Common failure modes (why roaming bites)
1) Single-IMSI lock-in
One IMSI means one home network strategy. When the preferred partner is weak in a region, devices cling to poor signal or congested cells. Result: flapping telemetry and “ghost offline” events.
2) Steering that ignores local reality
Some roaming partners push devices onto a specific network even when another has better RSRP/RSRQ or lower loss. You only see it when you compare sites across operators.
3) Sticky registrations after faults
After a local outage, devices can sit on a degraded cell or fall back to legacy RATs and never promote back without help.
4) Brittle allow-lists
Hard-coded IPs for SCADA/MDM break when routes change; wildcard FQDNs are too open. Both create noisy failures.
5) One policy for every asset
Meters, RTUs and DER gateways behave differently; a single connectivity policy often short-changes one group.
Principles for dependable metering across borders
Multi-IMSI first
Give each SIM multiple IMSIs from different carriers. If a partner underperforms, policy can switch profiles without having to physically switch the SIM-cards.
eUICC for profile agility
Load and activate local or regional profiles where permanent roaming is restricted or performance demands it — over the air, in controlled waves.
Policy-based steering, not hope
Steer by measurable thresholds (attach success, packet loss, latency) and business rules (priority networks per country). Re-evaluate on breach or on a schedule.
Protocol and destination allow-lists
Approve only what each device type needs — e.g., DLMS/COSEM → MDM FQDN, IEC-104/DNP3 → named masters, MQTT → broker FQDN. Default-deny everything else.
Health signals you can act on
Track attach success, RAT changes, PDP drops, RTT and loss per site. Alert on outliers; adjust IMSI/profile or steering policy automatically.
Separate policies per asset class
Meters: favour coverage and delivery assurance; allow buffered sends. Substations and DER: tighter thresholds and faster failover.
Checklist for tenders and supplier reviews
Resilience and coverage
-
Multi-IMSI on every SIM, with at least two non-affiliated IMSIs per country.
-
Country-level network prioritisation you can change centrally.
-
Evidence of coverage and performance by operator, not just logos.
eUICC and profile control
-
Remote download/enable/disable/delete of profiles at fleet scale with cohorts, windows and rollbacks.
-
Local profiles where permanent roaming limits apply.
Policy and automation
-
Steering based on health thresholds and business rules (per country, per asset class).
-
Separate policies for meters, substations and DER gateways.
-
API to trigger policy/profile changes from monitoring alerts.
Security and routing
-
Keep OT traffic off the public internet (private APN or private routing to SCADA/MDM/cloud).
-
Protocol/FQDN allow-lists per device type; default-deny.
-
Per-session maintenance with auto-expiry and audit.
Observability and evidence
-
Per-device roaming metrics (RAT, cell changes, attach failures, PDP resets).
-
Session-level logs (who/what/when/policy) exportable to your SIEM.
-
Before/after reports when policies or profiles change.
How this comes together (example)
-
A meter cluster in a border region shows rising packet loss and delayed reads. Policy detects the breach, flips 40% of devices to an alternate IMSI during the low-tariff window, pins them for 24 hours, then resumes normal evaluation. Loss drops below threshold and missed reads disappear.
-
After a storm, three substations stay on degraded cells. Health rules trigger a temporary profile swap and faster RAT selection; IEC-104 polling stabilises without a site visit.
Roaming isn’t just “who has a partner where”. It’s how quickly your fleet adapts when conditions change. Multi-IMSI plus eUICC gives you options; policy turns those options into uptime.
Explore IXTs coverage map here to verify your country needs and our multi-network options.
Also take a look at our Secure IoT SIM: learn about eUICC + multi-IMSI and how Zero Trust controls work.
