Abstract: A network device and a method of configuring a network device are provided. The method includes: receiving an e-mail message at the network device; parsing the e-mail message to retrieve configuration instructions; and executing a configuration action according to the configuration instructions contained in the e-mail message. The network device includes: a first upstream network interface; control logic configured to: receive an e-mail message; parse the e-mail message to retrieve configuration instructions; and execute a configuration action according to the configuration instructions contained in the e-mail message.

Abstract: Embodiments of the invention include a method and software for pre-allocating bandwidth for time-sensitive data such as voice data, for allocating some of the pre-allocated bandwidth to calls, and for timely delivery of frames that include time-sensitive data such as voice data in both the uplink and downlink direction for calls between an access point, e.g., a quality-assured access point (Q-AP) and one or more of its client stations.

Abstract: A method and apparatus for securing executables and processes having setuid/gid permissions and privileges is presented. A mechanism is provided to track and control operations for files and processes having setuid/gid privileges. A policy rule is defined for controlling the operations on the files and processes. The policy rule is then used to control operations involving the files and processes.

Abstract: A method, apparatus and computer program product for performing client-side Java content transformation is presented. A first client request is received at a gateway from a web client, and is transmitted from the gateway to a web server, and then the web page is received at the gateway from the web server. At the gateway, the web page is modified to request a content transformation application and is transmitted from the gateway to the web client. A request is received at the gateway for the content transformation application, and the gateway transmits the content transformation application to the client. The content transformation application is run on the client, wherein the content transformation application acquires the applet requested by the client and performs content translation on the applet, resulting in a content transformed applet, which is then run by the client.

Abstract: A method and system for validating a Command Line Interface (CLI) configlet on an image is provided. The method includes creating a parse graph using a plurality of self-describing data constructs, identifying a plurality of parse chain data constructs in the parse graph, deriving at least one CLI/configlet from the image file based on the plurality of self-describing data constructs; and comparing the at least one CLI/configlet derived from the image file with a plurality of CLIs/configlets.

Abstract: A method of selecting routing tables to include in a network line card consists of determining dependencies of local routes on remote routes using a reference count on prefixes, and selectively downloading remote routes when resolution of a route has a dependency on a remote route. In one embodiment, only remote routes that are needed to forward traffic are downloaded to a network line card.

Abstract: Embodiments of this invention can establish a communications path through a network device in a network for a stream of data served by a server. A host can request to receive the stream of data by sending a request through the network to the server. In response, the server creates a data distribution message and sends it onto the network towards the host. Each network device equipped with the invention receives the data distribution message via unicast communications, acknowledges the data distribution message, and creates a path table for the stream of data, and forwards the data distribution message to the next network device on route to the host. A network device that receives an acknowledgment of the data distribution message establishes at least one path through the network device in the path table for payload distribution messages that carry a stream of data. The stream of data can thus be propagated through a network with only one copy of portions (e.g.

Abstract: An approach is provided for implementing IPsec in PEP environments. The approach generally involves preserving TCP header data contained in packets prior to IPsec encryption and making the TCP header data available to PEP applications. For example, TCP header data is identified in a packet that conforms to the TCP and a copy of the TCP header data is generated. Encrypted packet data is generated by encrypting at least a portion of the packet using IPsec. For example, the TCP header data and payload may be encrypted to generate the encrypted packet data. A modified copy of the TCP header data is generated by modifying length data contained in the copy of the TCP header data to reflect a length of at least the encrypted packet data. A new packet is generated that includes the modified copy of the TCP header data and the encrypted packet data.

Abstract: One or more network routers include data path processors and a control path processor. A number of network protocols that are not installed on the data path processors are installed on the control path processor. When one of the data path processors receives a network packet that is in an unrecognized format, a header is appended to the network packet and forwarded to the control path processor. The control path processor removes the header and identifies a proper protocol associated with the network packet. Next, the control path processor places the network packet in a processing stack associated with an appropriately installed network protocol in order to process the network packet on behalf of the originally sending data path processor.

Abstract: A multi-homed network node comprises an interface that is addressable using a primary network address and a secondary network address. Network packets identifying the primary network address traverse a first network path and packets identifying the second network address traverse a second network path that is routed physically separately from the first network path. A transport layer network protocol association is established in the network between a first node and the multi-homed node. One or more data messages are sent to the second node and identify the primary network address. Network feedback information indicates one or more performance characteristics of the first network path. In response, the data messages are automatically modified to identify the secondary network address.

Abstract: Agile OADM structures having a range of tradeoffs between costs and flexibility are disclosed. In certain implementations, cyclic AWGs (arrayed waveguide gratings) are employed. Excellent optical performance is achieved along with relatively low initial and upgrade costs. An economically optimal level of network flexibility may thus be achieved.

