In order to block intruders, computer networks have traditionally relied on a physical separation between the computer network and other networks and devices. Defenses located at the boundary of a computer network are unable to mediate secure access between controlled hosts they are trying to protect and the services that are accessible from the controlled host. As such, an intruder who gains a foothold on a controlled host can not be blocked from malicious activities.
U.S. Patent Application Publication No. 2007/0199061 (Byres et al.) teaches a network security appliance for providing security to end-point devices such as a node in an industrial environment. However, the appliance does not provide user authentication that is independent of the device being protected, and it does not provide security protections to traffic between devices being protected.
U.S. Pat. No. 7,536,715 (Markham) teaches a network interface card installed in a computer to protect the computer in which the card is installed and to protect the card itself. However, the device does not provide user authentication that is independent of the computer being protected.
In view of the foregoing, there exists a need for devices providing sophisticated prevention, detection and response capabilities against security threats.