Multiple network-accessible devices communicate data over a network. For example, a smartphone can communicate data to a server over the internet. In many cases, a device communicating over a public network (e.g., the internet) can transfer data to devices over a private network (e.g., an intranet) using a tunnel, such as a virtual private network (VPN) tunnel. The VPN tunnel transfers data between the device on a public network and devices in the private network with enhanced network security.
However, any number of applications executing on a device may be vulnerable to malicious data. For example, a smartphone can download an application with malicious data that may infect other devices in the network with malware. A device connected to a private network via a tunnel can allow unauthorized transmission of malicious data to secure devices in the private network. In other words, the device may be an untrusted device operating in an untrusted network. This may lead to the unauthorized access to secure data stored in devices across a network.
The drawings and tables depict various embodiments for illustration only. Those skilled in the art will recognize that alternative embodiments may be employed without departing from the principles of the technology. Accordingly, while specific embodiments are shown in the drawings, the technology is amenable to various modifications.