Abstract: A method, apparatus, and computer instructions for providing a current and complete security compliance view of an enterprise system. The present invention provides the ability to gain a real-time security posture and security compliance view of an enterprise and to assess the risk impact of known threats and attacks to continued business operations at various levels is provided. Responsive to a change to an enterprise environment, a request, or an external threat, an administrator loads or updates at least one of a Critical Application Operations database, a Historical database, an Access Control database, a Connectivity database, and a Threat database. Based on a comparison of information in the databases against similar security data elements from company or external policies, the administrator may generate a Security Compliance view of the enterprise. A Security Posture view may also be generated by comparing the Security Compliance view against data in the Threat database.

Abstract: Illustrative embodiments provide a computer implemented method, a data processing system and a computer program product for a predictive mobile phone service disruption service. In one illustrative embodiment, the computer implemented method comprises monitoring a cellular call of a caller, calculating a location and vector of the caller, and determining whether the caller is approaching a drop zone. The computer implemented method responsive to determining the caller is approaching a drop zone, estimates a duration of a loss of service, and responsive to determining the caller is approaching a drop zone, selectively notifying the caller.

Abstract: A method, system and computer-usable medium for terminating an in-progress voicemail and immediately connecting callers to each other based on identity. A telephone system can be enabled to detect that a calling party (e.g., subscriber “A”) receives no answer from a called party (e.g., subscriber “B”) and if the calling party is a current voicemail recipient from the called party then the voicemail message can be discarded by the telephone system. Such an approach enables an immediate connection between the calling party and the called party to each other by a call switching component. The incomplete voicemail message in the voicemail system is automatically discarded. A command to discard and/or erase the voicemail message can be predetermined by the telephone system.

Abstract: Illustrative embodiments provide a computer implemented method, a data processing system and a computer program product for improving voice over Internet Protocol clarity during degradation. In one illustrative embodiment, the computer implemented method comprises monitoring a call, determining whether degradation exists; and responsive to a determination that degradation exists, applying a corrective action. The computer implemented method further comprises determining whether a quality of the call has improved and responsive to determining that the quality of the call has improved, further monitoring the call to form a monitored quality. The computer implemented method further comprises, determining whether monitored quality is acceptable, and responsive to determining monitored quality acceptable, removing the corrective action.

Abstract: A method and system for automatically pausing a remote voicemail recording to answer an incoming call and to notify an incoming caller of a user voicemail interaction. A command to pause the voicemail recording can be determined by the user prior to establishing the voicemail recording. Upon receiving an incoming call the user can be notified of the incoming call prior to terminating the voicemail recording. The command for pausing voicemail recording can be sent to a voicemail system to pause the voicemail recording if the user opts to receive the incoming call. When the call is concluded, the user can be returned to the voicemail system with options such as resume recording, playback, delete, or cancel the message.

Abstract: A method and system for improving control of an instant messaging system. Multiple instant message (IM) instances are initiated with identical credentials of a user of multiple users participating in an IM session controlled by an IM server. A front-of-screen representation enables the user to manage instance attributes and allows any user to view conversational connectivity information. The IM server receives the user's selection of a graphical element that represents a remote IM instance of the multiple IM instances. Via the first IM instance, the IM server receives the user's request for a computing device to perform an action that includes an interaction with the remote IM instance. The computing device performing the action is located remotely from the user and is executing the remote IM instance. The action is performed by controlling a remote system function of the computing device.

Abstract: A computer implemented method, apparatus, and computer usable program product for managing a voice over Internet Protocol call. A selected set of resources associated with a quality of the voice over Internet Protocol call in a data processing system is monitored during the voice over Internet Protocol call. A determination is made as to whether the quality of the voice over Internet Protocol call in a data processing has fallen below a desired level. A corrective action is performed with respect to the selected set of resources in response to the quality of the voice over Internet Protocol call falling below the desired level.

Abstract: A method and system for providing multilevel information about video-on-demand services. The method comprises the steps of generating a display, on a computer display screen, of a tree having a plurality of nodes; and embedding in the nodes information about video-on-demand services. Preferably information is embedded in these nodes in the form of matrices. A wide range of information about the video-on-demand service may be embedded in the display. For instance, information may be embedded about usage patterns between the supplier of the video services and the consumer, a list of users, user statistics, satisfaction rates, failure rates, failure causes, rates of view to completion, cost monitor information, customer payment information, menus of videos, charge variations, special features and offers, user age, user education, geography, and any combination of the above.

Abstract: A method for enabling the recipient of electronic mail (e-mail) to authenticate the originator of the e-mail without opening the e-mail, so that e-mail that carries a computer virus which activates upon opening the e-mail may be rejected. The originator and the recipient agree beforehand on a privately held authentication code, which is carried in an open field of the e-mail, i.e., carried in a field that is visible to an agent of the recipient without opening the e-mail.

