks continue to evolve, these standards ensure that they support both consumer devices and specialized industrial applications, such as IoT.
Differences Between the Standards
The Radio Access Technologies defined by 3GPP standards differ in terms of speed, coverage, and use cases:
3G (UMTS): Best suited for voice and moderate data speeds, primarily used for basic mobile internet services.
4G (LTE): Offers much faster data speeds and lower latency, ideal for streaming, gaming, and mobile internet applications.
5G: Provides the highest speeds, ultra-low latency, and enhanced reliability. It supports massive IoT deployment, autonomous driving, and other advanced applications.
NB-IoT: Focuses on IoT devices with low data requirements, long battery life, and wide-area coverage, such as environmental sensors and smart city infrastructure.
LTE-M: Suitable for mobile IoT devices that require more mobility and data throughput than NB-IoT, but less than 4G LTE devices.
Understanding the differences between these technologies allows for better decision-making when deploying mobile networks and IoT devices. Each serves a unique need, whether it’s for high-speed mobile broadband, efficient low-power IoT communication, or the ultra-fast, reliable requirements of 5G.
Role of 3GPP in the Internet of Things (IoT)
3GPP plays a significant role in the development of the IoT by defining cellular standards that ensure IoT devices can communicate efficiently over mobile networks. Here are its contributions:
Connectivity: 3GPP standards like NB-IoT and LTE-M provide the connectivity backbone for IoT applications, ensuring that devices can send and receive data even in remote or hard-to-reach areas.
Scalability: The standards allow for massive device deployments, which is essential as IoT networks grow in size and complexity. 5G, in particular, is designed to handle billions of connected devices simultaneously.
Low Power Consumption: Standards like NB-IoT and LTE-M are optimized for low-power devices, extending battery life and enabling long-term deployment of IoT devices without frequent maintenance.
The role of 3GPP is indispensable in IoT because its standards lay the groundwork for reliable, scalable, and energy-efficient communication in a connected world. As IoT continues to grow, 3GPP ensures that connectivity remains robust and future-proof.
Strengths and Weaknesses of 3GPP in IoT
While 3GPP standards offer several advantages in the IoT space, they also have limitations:
Strengths:
Global Coverage: 3GPP standards are adopted globally, providing seamless connectivity across regions and networks.
Reliable Connectivity: Cellular networks are known for their reliability and stability, which is crucial for mission-critical IoT applications.
Future-Proofing: With the ongoing evolution of 5G and its support for IoT-specific features, 3GPP ensures that IoT solutions can scale with emerging needs.
Weaknesses:
Cost: Cellular IoT solutions may have higher costs for connectivity compared to alternatives like Wi-Fi or Bluetooth, especially in terms of network fees.
Coverage Gaps: While cellular networks provide wide coverage, there may still be rural or remote areas with limited or no coverage.
Complexity: The various standards (e.g., NB-IoT, LTE-M, 5G) can be complex to integrate, requiring specialized knowledge for deployment.
3GPP offers several strengths, especially in terms of reliable global connectivity, but there are challenges to overcome, such as the cost of implementation and complexity. Nevertheless, its ongoing development ensures that IoT applications will continue to grow and adapt to new needs and technologies.
LTE Cat 1bis is a simplified version of LTE Cat 1 that uses a single antenna, reducing hardware complexity and cost for IoT devices.
It offers full 4G LTE support and speeds up to 10 Mbps, making it ideal for applications that need more bandwidth than LTE-M or NB-IoT, without the demands of Cat 4.
Best suited for compact, cost-sensitive IoT deployments in asset tracking, smart agriculture, industrial monitoring, and consumer devices.
What is LTE Cat 1bis?
LTE Cat 1bis is a streamlined, cost-efficient variant of LTE Category 1 connectivity, designed specifically for IoT devices. It delivers reliable 4G cellular performance while reducing hardware complexity by operating with a single antenna – unlike standard Cat 1, which requires two.
What Makes LTE Cat 1bis Unique?
While LTE Cat 1 offers a solid balance between speed and power consumption for IoT, Cat 1bis lowers the entry barrier for device makers and developers by simplifying the hardware requirements:
✅ No dependency on 5G or LTE-M/NB-IoT availability
By reducing the need for a second antenna, Cat 1bis allows for smaller, less expensive, and easier-to-deploy devices, especially where space or cost is a limiting factor.
