diff --git a/en/features.sgml b/en/features.sgml
index ce2a260a7e..0a1b493c9c 100644
--- a/en/features.sgml
+++ b/en/features.sgml
@@ -1,5 +1,5 @@
 <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" [
-<!ENTITY date "$FreeBSD: www/en/features.sgml,v 1.22 2004/11/17 21:54:32 rushani Exp $">
+<!ENTITY date "$FreeBSD: www/en/features.sgml,v 1.23 2004/12/01 01:04:55 rwatson Exp $">
 <!ENTITY title "About FreeBSD's Technological Advances">
 <!ENTITY % includes SYSTEM "includes.sgml"> %includes;
 ]>
@@ -62,26 +62,10 @@
 	  operations and uses this information to cache meta-data,
 	  rewrite meta-data operations to combine subsequent
 	  operations on the same files, and reorder meta-data
-	  operations so that they may be processed more efficiently.</li>
-
-	<li><b>Support for IPsec and IPv6</b> allows improved security in
-	  networks, and support for the next-generation Internet Protocol,
-	  IPv6.  The FreeBSD IPSEC implementation includes support for a
-	  broad range of accelerated crypto hardware.</li>
-
-	<li><b>Multi-threaded SMP architecture</b> capable of executing the
-	  kernel in parallel on multiple processors, and with <b>kernel
-	  preemption</b>, allowing high priority kernel tasks to preempt
-	  other kernel activity, reducing latency.  This includes a
-	  <b>multi-threaded network stack</b> and a <b>multi-threaded
-	  virtual memory subsystem</b>.</li>
-
-	<li><b>M:N threading application threading</b> permitting threads to
-	  execute on multiple CPUs in a scaleable manner, mapping many user
-	  threads onto a small number of <b>Kernel Schedulable Entities</b>.
-	  By adopting the <b>Scheduler Activation</b> model, the threading
-	  model can be adapted to the specific requirements of a broad range
-	  of applications.</li>
+	  operations so that they may be processed more efficiently.
+	  Features such as background filesystem checking and
+	  file system snapshots are built on the consistency
+	  and performance foundations of soft updates.</li>
 
 	<li><b>File system snapshots</b>, permitting administrators to take
 	  atomic file system snapshots for backup purposes using the free
@@ -90,17 +74,49 @@
 	  waiting on file system cleanup operations following power outages.
 	  </li>
 
+	<li>Support for <b>IP Security (IPsec)</b> allows improved security in
+	  networks, and support for the next-generation Internet Protocol,
+	  IPv6.  The FreeBSD IPSEC implementation includes support for a
+	  broad range of <b>accelerated crypto hardware</b>.</li>
+
+	<li><b>Out of the box support for IPv6</b> via the KAME IPv6 stack
+	  allows FreeBSD to be seamlessly integrated into next generation
+	  networking environments.  FreeBSD even ships with many applications
+	  extended to support IPv6!</li>
+
+	<li><b>Multi-threaded SMP architecture</b> capable of executing the
+	  kernel in parallel on multiple processors, and with <b>kernel
+	  preemption</b>, allowing high priority kernel tasks to preempt
+	  other kernel activity, reducing latency.  This includes a
+	  <b>multi-threaded network stack</b> and a <b>multi-threaded
+	  virtual memory subsystem</b>.  With FreeBSD 6.x, support for a
+	  fully parallel VFS allows the UFS file system to run on multiple
+	  processors simultaneously, permitting load sharing of
+	  CPU-intensive I/O optimization.</li>
+
+	<li><b>M:N application threading via pthreads</b> permitting threads
+	  to execute on multiple CPUs in a scaleable manner, mapping many user
+	  threads onto a small number of <b>Kernel Schedulable Entities</b>.
+	  By adopting the <b>Scheduler Activation</b> model, the threading
+	  approach can be adapted to the specific requirements of a broad
+	  range of applications.</li>
+
 	<li><b>Netgraph pluggable network stack</b> allows developers to
 	  dynamically and easily extend the network stack through clean
 	  layered network abstractions.  Netgraph nodes can implement a broad
 	  range of new network services, including encapsulation, tunneling,
-	  encryption, and performance adaptation.</li>
+	  encryption, and performance adaptation.  As a result, rapid
+	  prototyping and production deployment of enhanced network services
+	  can be performed far more easily and with fewer bugs.</li>
 
 	<li><b>TrustedBSD MAC Framework extensible kernel security</b>,
 	  which allows developers to customize the operating system security
 	  model for specific environments, from creating hardening policies
 	  to deploying mandatory labeled confidentiality of integrity
-	  policies.</li>
+	  policies.  Sample seucrity policies include <b>Multi-Level
+	  Security (MLS)</b>, and <b>Biba Integrity Protection</b>.  Third
+	  party modules include <b>SEBSD</b>, a FLASK-based implementation
+	  of <b>Type Enforcement</b>.</li>
 
 	<li><b>GEOM pluggable storage layer</b>, which permits new storage
 	  services to be quickly developed and cleanly integrated into the
@@ -109,6 +125,11 @@
 	  making it possible to layer services such as RAID and volume
 	  management easily.</li>
 
+	<li>FreeBSD's <b>GEOM-Based Disk Encryption (GBDE)</b>, provides
+	  strong cryptographic protection using the GEOM Framework, and can
+	  protect file systems, swap devices, and other use of storage
+	  media.</li>
+
 	<li><b>Kernel Queues</b> allow programs to respond more efficiently
 	  to a variety of asynchronous events including file and socket IO,
 	  improving application and system performance.</li>
@@ -127,8 +148,14 @@
     <blockquote>
       <p>The FreeBSD developers are as concerned about security as they are
 	about performance and stability.  FreeBSD includes kernel support for
-	stateful IP firewalling, as well as other services, such as IP proxy
-	gateways.</p>
+	<b>stateful IP firewalling</b>, as well as other services, such as
+	<b>IP proxy gateways</b>, <b>access control lists</b>, <b>mandatory
+	access control</b>, <b>jail-based virtual hosting</b>, and
+	<b>cryptographically protected storage</b>.  These features can be
+	used to support highly secure hosting of mutually untrusting
+	customers or consumers, the strong partitioning of network segments,
+	and the construction of secure pipelines for information scrubbing
+	and information flow control.</p>
 
       <p>FreeBSD also includes support for encryption software, secure
 	shells, Kerberos authentication, "virtual servers" created using