The present disclosure relates to systems, components, and methodologies for providing network access control, forensics capabilities to identify network attackers and compromised clients or servers, enhanced protection for at-rest data in the event of a network breach, and other network security features.
Attacks on information networks have been increasing in frequency and success in recent years. Attack methods are becoming increasingly sophisticated, and network defense systems have not kept pace. Intrusion Detection Systems (“IDS”) and Intrusion Prevention Systems (“IPS”) utilizing signature- and statistics-based methods are not always sufficiently agile to address modern network attacks. With the rise of the Internet and computer networks, network security has become increasingly important. Similarly, increased use by organizations of centralized secure datacenters has made network security increasingly important.
Yet network attacks persist, showing that existing information/cyber security technology is not sufficient. These continuing attacks are reminders of how vulnerable network-connected computer systems are, and the regularity with which they are breached. Many of these breaches are the result of the exploitation of zero-day and metamorphic attacks, using previously unseen attack vectors, or metamorphic variants of known attacks, to strike at the vulnerable underbellies of networks.
There has also been an increased prevalence in the rise of insiders leaking confidential information, as well as employees losing laptops and mobile devices containing proprietary information. These activities highlight the need for data networks with defenses against this sort of malicious insider behavior, and for data networks that minimize the effects of memory-scraping and unauthorized information access.
Cloud and mobile devices have become increasingly prevalent as well. Their increasing popularity highlights the need for information to be securely stored and accessible only by the intended user or authorized users. While passwords and tokens can offer some protection and authentication, a password can be compromised by social engineering, key loggers, or zero-day malware. Additionally, because notebook personal computers are increasingly used for e-Commerce, there is a growing need to make the notebook platform more trustworthy. In fact, in the mobile computing context, stolen data is often regarded as being more valuable than the mobile hardware itself.