When to Choose LTE Cat 1bis Over Other Technologies
LTE Cat 1bis is ideal for applications that:
Require nationwide or global LTE coverage
Need faster data speeds than NB-IoT or LTE-M can provide
Want to avoid the complexity of dual antennas and related RF design
Don’t demand the ultra-high throughput of Cat 4 or 5G
It offers a middle ground between LTE-M/NB-IoT (great for low power, low bandwidth) and higher-end LTE (like Cat 4, which requires more power and more complex hardware).
Ideal IoT Use Cases for LTE Cat 1bis
📦 Asset Tracking & Logistics Lightweight trackers with limited space benefit from Cat 1bis’s single antenna design and broad LTE coverage—ideal for cross-border tracking and condition monitoring.
🏠 Smart Home & Consumer Devices Devices like connected thermostats or alarm systems that transmit moderate amounts of data can leverage Cat 1bis without requiring advanced LTE modules.
🌾 Smart Agriculture In-field sensors and equipment that need LTE connectivity without the complexity of high-end RF design can use Cat 1bis for remote monitoring and control.
🏭 Industrial IoT (IIoT) Devices like remote monitoring units, predictive maintenance sensors, or machine telemetry tools that need decent uplink speeds but simple integration can benefit from Cat 1bis.
LTE Cat 1 vs. LTE Cat 1bis: What’s the Difference?
Feature
LTE Cat 1
LTE Cat 1bis
Antennas required
2
1
Download speed
~10 Mbps
~10 Mbps
Coverage
Global LTE
Global LTE
Cost
Higher (more components)
Lower (fewer components)
Power efficiency
Moderate
Moderate
Why Use LTE Cat 1bis for IoT?
LTE Cat 1bis represents a sweet spot for IoT deployments: it provides the reliability of LTE, global coverage, and faster data speeds than low-power technologies—without the extra hardware overhead.
For teams building connected devices where cost, size, and ease of integration matter, Cat 1bis can reduce time to market and simplify design—especially when paired with Soracom’s IoT SIM and device management platform.
A VPN (Virtual Private Network) encrypts data between devices and networks, ensuring secure communication across public or shared connections.
In IoT, VPNs offer secure remote access, protect sensitive data, and enable private networking for distributed devices.
VPNs support scalable, compliant, and resilient IoT deployments—ideal for secure, global connectivity via Soracom.
What is a VPN?
A Virtual Private Network (VPN) is a secure communication method that creates an encrypted tunnel between two points across a public or shared network, like the internet. This tunnel protects data from interception, tampering, or surveillance, ensuring privacy and confidentiality even when transmitting over unsecured channels. For IoT (Internet of Things) devices, which often communicate sensitive data between distributed locations, a VPN adds an essential layer of security by safeguarding traffic against cyber threats.
When Should You Deploy a VPN in IoT?
In an IoT deployment, you might choose to use a VPN when:
Secure remote access is needed to connect to devices or networks without exposing them directly to the internet.
Private networking is required to isolate IoT devices from public networks and reduce attack surfaces.
Data protection is critical, especially when transmitting sensitive or regulated information between devices, cloud platforms, or on-premise systems.
Reliable connectivity is necessary, and you want to avoid disruptions caused by network filtering, NAT, or firewalls.
Centralized network control is desired, allowing operators to manage device connections and monitor traffic securely from a single access point.
Applications of VPNs in IoT Deployments
VPNs play a powerful role in IoT ecosystems, enabling a range of secure applications, including:
Remote monitoring and control: Securely access IoT devices deployed in the field, such as sensors, cameras, or gateways, without risking exposure to public networks.
Secure data transmission: Protect telemetry, diagnostics, and command data exchanged between devices and cloud services.
Multi-site integration: Link distributed IoT deployments across different geographic locations into a single, secure virtual network.
Third-party integrations: Safely connect IoT devices to external partners, vendors, or analytics services without opening up vulnerabilities.
Regulatory compliance: Meet security and privacy requirements (such as GDPR or HIPAA) by ensuring encrypted communication between devices and systems.
Why Use a VPN for Your IoT Deployment?
Using a VPN for your IoT deployment provides a critical layer of security and reliability. It protects sensitive data, reduces the risk of cyberattacks, and ensures your devices communicate safely across diverse network environments. Whether you’re scaling a global IoT deployment or running a secure pilot project, a VPN helps you maintain network integrity, meet compliance requirements, and deliver robust, secure connectivity across all your IoT endpoints. For Soracom users, VPN services can be seamlessly integrated into your IoT architecture, providing cloud-native, scalable solutions designed specifically for the unique challenges of IoT connectivity.