Abstract: Mobile management method, system and client. Method includes receiving a DNS query for a host name from an application on client; retrieving reputation data associated with host name from a local cache on client; and determining a policy based on host name and the reputation data. Based on determined policy for the host name, blocking attempted network flows to a host corresponding to host name to produce blocked attempted network flows. Method also includes sending attempted network flow metadata related to the blocked attempted network flows to a collector on client; transmitting the attempted network flow metadata from the collector to a VPN server pool via a VPN tunnel; and producing an anomaly report from the transmitted attempted network flow metadata. The anomaly report includes at least one of anomalies, cohorts, trends, location boundaries, detected network security issues, detected compromised clients and/or optimized network usage.

Abstract: Mobile management method, system and client. The method includes receiving a DNS query for a host name from an application on a client; retrieving reputation data associated with the host name from a local cache on the client; determining a policy for the host name, which is associated with the host name and the reputation data associated with the host name; based on the determined policy for the host name, blocking attempted network flows to a host corresponding to the host name; sending at least attempted network flow metadata related to the blocked attempted network flows to a collector on the client; and transmitting the attempted network flow metadata in the collector to a VPN server pool via a VPN tunnel.

Abstract: Mobile management method and system. The method includes receiving from an application on a client a DNS query for a host name; retrieving reputation data associated with the host name from a local cache on the client; determining whether a policy associated with the host name and the reputation data associated with the host name exists; and one of: sending network flows one of: through a VPN tunnel to a server or out a local proxy on the client to a private or public network; or blocking the network flow based on the determined policy for the host name.

Abstract: Mobile management method and system. The method includes receiving from an application on a client a DNS query for a host name; retrieving reputation data associated with the host name from a local cache on the client; determining whether a policy associated with the host name and the reputation data associated with the host name exists; and one of: sending network flows one of: through a VPN tunnel to a server or out a local proxy on the client to a private or public network; or blocking the network flow based on the determined policy for the host name.

Abstract: A network security device may gather a large amount of metadata pertaining to the connections being managed thereby. A refinement module may filter and/or aggregate the connection metadata. The metadata may be refined on the network security device. The refined metadata may be provided for display on a terminal. The refined metadata may include a subset of the larger connection metadata, which may reduce the overhead required to display and/or transmit monitoring information to the terminal device. The refined metadata may comprise connection groups, which may be formed based on aggregation criteria, such as connection source, destination, application, security policy, protocol, port, and/or the like. The connection groups may be ranked in accordance with ranking criteria.

Abstract: A network security device may gather a large amount of metadata pertaining to the connections being managed thereby. A refinement module may filter and/or aggregate the connection metadata. The metadata may be refined on the network security device. The refined metadata may be provided for display on a terminal. The refined metadata may include a subset of the larger connection metadata, which may reduce the overhead required to display and/or transmit monitoring information to the terminal device. The refined metadata may comprise connection groups, which may be formed based on aggregation criteria, such as connection source, destination, application, security policy, protocol, port, and/or the like. The connection groups may be ranked in accordance with ranking criteria.

Abstract: A network security device may gather a large amount of metadata pertaining to the connections being managed thereby. A refinement module may filter and/or aggregate the connection metadata. The metadata may be refined on the network security device. The refined metadata may be provided for display on a terminal. The refined metadata may include a subset of the larger connection metadata, which may reduce the overhead required to display and/or transmit monitoring information to the terminal device. The refined metadata may comprise connection groups, which may be formed based on aggregation criteria, such as connection source, destination, application, security policy, protocol, port, and/or the like. The connection groups may be ranked in accordance with ranking criteria.

Abstract: A network security device may gather a large amount of metadata pertaining to the connections being managed thereby. A refinement module may filter and/or aggregate the connection metadata. The metadata may be refined on the network security device. The refined metadata may be provided for display on a terminal. The refined metadata may include a subset of the larger connection metadata, which may reduce the overhead required to display and/or transmit monitoring information to the terminal device. The refined metadata may comprise connection groups, which may be formed based on aggregation criteria, such as connection source, destination, application, security policy, protocol, port, and/or the like. The connection groups may be ranked in accordance with ranking criteria.