Fueled by recent advances in computer technology, an ever increasing number of companies and other enterprises continue to move to increasingly-electronic environments. It is not uncommon for a typical employee, for example, to have full network and Internet connectivity and software application capabilities at a remote laptop, smart phone or other portable device. Yet increasing reliance on these machines, particularly in the enterprise context, has led to unprecedented network security challenges.
Enterprises are especially at risk to directed attacks that attempt to overwhelm services, discover passwords and other valuable information, and otherwise misuse private network resources. The difficulty in detecting and mitigating these attacks is especially challenging when one considers the ever increasing use of the remote work place, and other cross-business “trusted” network connections that make it difficult to maintain a defined and pervasive “firewall” at network boundaries.
Various techniques have evolved in part to cope with these challenges. An enterprise having a private network can select from an ever increasing number of disparate products offered by different software vendors. While generally useful for their intended purposes, these systems require specialized training by dedicated personal for proper interpretation, deployment and maintenance; these systems are usually also incrementally added based on dynamic need, creating a hodge-podge of different systems, rather than leading to an efficient architecture that takes a client's current (and possibly dynamic) needs into account. Furthermore, one vendor's systems are typically incompatible with those of another vendor, leading to suboptimal solutions where a client must typically select a single vendor by balancing both advantages and disadvantages of the products of one vendor against another. Managed services have also arisen where the enterprise can contract a third party company to provide network management services, where the third party company remotely interfaces with the enterprise's security equipment or has personnel stationed on the enterprise's site to manage that security equipment; while generally beneficial to companies wishing to outsource IT security management, these solutions do little to address the vendor integration and custom architecture problems described above.
The invention defined by the enumerated claims may be better understood by referring to the following detailed description, which should be read in conjunction with the accompanying drawings. This description of one or more particular embodiments, set out below to enable one to build and use various implementations of the invention or inventions set forth by the claims, is not intended to limit the enumerated claims, but to exemplify their application.