Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user to be used during a name resolution process. In some implementations, when an identifier is obtained for a network resource, the identifier may be stored in a cache with resolution parameters that were used in obtaining the identifier. When a new name resolution request is received, the cache may be examined to determine whether a corresponding second identifier is in the cache, and whether resolution parameters used to retrieve the second identifier in the cache match the resolution parameters for the new resolution request. If so, the second identifier may be returned from the cache.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user, such as an end user or an administrator, to be used during a name resolution process for securing the process and/or for conducting the process in an overlay network. In some implementations, the set of resolution parameters may be maintained as a table of rules, and used to govern name resolution processes. For example, resolution parameters may be created that govern a DNSSEC session, or that govern how to communicate with networks implemented with Microsoft's Direct Access overlay technologies, or that govern communications using any other networking technology.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user to be used during a name resolution process. In some implementations, when an identifier is obtained for a network resource, the identifier may be stored in a cache with resolution parameters that were used in obtaining the identifier. When a new name resolution request is received, the cache may be examined to determine whether a corresponding second identifier is in the cache, and whether resolution parameters used to retrieve the second identifier in the cache match the resolution parameters for the new resolution request. If so, the second identifier may be returned from the cache.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user, such as an end user or an administrator, to be used during a name resolution process for securing the process and/or for conducting the process in an overlay network. In some implementations, the set of resolution parameters may be maintained as a table of rules, and used to govern name resolution processes. For example, resolution parameters may be created that govern a DNSSEC session, or that govern how to communicate with networks implemented with Microsoft's Direct Access overlay technologies, or that govern communications using any other networking technology.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user, such as an end user or an administrator, to be used during a name resolution process for securing the process and/or for conducting the process in an overlay network. In some implementations, the set of resolution parameters may be maintained as a table of rules, and used to govern name resolution processes. For example, resolution parameters may be created that govern a DNSSEC session, or that govern how to communicate with networks implemented with Microsoft's Direct Access overlay technologies, or that govern communications using any other networking technology.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user, such as an end user or an administrator, to be used during a name resolution process for securing the process and/or for conducting the process in an overlay network. In some implementations, the set of resolution parameters may be maintained as a table of rules, and used to govern name resolution processes. For example, resolution parameters may be created that govern a DNSSEC session, or that govern how to communicate with networks implemented with Microsoft's Direct Access overlay technologies, or that govern communications using any other networking technology.

Abstract: A client computer that supports different behaviors when connected to a private network behind a network firewall than when outside the network firewall and connected indirectly through an access device. The client computer is configured to attempt communication with a device on the network. Based on the response, the client computer can determine that it is behind the network firewall, and therefore can operate with less restrictive security or settings for other parameters appropriate for when the client is directly connected to the network. Alternatively, the client computer may determine that it is indirectly connected to the network through the Internet or other outside network, and therefore, because it is outside the private network firewall, should operate with more restrictive security or settings of other parameters more appropriate for use in that network location.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user to be used during a name resolution process. In some implementations, when an identifier is obtained for a network resource, the identifier may be stored in a cache with resolution parameters that were used in obtaining the identifier. When a new name resolution request is received, the cache may be examined to determine whether a corresponding second identifier is in the cache, and whether resolution parameters used to retrieve the second identifier in the cache match the resolution parameters for the new resolution request. If so, the second identifier may be returned from the cache.

Abstract: Techniques for securing name resolution technologies and for ensuring that name resolution technologies can function in modern networks that have a plurality of overlay networks accessible via a single network interface. In accordance with some of the principles described herein, a set of resolution parameters may be implemented by a user, such as an end user or an administrator, to be used during a name resolution process for securing the process and/or for conducting the process in an overlay network. In some implementations, the set of resolution parameters may be maintained as a table of rules, and used to govern name resolution processes. For example, resolution parameters may be created that govern a DNSSEC session, or that govern how to communicate with networks implemented with Microsoft's Direct Access overlay technologies, or that govern communications using any other networking technology.

Abstract: Concurrent access to a first networking connection, such as an Internet connection, and a second networking connection, such as a virtual private networking (VPN) connection, is disclosed. The first connection is established, adding first default routes to a routing table. The first routes are associated with the first connection and have priority. The second connection is established, adding second default routes to the routing table. The second routes are associated with the second connection, and have priority over the first routes. Specific routes associated with the second connection are added from a preset routing file to the routing table. The second routes are removed, regaining priority for the first routes. Data packets intended for the second connection are routed according to the specific routes added to the routing table from the preset table. Other data packets are routed to the first connection according to the first routes.

Abstract: Concurrent access to a first networking connection, such as an Internet connection, and a second networking connection, such as a virtual private networking (VPN) connection, is disclosed. The first connection is established, adding first default routes to a routing table. The first routes are associated with the first connection and have priority. The second connection is established, adding second default routes to the routing table. The second routes are associated with the second connection, and have priority over the first routes. Specific routes associated with the second connection are added from a preset routing file to the routing table. The second routes are removed, regaining priority for the first routes. Data packets intended for the second connection are routed according to the specific routes added to the routing table from the preset table. Other data packets are routed to the first connection according to the first routes.

Abstract: A new method and naming proxy are disclosed for resolving resource names over multiple subnets interconnected via a machine having multiple network interfaces. The discloses system comprises a network naming proxy server embedded within the multi-interface machine. The naming proxy executes resource discovery requests over the multiple interfaces. The machine executes a RAS server that supports connections to a RAS client on a first interface and a local area network on a second interface. The naming proxy receives requests on the first interface and forwards naming queries corresponding to the received requests via the second interface. The naming proxy includes a resource name-to-address cache for temporarily storing the addresses that it receives for resources connected via the multiple network interfaces.