Abstract: A device for providing wireless Internet access has been described. The device includes an antenna. The antenna is for receiving wireless queries and transmitting wireless responses. The device includes a program. The program is for converting the wireless queries into Internet compatible protocols. The program is for receiving the Internet protocol formatted responses. These responses are then converted in to the wireless responses.

Abstract: A method and apparatus are disclosed for analyzing the operation of one or more network gateways, such as firewalls or routers, that perform a packet filtering function in a network environment. Given a user query, the disclosed firewall analysis tool simulates the behavior of the various firewalls, taking into account the topology of the network environment, and determines which portions of the services or machines specified in the original query would manage to reach from the source to the destination. The relevant packet-filtering configuration files are collected and an internal representation of the implied security policy is derived. A graph data structure is used to represent the network topology. A gateway-zone graph permits the firewall analysis tool to determine where given packets will travel in the network, and which gateways will be encountered along those paths.

Abstract: A system and method are described for selecting a server to handle a connection. The method includes receiving at a service manager a connection request intercepted by a network device having a forwarding agent that is operative to receive instructions from a service manager, the connection request having been forwarded from the forwarding agent on the network device to the service manager. A preferred server is selected at the service manager from among a group of available servers. The preferred server is the server that is to service the connection request. Instructions are sent from the service manager to the forwarding agent. The instructions include the preferred server that is to service the connection request so that the connection request may be forwarded from the network device to the preferred server.

Abstract: A computer system having a plurality of computers connected to each other by a computer coupling mechanism. Each computer includes a processor, memory, I/O device, disk control mechanism, computer coupling network adapter, disk requirement processing section connected to a system bus, and a disk connected to a disk control mechanism. The disk requirement processing section controls the disk, in response to a processing requirement for the disk from one of the processors of the other computers, based on structural definition information. The structural definition information describes a structure of the computer system. The computer system may be a loosely-coupled computer system.

Abstract: A method and apparatus for linking external information to a network management system are disclosed. A network management system is installed for and executes in association with a managed network. An external application program is identified by defining and storing in a connection file information that describes: the name and location of the program; a position in a menu control tree into which folders and items, which identify functions and options of the external application program, should be displayed and accessed; security roles associated with each folder and item; and other meta-information about the application program and its maker. The information may be stored in a markup format in a connection file. The network management system reads the connection file and integrates the information into its registry and other locations that determine how the network management system operates.

Abstract: A system, computer program and method to multicast messages to workstations in a network (10). The system uses an MDP database table (140) which stores the parameters used to manage transmission and reception of multicast messages in the network (10). An MDP server initialization module (100) executing on a server reads the parameters from the MDP database table (140) and initialize an MDP session. The system also uses an MDP client initialization module (130) to read the necessary parameters in the MDP database table (140) and initialize an MDP session in a client workstation that receives multicast messages. An MDP server operations module (120) is used to receive requests to transmit messages and transmit repair packets to a workstation designated as action workstations when a negative acknowledgment is received.

Abstract: A system, method and computer program product are provided for reducing latency while handling network accounting records using an aggregator. Initially, records are received which are indicative of network events. Such records are received in an aggregator for the purpose of aggregating the records. Thereafter, a command is generated in response to the receipt of the records before work is done by the aggregator. Accordingly, services may be rendered in response to the command with minimal latency caused by the aggregator.

Abstract: Method for geolocating logical network addresses on electronically switched dynamic communications networks, such as the Internet, using the time latency of communications to and from the logical network address to determine its location. Minimum round-trip communications latency is measured between numerous stations on the network and known network addressed equipment to form a network latency topology map. Minimum round-trip communications latency is also measured between the stations and the logical network address to be geolocated. The resulting set of minimum round-trip communications latencies is then correlated with the network latency topology map to determine the location of the network address to be geolocated.

Abstract: An apparatus and method that can enable multi-protocol data processing at a single point in a data network. The apparatus includes a logic state machine that is capable of performing a variety of pre-defined actions for a plurality of communication protocols. The present data processing solution enables wire speed data processing, utilizing minimal instruction memory, because all the data resources required to process multiple protocols are stored on state machine tables, in the data memory. According to the data processing methodology, incoming packet headers are parsed for session ID, protocol ID and events ID per protocol. A relevant session history block is then found by a General State Machine Handler, according to the protocol ID, and the current state of each protocol is extracted. Subsequently, the relevant State Machine Table is found, according to the protocol ID, wherein a list of actions is described.