Abstract: A method and system for using business rules to control invitations to participate in instant message (IM) collaborations. A primary invitee is invited to participate in an IM collaboration via a first IM. A business rule associated with the primary invitee is applied to determine that the primary invitee is unavailable to participate in the IM collaboration. A second IM is sent to automatically invite a backup invitee to participate in the IM collaboration. In another embodiment, a primary invitee with credentials specified by a business rule is to be invited to an IM collaboration at a specified time. An application of the business rule determines that the specified time is outside a valid invitation time period or the primary invitee's credentials are not included in a set of predefined credentials. Following the application of the business rule, a backup invitee is invited.

Abstract: A system and method for an end user to change the operation of a data flow filter mechanism, such as a firewall, that operates to control data flows between a plurality of protected computing devices and one or more non-protected computing devices. With the system and method, an administrator of a sub-network of computing devices may set a client computing device's scope of rules/policies that may be changed by a user of the client computing device, with regard to a data flow filter mechanism. The user of the client computing device, or the client computing device itself, may then log onto the data flow filter mechanism and modify the operation of the data flow filter mechanism within the limits established by the administrator.

Abstract: Disclosed is a method of controlling an ingress transmission capacity of an interchassis switch includes comparing the ingress transmission capacity to a threshold capacity; and controlling, using a controller external to the interchassis switch, the ingress transmission capacity responsive to the ingress transmission capacity comparing step.

Abstract: A system and method for an end user to change the operation of a data flow filter mechanism, such as a firewall, that operates to control data flows between a plurality of protected computing devices and one or more non-protected computing devices. With the system and method, an administrator of a sub-network of computing devices may set a client computing device's scope of rules/policies that may be changed by a user of the client computing device, with regard to a data flow filter mechanism. The user of the client computing device, or the client computing device itself, may then log onto the data flow filter mechanism and modify the operation of the data flow filter mechanism within the limits established by the administrator.

Abstract: System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.

Abstract: Computer system, method and program product for facilitating a chat session. An icon or a definition of the icon and a corresponding intelligent agent program are received at a workstation. In response, the workstation displays the icon in a chat session window. A selection of the icon is received during the chat session. In response, the workstation invokes the intelligent agent program. In response, the intelligent agent program obtains information about the workstation or information about a participant in the chat session at the workstation and automatically renders the information in the chat session at the workstation. In response to a request to send the rendered information to other participants in the chat session at other workstations, the rendered information is automatically sent to the other participants in the chat session at the other workstations.

Abstract: An intrusion detection system is improved by altering its signatures and thresholds during a denial of service attack, in order to decrease the rate at which an intrusion detection sensor sends alerts to an intrusion detection server. A governor within the sensor is associated with each signature. The governor may include an alert log, a timer, an alert-generation-rate threshold, and rules that prescribe actions to be taken when the alert-generation-rate threshold is exceeded. The governor records the generation time of each alert by the sensor, and determines the rate at which the sensor is presently generating alerts. When the present alert-generation rate exceeds the alert-generation-rate threshold, the governor alters the associated signature threshold to decrease the alert generation rate of the intrusion detection sensor.

Abstract: Method and apparatus for protecting a data processing system such as an Internet server from attack by a vandal who uses an offensive vulnerability scanner to find an externally visible vulnerability of the data processing system. The method includes determining an externally visible vulnerability using a defensive vulnerability scanner, configuring an intrusion detection system to detect a network flow associated with the vulnerability, and blocking that flow by a firewall or a router. The apparatus includes a defensive vulnerability scanner that finds an externally visible vulnerability and provides a description of the vulnerability, an intrusion detection system that detects a network flow that satisfies the description, and a firewall or a router that blocks the flow responsive to detection of the flow by the intrusion detection system.

Abstract: A method, apparatus, computer product and structure is presented for representing and managing large amounts of information concerning networks of elements. While being useful for communication networks, it can be also usefully deployed in the context of other networks such as distribution and transportation networks. The method uses a hierarchical construct called “catalog”—a set of elements (which could be “atomic” elements or catalogs themselves)—to organize information about physical or abstract entities relevant for modeling the network. A matrix construct whose rows and columns constitute such elements are used to model connections at different levels of abstraction. A common framework and representation provided using these two constructs is shown to be useful for visualization, administration, configuration, modeling, monitoring and manipulation of the network.

Abstract: A method and system for detecting attempted intrusions into a network, including: providing a network processor for monitoring packets transmitted over a communications link of the network; receiving a plurality of packets from the communications link by the network processor; and pre-filtering the plurality of packets by the network processor to identify packets potentially with patterns of interest. These packets are forwarded to a NIDS. The NIDS then examines the forwarded packets to identify the packets that have the pattern of interest. By using the network processor to pre-filter the packets, the number of packets examined by the NIDS is significantly reduced. Also, the capacity of the NIDS can be increased without requiring changes in the NIDS.

Abstract: A method, system and computer program product for detecting the dissemination of malicious programs. The degree of randomness in the Internet Protocol (IP) destination addresses of received IP packets to be forwarded to an external network may be detected by performing a hash function on the IP destination addresses thereby generating one or more different hash values. If a high number of different hash values were generated for a small number of IP packets examined, then random IP destination addresses may be detected. By detecting random destination IP addresses, the dissemination of a malicious program, e.g., virus, worm program, may be detected.