Applications connected by network infrastructure communicate with each other in order to share data and perform business operations. The connection between a source application and a destination application is established by the source application, which requests a connection from its Internet Protocol (IP) address to the IP address of the destination application, typically over a specific port. Typically, existing host-based network security technologies, such as personal firewalls, allow or restrict directional access specifically at the egress or ingress point of the communication on the host on which the communication is occurring. For example, the firewall running on the host on which the source application executes typically monitors the outbound connection attempt to the destination IP address, while the firewall running on the host on which the destination application executes typically monitors the inbound connection attempt from the source IP address. Each such security component operates in relative isolation from the other, and generally only has visibility into the network-related information of the other side (e.g., IP address, port, protocol), and not into the identity of the application executing on the other host.
The limited information available to each host in such a communication restricts the types of decisions that existing security technologies can make, and allows for the hosts that are party to communications to be exploited, such as by spoofing their legitimate IP addresses to make or receive unauthorized communications.