Abstract: Systems and methods for a portable, hardware-based authentication client solution that enforces user-to-site network access control restrictions is provided. According to various embodiments of the present disclosure, the authentication client device maintains a list of pre-authorized client devices. The authentication client device is assigned to a particular user of an enterprise network and paired with a firewall appliance. A connection establishment request for establishing a connection with an enterprise network via the firewall appliance is received by the authentication client device via a network interface. The authentication client device confirms the connection establishment request was initiated by the particular user by authenticating the particular user. When the particular user is successfully authenticated, it is verified whether the client device is on the list of pre-authorized client devices.

Abstract: Systems and methods for performing a proactive assessment of the network security of a private network are provided. According to one embodiment, computer systems and users of the private network are caused to react to a benign variant of a network security threat (“benign threat”) by deploying the benign threat within the private network. The benign threat is created by leaving in tact symptoms and propagation mechanisms associated with the network security threat and replacing malicious behaviors of the network security threat with tracking, monitoring and/or reporting behaviors implemented within the benign threat. Responsive to activation of the benign threat on a particular computer system by a particular user information is captured by the benign threat regarding an identity of the particular user. Training of the particular user regarding proper security habits is facilitated by reporting, by the benign threat, the captured information to a management server.