The present invention relates to a system and method for providing local network security, and in particular, to such a system and method in which the security is provided through a hardware device for filtering communications received through the network by an individual computer.
The security of information is extremely important for modem society, particularly since the advent of the Internet. Unauthorized exposure of such information, and/or unintended or unauthorized use of information may significantly damage organizations and individuals. Damage may also be caused by lost, corrupted or misused information. Thus, appropriate security measures are required in order to protect information from such damaging actions, while still maintaining the availability of such information to authorized individuals and/or organizations.
Currently, flexibility and ease of access to information are highly valued, particularly through the Internet and organizational intranets, which provide connections between computers through a network. Accessing information through a network enables users at physically separate locations to share information, but also increases the possibility of unauthorized or unintended access to the information. Various attempts to provide a solution to the problem of security for electronically stored information are known in the art, but all of these attempted solutions have various drawbacks.
For example, a xe2x80x9cfirewallxe2x80x9d is a software program or hardware device which attempts to provide security to an entire network, or to a portion thereof, by filtering all communication which passes through an entry point to the entire network or the portion of the network. Unfortunately, currently available firewalls have a number of disadvantages. The placement of the firewall at the entry point to the network being protected is designed to regulate access to that network. However, since many large organizations have multiple networks, such a firewall may effectively block legitimate access within the organization itself to members of the organization. On the other hand, a firewall cannot protect against unauthorized access within the network by a member of the organization, since the firewall only protects the entry point to the network. Thus, currently available firewalls may both block legitimate access to a network and fail to block unauthorized access to the network.
A more effective solution would regulate access locally for each computer attached to the network, such that each computer would be protected individually, while still permitting centralized control for all of the computers in the network. Such a combination of individual protection and centralized control would solve both of the problems described previously, in that legitimate access within an organization would be permitted, while unauthorized access by a member of the organization could be blocked. Unfortunately, such a solution is not currently available.
There is thus a need for, and it would be useful to have, a system and a method for local security for each computer connected to a network, which would provide individual protection for each computer against unauthorized access and yet which would still permit authorized access within an organization.