Abstract: A security policy distribution system encapsulates parameters for a security policy and instructions for applying the parameters to a corresponding security program into a self-contained configuration file. When the self-contained configuration file is executed on behalf of a computer, the corresponding security program on the computer is updated with the parameters, thus distributing the security policy to the computer.

Abstract: A security policy distribution system encapsulates parameters for a security policy and instructions for applying the parameters to a corresponding security program into a self-contained configuration file. When the self-contained configuration file is executed on behalf of a computer, the corresponding security program on the computer is updated with the parameters, thus distributing the security policy to the computer.

Abstract: A peer-to-peer network is monitored for suspicious activity based on patterns of activity. When a particular pattern of suspicious activity is detected, an action associated with the particular pattern is taken. The activity monitored may include network traffic among peers and data sharing on a peer in the network. The action may be to log information about the suspicious activity and/or to send an alert about the suspicious activity.

Abstract: A malware detecting system is described in which a client computer 8 sends a file access clearance request to an assessment computer 24 to determine whether or not access is permitted to that file. In this way, the different client computers on a network 2 may share their scan results and centralized control may be provided over access permissions to individual files or groups of files.

Abstract: A source computer 8 stores updated data that is to be distributed to a plurality of destination computers (12 to 30). The destination computers (12 to 30) are divided into groups sharing a common priority level (5, 4, 3, 2, 1). Each of these groups is then associated with a push update task to be executed by the source computer 8. These push update tasks are then sequentially executed. If a particular group of destination computers exceeds a threshold size, then it may be further divided in accordance with a hierarchy of splitting rules. The push update tasks use multicasting to transfer the update data to the destination computers within their groups in a manner that reduces network traffic.

Abstract: A source computer 8 stores updated data that is to be distributed to a plurality of destination computers (12 to 30). The destination computers (12 to 30) are divided into groups sharing a common priority level (5, 4, 3, 2, 1). Each of these groups is then associated with a push update task to be executed by the source computer 8. These push update tasks are then sequentially executed. If a particular group of destination computers exceeds a threshold size, then it may be further divided in accordance with a hierarchy of splitting rules. The push update tasks use multicasting to transfer the update data to the destination computers within their groups in a manner that reduces network traffic.

Abstract: A malware detecting system is described in which a client computer 8 sends a file access clearance request to an assessment computer 24 to determine whether or not access is permitted to that file. In this way, the different client computers on a network 2 may share their scan results and centralized control may be provided over access permissions to individual files or groups of files.

Abstract: A malware protection mechanism is described whereby upon detection of an item of malware or malware like behaviour, I/O devices (18, 20, 22) of a computer (4, 6, 8, 10) may be disabled in order to resist propagation of the malware or infection by the malware. Alternatively, a System Administrator may manually trigger the disablement of the I/O devices as a pre-emptive precaution against infection.