Abstract: A method, system, and computer-usable medium are disclosed for performing packet processing of network traffic on a master security device of a plurality of security devices, such packet processing including connection tracking for the network traffic, and offloading packet inspection of the network traffic to one or more slave security devices of the plurality of security devices.

Abstract: A method, system, and computer-usable medium are disclosed for, responsive to communication of a client handshake to a server for establishing communications between the client and server, managing handshake messages between the client and server until an application layer message is communicated from the client, such that a connection between the client and the server appears to be established, and responsive to communication of the application layer message from the client, rendering a policy decision with respect to a connection between the client and the server based on a payload of the application layer message, the policy decision defining a selected path between the client and the server and including a chosen target device from a plurality of potential target devices, wherein the chosen target device is within the selected path and establishing the selected path for communication between the client and the server in accordance with the policy decision.

Abstract: A method, system, and computer-usable medium are disclosed for, responsive to an attempted connection from a client to a server for establishing communications between the client and the server, redirecting the connection to a proxy and injecting protocol-independent header information into a datagram of the traffic between the client and the server, the protocol-independent header information including information based upon which the proxy enforces a security policy.

Abstract: A system, method, and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising temporal detail corresponding to the user interaction; and generating a user behavior profile based upon the electronic information representing the user interactions, the generating the user profile including a layer of detail corresponding to the temporal detail corresponding to the user interaction.

Abstract: A system, method, and computer-usable medium are disclosed for performing a multi-factor authentication operation, comprising: monitoring electronically-observable user behavior; converting the electronically-observable user behavior into electronic information representing the electronically-observable user behavior; generating a user behavior factor based upon the electronic information representing the electronically-observable user behavior; and, using the user behavior factor as a factor of a multi-factor authentication.

Abstract: A method, system and computer-usable medium are disclosed for performing an automated anti-spoofing configuration operation, comprising: determining whether a source address of an internet protocol (IP) packet is allowed by a receiving interface of a firewall; determining whether the IP packet comprises a multicast packet when the IP packet is allowed by the receiving interface of the firewall; replacing the source address with a rendezvous point address; using the rendezvous point address to determine whether routing path information associated with the multicast packet matches information stored within a multicast routing information base for the receiving interface of the firewall; and, identifying the multicast packet as spoofed when the routing path information associated with multicast packet does not have corresponding information stored within the multicast routing information base.

Abstract: A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via a data stream collector, the data stream collector capturing data streams resulting from user/device interactions between a user and a corresponding endpoint device; determining whether the data streams resulting from user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing unauthorized viewing of the sensitive personal information; and, presenting the sensitive personal information as a sensitive personal information token indicating the data streams include sensitive personal information.

Abstract: Discussed herein are methods, devices, and systems for moving a file to a process. A device can include a kernel, a memory, and processing circuitry to: issue one or more move and rename instructions to the memory to change a location and name of a file requested by the second process, issue one or more update access control instructions to update permissions, perform a UAC to determine whether any processes other than the second process currently have the file open and whether any MMaps have the file open, and allow the second process to access the renamed and moved file only if it is determined that no other processes other than the second process have the file open and no MMaps have the file open.

Abstract: A method, system, and computer-usable medium are disclosed for network acceleration, comprising: responsive to receiving at an acceleration device a stream of one or more datagrams from a sending endpoint device within a first local area network of the acceleration device, the stream for transmission to a receiving endpoint device within a second local area network coupled to the first local area network by a wide area network: communicating by the acceleration device to the sending endpoint device a respective acknowledgement to each of the one or more datagrams; and transmitting by the acceleration device the one or more datagrams via multiple communication links of the wide area network to a second acceleration device within the second local area network and coupled to the receiving endpoint device.

Abstract: A method, system, and computer-usable medium are disclosed for (a) responsive to communication of a client handshake from a client to a server for establishing encrypted communications between the client and the server: (i) holding open, by an intermediate verification system interfaced between the server and the client, the client handshake; and (ii) opening a connection between the intermediate verification system and the server via which the intermediate verification system issues a server verification handshake to the server; (b) responsive to issuance of the server verification handshake to the server, receiving a server certificate associated with the server by the intermediate verification system; (c) responsive to receipt of the server certificate, processing, by the intermediate verification system, the server certificate to determine an identity of the server; and (d) rendering, by the intermediate verification system, a security policy decision regarding traffic between the server and client based

Abstract: Systems, method, and non-transitory computer readable storage medium are provided for configuring an information computing machine during execution of a kernel image. The system can create a file system from a base file system image in system memory of the computing system, apply configuration files from a bundle image to the file system in memory, copy files from a persistent file system stored in the storage resource to memory, validate the files from the persistent file system, and apply validated files to the file system in memory. The base file system image and bundle image can be verified by comparing a signed hash of the image with a hash generated by the initial file system and checking the hash signature against a public certificate included in the initial filesystem. The system can further execute/sbin/init and start application services.

