Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.

Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.

Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.

Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.

Abstract: A distributed policy model for access control is disclosed. In an enterprise-only mode, each node within a networking environment has its resource access governed by the same enterprise-wide policy. The enterprise-wide policy is set through creation of one or more enterprise policy objects. In an integrated mode, nodes are organized in a number of arrays. Each array has an array-wide policy set through creation of an array policy object. Each array-wide policy initially inherits the enterprise-wide policy. Additional resource access and protocol use restrictions can be added to the individual array-wide policies. In an array-only mode, each array has an array-wide policy also set through creation of an array policy object, but the policy does not necessarily initially inherit an enterprise-wide policy. In a stand-alone mode, a single server has its own policy.

Abstract: Proxy network address translation (PNAT) is disclosed, which combines proxy server capability with network address translation (NAT) capability. At a NAT component, address translation is performed at a packet level of a stream of packets originating from a client and destined for a server. The address translation redirects the packets to a proxy component, and masks the source of the packets. At the proxy component, filtering is performed at a stream level of the stream of packets. The proxy component transmits the packets to the server. A specific installed component is not required at clients for access through the PNAT. The PNAT retains the advantages of a proxy server, while retaining for the component-less nature of access of NAT.

Abstract: A distributed policy model for access control is disclosed. In an enterprise-only mode, each node within a networking environment has its resource access governed by the same enterprise-wide policy. The enterprise-wide policy is set through creation of one or more enterprise policy objects. In an integrated mode, nodes are organized in a number of arrays. Each array has an array-wide policy set through creation of an array policy object. Each array-wide policy initially inherits the enterprise-wide policy. Additional resource access and protocol use restrictions can be added to the individual array-wide policies. In an array-only mode, each array has an array-wide policy also set through creation of an array policy object, but the policy does not necessarily initially inherit an enterprise-wide policy. In a stand-alone mode, a single server has its own policy.

Abstract: A distributed policy model for access control is disclosed. In an enterprise-only mode, each node within a networking environment has its resource access governed by the same enterprise-wide policy. The enterprise-wide policy is set through creation of one or more enterprise policy objects. In an integrated mode, nodes are organized in a number of arrays. Each array has an array-wide policy set through creation of an array policy object. Each array-wide policy initially inherits the enterprise-wide policy. Additional resource access and protocol use restrictions can be added to the individual array-wide policies. In an array-only mode, each array has an array-wide policy also set through creation of an array policy object, but the policy does not necessarily initially inherit an enterprise-wide policy. In a stand-alone mode, a single server has its own policy.

Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first- or second-phase verification fails, then the request is denied.

Abstract: Two-phase filtering for a firewall is disclosed. In the first, general phase, a request is filtered to verify one or more of: that the request is pursuant to a supported protocol, that a command of the request is allowed, that the length of the request does not exceed the allowed maximum for the command, and that characters of the request are of an allowable type. Upon first-phase verification, a second phase is invoked that is particular to the protocol of the request. In the second, specialized phase, the request is filtered to verify one or more of the source, the destination, and the content of the request. Upon second-phase verification, the request is allowed to pass. If either first-or second-phase verification fails, then the request is denied.

Abstract: A distributed policy model for access control is disclosed. In an enterprise-only mode, each node within a networking environment has its resource access governed by the same enterprise-wide policy. The enterprise-wide policy is set through creation of one or more enterprise policy objects. In an integrated mode, nodes are organized in a number of arrays. Each array has an array-wide policy set through creation of an array policy object. Each array-wide policy initially inherits the enterprise-wide policy. Additional resource access and protocol use restrictions can be added to the individual array-wide policies. In an array-only mode, each array has an array-wide policy also set through creation of an array policy object, but the policy does not necessarily initially inherit an enterprise-wide policy. In a stand-alone mode, a single server has its own policy.

Abstract: A novel catalyst comprising the elements Mo, Bi, Fe, Si, Ni and/or Co and Ru and/or Sb, and, optionally Cl, and an oxidation process, is provided for oxidizing alpha, beta unsaturated monoolefins in the vapor phase with molecular oxygen to produce the corresponding alpha-beta unsaturated carboxylic acid and alpha-beta unsaturated aldehyde. The catalyst can also be used in corresponding ammoxidation reactions.