Here's the detail
There are four patents at stake:
6,502,135 - Agile network protocol for secure communications with assured system availability (filed 2000)
7,490,151 - Establishment of a secure communication link based on a domain name service (DNS) request (filed 2002)
7,418,504 - Agile network protocol for secure communications using secure domain names (filed 2003)
7,921,211 - Agile network protocol for secure communications using secure domain names (filed 2007)
All four of them mean broadly the same thing: When you try to connect to server X, the software first checks if X is known to be a secure server. If so, the software sets up a VPN to initiate a secure connection; if not, it initiates an insecure connection. The details vary between the patents, but the gist is the same.
I'd have thought there'd be prior art to invalidate all of them, but U.S. patent law is a curious beast.