Various security threats such as viruses, worms and other malicious programs (“malware”) may attack the operating systems (“OSes”) on mobile and desktop devices (hereafter collectively “hosts”). The hosts typically employ various security agents (e.g., virus scanners) and other security schemes such as firewalls and/or gateways to protect the host's OS. As malware becomes more sophisticated, however, these agents and security schemes themselves have become vulnerable to exploits and attacks from the malware executing on the host.
By way of example, in the case of remote access (e.g., via a wireless device or other remote hosts) to an enterprise server, a typical security scheme may utilize a Virtual Private Networking (“VPN”), as illustrated in FIG. 1. Specifically, as illustrated, according to a VPN security scheme, a VPN gateway (“VPN Gateway 100”) may be implemented to protect a corporate network or intranet (“Corporate Network 105”) from an external network (“External Network 110”). A remote client (“Client 115”) may connect securely to Server 120 from External Network 110 via VPN Gateway 100, which may encrypt the packets between Client 100 and VPN Gateway, 100 (using an IP Security (“IPSec”) protocol or other such security protocol). Leveraging security protocols such as IPsec on the host renders the data packets opaque to any security agents residing on the host, as these security agents may typically reside logically below the encryption engines in partitioned environments. These security agents may take the form of anti-virus agents, deep packet inspection for intrusion detection or a simple host resident firewall.