Advances in networking technology have permitted network administrators and others to maintain greater and more sophisticated security controls on their networks and other installations. Microsoft Windows™ NT, 2000 and related products for instance permit administrators to deploy security-enabled network domains using the Active Directory™ (AD) structure. The publicly known Kerberos network standard likewise permits nodes within a network to authenticate each other, using a key/authentication platform. With these operating technologies, a network administrator may be able, for instance, to push rules, applications, patches, drives and other resources from a network server to individual workstations or other clients for uniform installation, on a secure basis. All machines within the security-enabled domain may be able to identify and authenticate the transmission of those and other types of data, transparently.
However, the ability to deliver rules, applications or other resources to and from a workstation becomes more difficult when that node lies outside the security-enabled domain. For instance, a company may have a collection of computers located on a local area network (LAN) but also interact with computers in a remote location which are not part of the Active Directory™ or other security-enabled domain. Communicating across the boundary of a secure domain becomes more complicated, in part because establishing a connection between a machine internal to the domain a machine outside the domain requires that an agreement be reached on a mutually supported security protocol.
Systems administrators and others are therefore forced to attempt to arrange for the entry of an external agent or node into the security-enable domain by identifying a compatible protocol between the internal and external machines, before the session takes place. For instance, an external node may be configured to communicate via a transport layer security (TLS) protocol, a Kerberos-based protocol, a secure socket layer (SSL) or other protocol with an administrative server within the security-enabled domain. That machine may in turn may in that protocol its default protocol, indicate a protocol failure, request that the protocol be switched, or make other responses to the external node or agent. Manual setting or adjusting of the security, transport and other protocols may therefore be required, a process which may be time consuming and prone to error. Other problems exist.