Abstract: A computing environment with methods for monitoring access to an open network such as the Internet, is described. The system includes one or more client computers, each operating applications (e.g., Netscape Navigator or Microsoft Internet Explorer) requiring access to an open network, such as a WAN or the Internet, and a router or other equipment that serves a routing function (e.g., a cable modem) for the client computers. A centralized security enforcement module on the router maintains access rules for the client computers and verifies the existence and proper operation of a client-based security module on each client computer. The router-side security module periodically sends out a router challenge via Internet broadcast to the local computers on the network. If the client-side security module is installed and properly operating, the client-side security module responds to the router challenge. The responses received by the router-side security module are maintained in a table.

Abstract: A security system with methodology providing verified secured individual end points is described.

Abstract: System and methodology for intrusion detection and prevention is described. In one embodiment, for example, a method is described for detecting and preventing network intrusion, the method comprises steps of: defining intrusion descriptions specifying exploits that may be attempted by malicious network traffic, the intrusion descriptions indicating specific applications that may be targeted by individual exploits; for a particular application participating in network communication, deriving a subset of the intrusion descriptions specifically applicable to that particular application; using the subset of the intrusion descriptions specifically applicable to that application, monitoring network traffic destined for the particular application for detecting an attempted network intrusion; and if a network intrusion is detected, blocking network traffic destined for the particular application determined to comprise an exploit.

Abstract: A data access system of the present invention includes an interface (client), a data engine having a common application programming interface layer, and data drivers. Through the drivers, the data engine (responding to client requests) accesses foreign data objects, which may include information tables, files, and other data objects of a foreign format. In this manner, the system provides a virtual interface between a client (e.g., database manager) and individual foreign data objects (e.g., database files). Regardless of the format of the individual database files, all files can be shared without the need to make copies.