Abstract: A method for controlling operation of an integrated mobile communication and broadcast program reproduction device and of operating the device includes monitoring an occurrence of a trigger event at the device; and upon occurrence of the trigger event, recording a broadcast program signal received by the device. An integrated mobile communication and broadcast program reproduction device has a trigger event monitor and a broadcast program recorder for recording a broadcast program when a trigger event occurs. A trigger event may be receipt of an incoming call, the making of an outgoing call, the identification of predetermined content in a received program and the start of a predetermined program. Different trigger events may be prioritized. Recorded material may be reproduced, with broadcast material being received being recorded whilst previously recorded material is reproduced.

Abstract: In one embodiment, a router examines an incoming packet for a flow monitoring request. The router may examine every packet for the flow monitoring request, or preferably may only examine packets including a lifetime value indicating that the packet should be dropped and not forwarded or may only examine packets having a predetermined message format. When the flow monitoring request is included, the router performs detailed flow analysis or other monitoring according to the flow monitoring request.

Abstract: An apparatus is provided for enabling communication between telephony devices. The apparatus includes a queue operable to receive incoming media packets from the telephony devices, and a payload segmenter coupled to the queue and operable to divide an incoming payload section of each incoming packet into one or more data segments. The apparatus also includes a mixer coupled to the payload segmenter and operable to mix the data segments from the telephony devices to create an aggregate data segment. Furthermore, the apparatus includes a reassembly buffer coupled to the mixer and operable to construct an outgoing payload section for one or more telephony devices by linking successively generated aggregate data segments.

Abstract: A method for displaying a visual conference includes receiving a plurality of video signals from at least two cameras located at one or more remote sites. The method also includes assigning each video signal to a respective display of a plurality of displays at a local site for the duration of a visual conference. At least one of the plurality of displays has more than one video signal assigned thereto. The method further includes selecting, for each of the at least one of the plurality of displays having more than one video signal assigned thereto, a video signal of the more than one video signal assigned to the display. The method also includes displaying each selected video signal on its respective display.

Abstract: Techniques are provided for performing multi-pass erase. An erase command is received at a storage area network (SAN) switch in a storage area network. The erase command is associated with a block of data on a target device. A virtual initiator is determined for performing the erase command on the block of data. Multiple bit patterns are generated using a multi-pass erase algorithm. The multiple bit patterns are generated for writing over the block of data on the target device. Repeated writes are performed over the block of data using the bit patterns. The block of data is repeatedly overwritten to remove remanence of the block of data on the target device.

Abstract: A system (e.g., Fibre Channel Error Detecting Code (FC-EDC)) that maps the “standard” Hamming codes onto the bits of a 33-bit control block is provided. The system employs a “rotation” of the check positions in a two-dimensional parity-check matrix for the FC-EDC. The specification discloses a computer-implemented program to test further modifications and permutations of the “standard” distance-4 parity-check matrix to yield an FC-EDC with enhanced error-detecting properties, designed to detect the most likely errors in the known physical environment. By using a parity-check matrix with the “rotation” property, certain error-detecting properties of the parity-check matrix are ensured, and the computation time for searching for a matrix with enhanced error-detecting properties becomes much shorter.

Abstract: In one embodiment, an apparatus can include an input configured to receive a request for available layer 3 points of attachment from a mobility anchor, and logic configured to provide a list of layer 3 points of attachment based at least upon a set of dynamic network conditions.

Abstract: System and method for providing access to multiple wireless service providers (WSPs) on a shared network infrastructure. The system includes a plurality of access points (APs) coupled to a network which may be distributed in airports, mass-transit stations, businesses, etc. The network may couple to a wide area network, such as the Internet. Each AP may include a plurality of virtual APs (VAPs), each corresponding to a WSP. A portable computing device (PCD) of a user stores identification information indicating a WSP of a plurality of possible WSPs, and which may include an access level of the user. Each AP “listens for” or detects identification information associated with numerous WSPs. When the AP receives the identification information from the PCD, it determines the VAP/WSP for the PCD using the identification information. Network access is then provided to the PCD through the determined WSP at the determined access level.

Abstract: An apparatus including a first buffer, a second buffer and a priority switch circuit. The first buffer is configured to store data of a first data stream having a first priority. The second buffer is configured to store data of a second data stream having a second priority. The priority switch circuit is coupled to the first buffer and the second buffer and is configured to interrupt a transmission of the first data stream from the first buffer upon detection of data of the second data stream and transmit data of the second data stream.