Abstract: A system and a method of managing public-key client certificates by at least one processor, including: storing a compliance policy, including one or more rules; continuously monitoring one or more compliance parameters associated with at least one client computer; receiving a certificate request from the at least one client computer to access a computational resource; if the monitored compliance parameters do not comply with at least one rule of the compliance policy, then responding to the certificate request by refusing to grant a certificate to the at least one client computer; and if the monitored compliance parameters comply with the rules of the compliance policy, then responding to the certificate request by granting a policy-based certificate to the at least one client computer.

Abstract: A system and method for collecting characteristics of a current instance of a network connection, where such characteristics include a characteristic of the device used for the connection, the user of the device, and an access layer of the connection. Such collected characteristics are compared to stored characteristics of at least one prior network connection. A signal may be issued with a result of the comparison.

Abstract: A system and method for collecting characteristics of a current instance of a network connection, where such characteristics include a characteristic of the device used for the connection, the user of the device, and an access layer of the connection. Such collected characteristics are compared to stored characteristics of at least one prior network connection. A signal may be issued with a result of the comparison.

Abstract: A method and system to create a virtual network to isolate a device connected to a port, and to change a designation of such network in response to identification data received from the device so as to provide the identified device with access to further areas of a network.