Abstract: A mechanism to facilitate a private network (VPN)-as-a-service, preferably within the context of an overlay IP routing mechanism implemented within an overlay network. A network-as-a-service customer operates endpoints that are desired to be connected to one another securely and privately using the overlay IP (OIP) routing mechanism. The overlay provides delivery of packets end-to-end between overlay network appliances positioned at the endpoints. During such delivery, the appliances are configured such that the data portion of each packet has a distinct encryption context from the encryption context of the TCP/IP portion of the packet. By establishing and maintaining these distinct encryption contexts, the overlay network can decrypt and access the TCP/IP flow. This enables the overlay network provider to apply one or more TCP optimizations. At the same time, the separate encryption contexts ensure the data portion of each packet is never available in the clear at any point during transport.

Abstract: A mechanism to facilitate a private network (VPN)-as-a-service, preferably within the context of an overlay IP routing mechanism implemented within an overlay network. A network-as-a-service customer operates endpoints that are desired to be connected to one another securely and privately using the overlay IP (OIP) routing mechanism. The overlay provides delivery of packets end-to-end between overlay network appliances positioned at the endpoints. During such delivery, the appliances are configured such that the data portion of each packet has a distinct encryption context from the encryption context of the TCP/IP portion of the packet. By establishing and maintaining these distinct encryption contexts, the overlay network can decrypt and access the TCP/IP flow. This enables the overlay network provider to apply one or more TCP optimizations. At the same time, the separate encryption contexts ensure the data portion of each packet is never available in the clear at any point during transport.

Abstract: A mechanism to facilitate a private network (VPN)-as-a-service, preferably within the context of an overlay IP routing mechanism implemented within an overlay network. A network-as-a-service customer operates endpoints that are desired to be connected to one another securely and privately using the overlay IP (OIP) routing mechanism. The overlay provides delivery of packets end-to-end between overlay network appliances positioned at the endpoints. During such delivery, the appliances are configured such that the data portion of each packet has a distinct encryption context from the encryption context of the TCP/IP portion of the packet. By establishing and maintaining these distinct encryption contexts, the overlay network can decrypt and access the TCP/IP flow. This enables the overlay network provider to apply one or more TCP optimizations. At the same time, the separate encryption contexts ensure the data portion of each packet is never available in the clear at any point during transport.

Abstract: A mechanism to facilitate a private network (VPN)-as-a-service, preferably within the context of an overlay IP routing mechanism implemented within an overlay network. A network-as-a-service customer operates endpoints that are desired to be connected to one another securely and privately using the overlay IP (OIP) routing mechanism. The overlay provides delivery of packets end-to-end between overlay network appliances positioned at the endpoints. During such delivery, the appliances are configured such that the data portion of each packet has a distinct encryption context from the encryption context of the TCP/IP portion of the packet. By establishing and maintaining these distinct encryption contexts, the overlay network can decrypt and access the TCP/IP flow. This enables the overlay network provider to apply one or more TCP optimizations. At the same time, the separate encryption contexts ensure the data portion of each packet is never available in the clear at any point during transport.

Abstract: Applications that run on an overlay network-based managed service achieve high performance gains using a set of TCP optimizations. In a first optimization, a typical single TCP connection between a client and an origin server is broken into preferably three (3) separate TCP connections. These connections are: an edge-to-client connection, an edge-to-edge connection, and edge-to-origin connection. A second optimization replicates TCP state along the connection to increase fault tolerance. In this approach, preferably a given TCP connection is maintained on two servers. When a packet is received by one server, called the primary, its state is updated and then passed to a second server, called the backup. Only when the backup sends an acknowledgement back to the primary can it then send a TCP acknowledgement back to the host that originally sent the packet. Another optimization reduces connection establishment latency.

Abstract: Applications that run on an overlay network-based managed service achieve high performance gains using a set of TCP optimizations. In a first optimization, a typical single TCP connection between a client and an origin server is broken into preferably three (3) separate TCP connections. These connections are: an edge-to-client connection, an edge-to-edge connection, and edge-to-origin connection. A second optimization replicates TCP state along the connection to increase fault tolerance. In this approach, preferably a given TCP connection is maintained on two servers. When a packet is received by one server, called the primary, its state is updated and then passed to a second server, called the backup. Only when the backup sends an acknowledgement back to the primary can it then send a TCP acknowledgement back to the host that originally sent the packet. Another optimization reduces connection establishment latency.