Abstract: The invention relates to a method and an architecture for securely accessing virtual objects (Obvi) distributed in systems connected to the internet network (RI), and for obtaining an instance of same. This access is performed via a smart card (2a), through a “web” browser (10). The terminal (1) and the smart card (2a) each comprise a specific protocol layer (13, 23a). The latter comprises intelligent agents (132, 232a1) for establishing two-way data exchange sessions, thereby allowing the smart card (2a) to have a “web” server functionality. The smart card (2a) also comprises intelligent agents, called script translators, and a virtual file management system (8) cooperating with a specialized script-translating intelligent agent (7). Each virtual object (Obvi) is associated with a virtual file of the virtual file management system (8). The specialized intelligent agent (7) presents the browser (10) with a list of the accessible virtual objects (Obvi) and generates methods for accessing these objects.

Abstract: When a program transmission apparatus divides a program into a plurality of partial programs before transmission, a program reception execution apparatus executes a partial program when the partial program has already been received, and, when the execution needs to proceed to from a present partial program to a next partial program, executes the other partial program when the next partial program has been received.

Abstract: The invention provides for utilizing abilities of network interfaces, such as embedded encryption support, or access to such encryption support, so as to extend support for such abilities to network interfaces or other devices lacking such ability. In one configuration, a non-homogeneous team of network interfaces is presented to a protocol stack as being a homogeneous team, by having network interfaces lacking a particular ability be backed up by team member supporting the ability. Various methods may be applied to distribute the work load of backing up network interface according to an operation mode of the team. For example, when operating in load balancing mode, performing backup services is balanced across the team, whereas in a fault tolerant mode, processing may be first given to non-primary network interfaces.

Abstract: A method and system is provided for migrating processes from one virtual machine to another on a network. To migrate the external state of a process, the process may use a network service connection system or a compact network service connection system for accessing resources external to the virtual machine. A process may be migratable separately from other processes. A process may have an in-memory heap used for the execution of the process, a virtual heap that may include the entire heap of the process including at least a portion of the runtime environment, and a persistent heap where the virtual heap may be checkpointed. In one embodiment, the virtual heap may serve as the persistent heap. In another embodiment, the virtual heap may be checkpointed to a separate, distinct persistent heap. The combination of the in-memory heap, the virtual heap, and the persistent store may be referred to as a virtual persistent heap.

Abstract: A system, method and computer program product are provided for handling network accounting information. Initially, records indicative of network events are received from an input source. Next, action events are selected based on the input source. Such selected action events are then executed on the records for reading, correlating, processing, categorizing, and/or aggregating network accounting information associated with the records.

Abstract: The invention discloses a portable remote device that allows the user to access the Internet and World Wide Web. The portable device connects to a cellular telephone, thus providing wireless connection to the internet via a host computer which runs a browser, that takes information received from the Internet or other sources and renders it onto a virtual display in its memory. This information is directed to software, which reduces the color depth of the information to a lower depth color image. This reduced image is then compressed and encrypted by another software and sent to the portable device of the invention, which decrypts and decompresses it for displaying to the user. The browser may also reduces the color depth and compress the image without need for further software. Thus, the user views a bit map or raster image of a Web page, which is stored into memory. The portable device further comprises methods of pointing and clicking on text and images which represent links to other pages.

Abstract: The present invention discloses a multi-connection control system. Initially, one or more requests to access a system are received. For each request, it is determined whether to allow access to the system using an access vector to identify an available access object.

Abstract: In a communications terminal 3, a CPU 32 retrieves start-up data 112 from a server 1 using a Web browser 311, which is stored in a storage device 31. The CPU 32 performs data authentication with respect to authentication type data 1123 included in the start-up data 112. Then, when the authentication is succeeded, the CPU 32 follows the authentication type data 1123 so as to determine which authentication mode is to be used for authenticating the application data. In this manner, the authentication mode for authenticating the application data can be easily changed.

Abstract: A network system includes a client computer that can present multimedia content to a user and an annotation server that can transmit, to the client computer, annotations for the multimedia content. Users can be presented with annotations generated by other users and can create their own annotations that can be viewed by others. Users can be notified of new annotations by an electronic mail (email) message, can create new annotations by email messages, and can easily access a temporal segment of multimedia content corresponding to a new annotation based on information in email messages.

Abstract: A method and apparatus for content precaching is described. In one embodiment, the method comprises periodically checking servers in a networked environment for new content based on a profile, storing content identified as new on the servers in a cache accessible by an network access gateway, the network access gateway thereafter detecting whether a request is for at least a portion of the identified new content previously stored in the cache, and returning the at least a portion of the identified new content from the cache.

Abstract: A system and method for circumventing schemes that use duplication detection to detect and block unsolicited e-mail (spam.) An address on a list is assigned to one of m sublists, where m is an integer that is greater than one. A set of m different messages are created. A different message from the set of m different messages is sent to the addresses on each sublist. In this way, spam countermeasures based upon duplicate detection schemes are foiled.