Abstract: The invention provides methods and systems for detecting exploits. A received file is examined to determine whether or not it corresponds to any of one or more predetermined models of normal file types. If the received file does not correspond to any of the one or more predetermined models of normal file types, it is flagged as a potential exploit.

Abstract: The invention provides systems and methods for securely transmitting data between a roaming computer and a managed network service over a shared public network. A secure connection is created between the roaming computer and a server computer that hosts or acts as a secure gateway to the managed network service. The connection is set up and established by a client agent installed on the roaming computer and a connection component of the managed service on the server computer. The client agent and the connection component of the managed service operate, on an initial request from the roaming computer to the managed service to negotiate the secure connection using certificate-based client authentication. The client certificate preferably includes user-specific attributes that can be extracted by the connection component and made available to the managed service to apply processing rules specific to the user.

Abstract: Methods and systems for communicating information between computer networks in which the information to be communicated is required at one location (e.g. for processing) but only available at another location. The information may be absent deliberately (for privacy reasons) or may simply be unavailable as an artifact of the computer network(s) involved. The required information, such as the internal client IP address, is inserted into the outgoing network communication in a manner that does not to materially affect the normal transit or utility of the network communication (e.g. as custom headers). The information is preferably inserted in an encrypted form, so that it may pass over a public network and be invulnerable to unauthorised scrutiny.

Abstract: The invention provides systems and methods for securely transmitting data between a roaming computer and a managed network service over a shared public network. A secure connection is created between the roaming computer and a server computer that hosts or acts as a secure gateway to the managed network service. The connection is set up and established by a client agent installed on the roaming computer and a connection component of the managed service on the server computer. The client agent and the connection component of the managed service operate, on an initial request from the roaming computer to the managed service to negotiate the secure connection using certificate-based client authentication. The client certificate preferably includes user-specific attributes that can be extracted by the connection component and made available to the managed service to apply processing rules specific to the user.

Abstract: Methods and systems for communicating information between computer networks in which the information to be communicated is required at one location (e.g. for processing) but only available at another location. The information may be absent deliberately (for privacy reasons) or may simply be unavailable as an artefact of the computer network(s) involved. The required information, such as the internal client IP address, is inserted into the outgoing network communication in a manner that does not to materially affect the normal transit or utility of the network communication (e.g. as custom headers). The information is preferably inserted in an encrypted form, so that it may pass over a public network and be invulnerable to unauthorised scrutiny.