Abstract: Applications that run on an overlay network-based managed service achieve high performance gains using a set of TCP optimizations. In a first optimization, a typical single TCP connection between a client and an origin server is broken into preferably three (3) separate TCP connections. These connections are: an edge-to-client connection, an edge-to-edge connection, and edge-to-origin connection. A second optimization replicates TCP state along the connection to increase fault tolerance. In this approach, preferably a given TCP connection is maintained on two servers. When a packet is received by one server, called the primary, its state is updated and then passed to a second server, called the backup. Only when the backup sends an acknowledgement back to the primary can it then send a TCP acknowledgement back to the host that originally sent the packet. Another optimization reduces connection establishment latency.

Abstract: A mechanism to facilitate a private network (VPN)-as-a-service, preferably within the context of an overlay IP routing mechanism implemented within an overlay network. A network-as-a-service customer operates endpoints that are desired to be connected to one another securely and privately using the overlay IP (OIP) routing mechanism. The overlay provides delivery of packets end-to-end between overlay network appliances positioned at the endpoints. During such delivery, the appliances are configured such that the data portion of each packet has a distinct encryption context from the encryption context of the TCP/IP portion of the packet. By establishing and maintaining these distinct encryption contexts, the overlay network can decrypt and access the TCP/IP flow. This enables the overlay network provider to apply one or more TCP optimizations. At the same time, the separate encryption contexts ensure the data portion of each packet is never available in the clear at any point during transport.

Abstract: Embodiments provide a structure, system, and method for ingress and egress. The structure includes a frame assembly defining at least one frame aperture. A removable panel may be secured to the frame assembly and define at least one removable panel aperture configured to align within the frame aperture. At least one fastener may removably couple the panel to the frame, the fastener extending through a corresponding one of the removable panel aperture and the frame aperture.

Abstract: Applications that run on an overlay network-based managed service achieve high performance gains using a set of TCP optimizations. In a first optimization, a typical single TCP connection between a client and an origin server is broken into preferably three (3) separate TCP connections. These connections are: an edge-to-client connection, an edge-to-edge connection, and edge-to-origin connection. A second optimization replicates TCP state along the connection to increase fault tolerance. In this approach, preferably a given TCP connection is maintained on two servers. When a packet is received by one server, called the primary, its state is updated and then passed to a second server, called the backup. Only when the backup sends an acknowledgement back to the primary can it then send a TCP acknowledgement back to the host that originally sent the packet. Another optimization reduces connection establishment latency.

Abstract: Applications that run on an overlay network-based managed service achieve high performance gains using a set of TCP optimizations. In a first optimization, a typical single TCP connection between a client and an origin server is broken into preferably three (3) separate TCP connections. These connections are: an edge-to-client connection, an edge-to-edge connection, and edge-to-origin connection. A second optimization replicates TCP state along the connection to increase fault tolerance. In this approach, preferably a given TCP connection is maintained on two servers. When a packet is received by one server, called the primary, its state is updated and then passed to a second server, called the backup. Only when the backup sends an acknowledgement back to the primary can it then send a TCP acknowledgement back to the host that originally sent the packet. Another optimization reduces connection establishment latency.

Abstract: Embodiments provide a structure, system, and method for ingress and egress. The structure includes a frame assembly defining at least one frame aperture. A removable panel may be secured to the frame assembly and define at least one removable panel aperture configured to align within the frame aperture. At least one fastener may removably couple the panel to the frame, the fastener extending through a corresponding one of the removable panel aperture and the frame aperture.

Abstract: A digital audio device. According to one aspect of the invention, the device includes a memory and an analog input system configured to record analog audio signals to the memory as digital audio data. The device further includes a digital input configured to download digital audio data to the memory, as well as an analog output system configured to generate analog playback signals decoded from digital audio data stored in the memory. Furthermore, the device includes a digital output configured to upload digital audio data from the memory.

Abstract: A doll with an angled and/or jointed torso. In some embodiments the doll includes a torso, at least a portion of which is asymmetric about a midline such that an angle formed between a left lateral contour and the midline substantially differs from an angle formed between a right lateral contour and the midline. Alternatively, or additionally, the torso may be comprised of an upper torso member that is connected to a lower torso member by a joint that enables rotation therebetween.

Abstract: A doll with an angled and/or jointed torso. In some embodiments the doll includes a torso, at least a portion of which is asymmetric about a midline such that an angle formed between a left lateral contour and the midline substantially differs from an angle formed between a right lateral contour and the midline. Alternatively, or additionally, the torso may be comprised of an upper torso member that is connected to a lower torso member by a joint that enables rotation therebetween.

Abstract: A digital audio device. According to one aspect of the invention, the device includes a memory and an analog input system configured to record analog audio signals to the memory as digital audio data. The device further includes a digital input configured to download digital audio data to the memory, as well as an analog output system configured to generate analog playback signals decoded from digital audio data stored in the memory. Furthermore, the device includes a digital output configured to upload digital audio data from the memory.