Today, corporate computing assets, such as laptops, phones, PDAs, etc., are utilized outside corporate firewalls more than ever before. With ever more employees either working from home or “on the road,” controlling and managing corporate information technology (IT) assets is becoming a difficult or serious problem. Also, as networks become ubiquitous, computing assets are able to connect in a variety of ways as they move about during use, including connecting in MANET, Mesh, WiMAX or other network environments. Each of these networks, however, suffer their own shortcomings, such as poor security, variable signal strength, fragile connections and/or complications introduced by mobility of assets.
For example, Mesh relies on ad hoc or “peer to peer” connections to extend the distance or envelope of a Mesh neighborhood. If wireless connections are used, they are unfortunately regarded as exceptionally insecure forms of communicating. Namely, users are left to their own devices when establishing security which often results in rudimentary or non-existent levels. The problem is further compounded in a MANET, whereby nodes are able to move about. As can then be seen, corporate assets connecting in this manner risk security not only to the hardware and data files of the asset, but also to the entire corporate enterprise when infected devices are brought behind and used inside the corporate firewall. With the advent of virtual computing devices, problems are even further exacerbated since a single hardware platform will often guest many virtual computing devices, each with potentially vastly different operating systems, drivers, interfaces, etc., and its own ability to make network connections.
Like Mesh, WiMAX relies on connections made through cellular devices/networks and 802.11 wireless networks. Given that the inceptive intent of WiMAX, as well as Mesh, focused mostly on maximizing network coverage, making connection availability omnipresent, and delivering strong signals everywhere, security measures began and evolved poorly and now cannot be readily enforced on the infrastructure side of the network. As is presently the situation, the primary means for securing Mesh/WiMAX networks is by way of enterprise or business infrastructure devices, such as access points setup as repeaters or ad hoc hubs, that initialize these devices with some level of security (typically 802.11 security means readily available today). They do not dictate and/or govern the devices subsequently, however, and the devices are free to act as their own repeater and/or ad hoc connection with other devices, including any level of security they desire. Of course, this obviates policy enforcement by the enterprise. In the specific situation of WiMAX, enterprises are further unable to control cellular security which is wholly left to the control of third party services providing and administering the cellular environment. Therefore, the security of these types of connections are almost completely removed from enterprise control.
Accordingly, a need exists in the art of endpoint computing assets for better security, policies and control in network environments, especially those with traditionally poor or little security. Also, such need should contemplate balancing network coverage area, connectivity and strength of signal so as to prevent security concerns from making computing connections unstable, e.g., intermittent or non-existent. Even more, the need should extend to virtual environments, each with many domains per a single hardware platform, and to mobile environments as assets move about during use. Naturally, any improvements along such lines should further contemplate good engineering practices, such as simplicity, cost and time economics, unobtrusiveness, etc.