Abstract: A system is provided for managing booting of an OS. The system includes a UEFI controller comprising embedded application code instructions and a pre-loaded signed certificate, a boot process controller comprising application code instructions for the OS, pre-loaded signed certificates, and a plurality of application hash identifiers, and the boot process controller receives signed communications from the UEFI controller and determines if the UEFI controller is authorized to manage the OS. The UEFI controller manages the OS in response to a positive authorization. The boot process controller determines if the UEFI controller is authorized to manage the OS in response to installation or execution of the OS. The UEFI controller can receive a signed communication from the boot loader program, compares the signed communications with the plurality of application identifiers, and executes the boot loader program in response to the pre-loaded signed certificate matching an application identifier from the plurality.

Abstract: A method, system, and computer-usable medium are disclosed for performing deep packet inspection of network traffic, comprising: receiving a unit of one or more network packets, calculating a calculated fingerprint for data within the unit, determining a current inspection context, determining whether the calculated fingerprint and the current inspection context matches an entry stored in a cache, wherein the entry includes a stored fingerprint and a cached inspection context, and performing operations associated with deep packet inspection of the unit based on whether the calculated fingerprint and the current inspection context match the entry.

Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising multi-layered electronic information, each layer of the multi-layered electronic information corresponding to a respective layer of user interaction; and generating a unique multi-dimensional cyber behavior profile based upon the multi-layered electronic information representing the user interactions.

Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising multi-layered electronic information, each layer of the multi-layered electronic information corresponding to a respective layer of user interaction; and generating a unique multi-dimensional cyber behavior profile based upon the multi-layered electronic information representing the user interactions.

Abstract: A method, system and computer-usable medium are disclosed for performing a privacy operation, comprising: monitoring user behavior via an Input/output collector, the Input/output collector capturing user/device interactions between a user and a device; determining whether the user/device interactions include sensitive personal information; obfuscating the sensitive personal information, the obfuscating preventing viewing of the sensitive personal information; storing obfuscated sensitive personal information within an obfuscated sensitive personal information repository; and, allowing access to the obfuscated sensitive personal information stored within the obfuscated sensitive personal information repository only when an administrator is authorized to access the obfuscated sensitive personal information so as to provide conditional sensitive personal information access.

Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile comprising monitoring user interactions between a user and an information handling system; converting the user interactions into electronic information representing the user interactions, the electronic information representing the user interactions comprising multi-layered electronic information, each layer of the multi-layered electronic information corresponding to a respective layer of user interaction; and generating a unique multi-dimensional cyber behavior profile based upon the multi-layered electronic information representing the user interactions.

Abstract: Methods and apparatus provide for network communication to be maintained during transfer of email data between two devices. In one aspect a method includes receiving a request via a network connection with a mobile device for email data, determining a network timeout value of the request from the mobile device, producing the email data in response to receiving the request, in parallel with the production of the email data and while the processing of the email data is incomplete, determining an interval less than the network timeout value of the request, and sending a portion of a response to the request over the network connection to the mobile device at the interval, completing the response to the mobile device over the network connection in response to completion of the production of the email data.

Abstract: A method, system and computer-usable medium for generating a user behavior profile, comprising: monitoring user interactions between a user and an information handling system; converting the user interactions and the information about the user into electronic information representing the user interactions; generating a unique user behavior profile based upon the electronic information representing the user interactions and the information about the user; storing information relating to the unique user behavior profile within a user behavior profile repository; and, storing information referencing the unique user behavior profile in a user behavior blockchain.

Abstract: A method, system and computer-usable medium are disclosed for generating a cyber behavior profile, comprising: monitoring user interactions between a user and an information handling system; converting the user interactions and the information about the user into electronic information representing the user interactions; generating a unique cyber behavior profile based upon the electronic information representing the user interactions and the information about the user; and, storing information relating to the unique cyber behavior profile in a behavior blockchain.