Computer networks are frequently attacked with a goal of harming the network, illegally obtaining or compromising confidential information, denying service to users, or simply breaching the network. Conventional protective solutions rely on endpoint nodes, such as a firewall, for protecting the network. A firewall controls the outgoing and incoming network connections (e.g., blocks some ports and/or some specific programs) associated with a particular network.
However, firewalls can be “fooled” or spoofed and are often not robust enough to prevent malicious attacks. For example, software running on a client's computer that is internal to a network may still execute malicious actions on the network, even without the client's knowledge. These malicious actions may not be detectible by a firewall. Such malicious software might collect sensitive and client-private data (e.g. bank account login details, credit card details etc.) and send the sensitive data to the attacker.