In recent times the rapid spread of viruses such as Netsky and Mydoom, and their variants, has highlighted the vulnerability of many users' computers and networks to virus attacks.
Securing a network against possible virus infection presents particular challenges due to the number of possible sources of introduction of a virus into the network. Moreover, because each of the devices on a network may have different versions or revisions of virus scanning software or operating system a wide range of vulnerabilities may exist on the network. Networks in which devices are removed and then subsequently reconnected to the network have even greater risk of infection as each reconnection to the network provides a new opportunity for a virus to be introduced into the network.
Proposals to curtail the spread of viruses within a network introduced by the connection of a new device to the network in the past have typically involved quarantining all newly introduced devices in a remediation Virtual Local Area Network (VLAN) whilst they are scanned for viruses and any necessary virus removal is undertaken. However, this is not an optimal solution since viruses are able to spread through the devices quarantined in the remediation VLAN. Additionally, because devices quarantined to the remediation VLAN are not able to access the remainder of the network, their usefulness and hence user productivity is dramatically reduced.