The approaches described in this section are approaches that could be pursued, but not necessarily approaches that have been previously conceived or pursued. Therefore, unless otherwise indicated, it should not be assumed that any of the approaches described in this section qualify as prior art merely by virtue of their inclusion in this section.
The increasing widespread availability of network connectivity has caused a large increase in the number of endpoint devices that are capable of communicating over networks. For example, significant numbers of printers, scanners, copiers, multi-function peripherals (MFPs), tablet computing devices, laptop computers, personal digital assistants (PDAs), telephony devices, industrial controls, HVAC controls, home appliances, entertainment devices, such as TVs, game consoles, etc., now have the ability to perform wired and wireless network communications.
One of the issues with network-enabled endpoint devices is that many of them are not designed to operate on a public network without some type of network protection provided, for example, by a firewall. For example, printers and multi-function peripherals (MFPs) are designed to be operated in a protected network environment that prevents attackers on the public Internet from making a direct connection to those devices. A protected network environment may be, for example, a private network that does not have connectivity to other networks, or a network that uses a firewall or other similar device to control access to the network from other networks. Endpoint devices that are connected to a network in an unprotected environment are exposed to attackers and this may occur in a wide variety of situations. For example, an endpoint device may be connected to a router that unknowingly does not have network security properly configured. As another example, a user may connect an endpoint device to a hotel's wired network or a coffee shop's wireless network without network security being properly configured. As yet another example, an industrial control system may be accidentally connected to a network outside of a firewall, instead of inside the firewall, or an administrator may incorrectly configure the network security settings for a firewall. Thus, there are many scenarios in which an endpoint device may be connected to a network in an unprotected manner, exposing the endpoint device to attackers.