Abstract: Systems, devices, and methods relating to network firewalls and VPN gateways for controlling and securing access to networks. An integrated VPN/firewall system comprises at least one policy engine module, a switch module, a cryptographic engine module, and at least one flow engine module. Each flow engine module receives DTUs from either side of the integrated VPN/firewall system. The DTUs are then compared to entries in a listening table and entries in a flow table. The entries in these tables consist of characteristics of DTUs expected to arrive for specific flows. Entries to both listening tables and flow tables are made by the policy engine with listening table entries generally denoting flows potentially allowed by policy to be established between computers on opposite sides of the system. Flow tables, on the other hand, correspond to flows already allowed to be established between computers on opposite sides of the firewall system.

Abstract: Systems, devices, and methods relating to network firewalls and VPN gateways for controlling and securing access to networks. An integrated VPN/firewall system comprises at least one policy engine module, a switch module, a cryptographic engine module, and at least one flow engine module. Each flow engine module receives DTUs from either side of the integrated VPN/firewall system. The DTUs are then compared to entries in a listening table and entries in a flow table. The entries in these tables consist of characteristics of DTUs expected to arrive for specific flows. If a DTU matches an entry, the DTU may be forwarded by the ingress flow engine to the egress flow engine via the switch module, and subsequently to its destination by the egress flow engine; or it may be forwarded, using the switch module, to the policy engine module for further security checking, or to the cryptographic engine module for encryption/decryption required for VPN operations.

Abstract: Enhanced television services are delivered and presented on a network appliance without the need for an enhanced-content enabled television set or set-top box. The enhanced content is decoupled from the television signal (or radio signal), allowing for the presentation of the enhanced content alone on a stand-alone network appliance. The network appliance may be a handheld computing device (e.g. a “palm” computing device), a tablette, a remote control with a display or a digital cellular phone handset with a display. The network appliance is enabled for Internet or Intranet access and is also provided with an infrared transmitter so as to operate as a remote control for a television (or radio) having an infrared beam receiver. Through use of the network appliance, the viewer would be presented with the same enhanced content on the network appliance as would be presented to the viewer if an enhanced content enabled television or set-top box (or radio) were being used.

Abstract: A bi-directional data communication system using inverse multiplexers for transmitting and receiving data at high-speeds using regular analog channels. The inverse multiplexer splits a high-speed digital signal into low-speed digital signals that are input to analog modems. The analog modems modulate the low-speed digital signals into low-speed analog signals for transmission over the analog channels to the public switched telephone network. At the remote end, the data carried by the analog channels is reverse inverse multiplexed into a high-speed digital signal by an inverse multiplexer operating in a reverse inverse multiplexing mode.