Abstract: Methods and systems for defining a solution within an enterprise security management configuration server is disclosed. One method includes, based on network concordance data, grouping a plurality of nodes within an enterprise network into a plurality of profiles and identifying one or more channels among the plurality of profiles within a project of an enterprise security management configuration tool. The method also includes displaying the plurality of profiles in a configuration user interface, and automatically identifying one or more solutions among the plurality of profiles. The method further includes collapsing each of the one or more solutions into a single icon within the configuration user interface, each single icon representing a solution.

Abstract: Methods and systems for configuring security management settings within an enterprise network are disclosed. One method includes receiving network concordance data at an enterprise security management configuration tool from a plurality of nodes within an enterprise network, and, based on the network concordance data, classifying each of the plurality of nodes based on an affinitization between the two or more nodes. The method also includes defining a profile for one or more nodes or grouped nodes, and defining one or more solutions within the enterprise security management configuration tool, the one or more solutions each including one or more nodes of the plurality of nodes. The method also includes receiving a deployment selection identifying at least one of the one or more solutions, and, in response to the deployment selection, generating a security settings file describing security settings for each of the one or more nodes.

Abstract: Systems and methods for executing multiple operating systems on a computing system without rebooting the computing system are disclosed. Embodiments may include installing a first OS and a second OS on a computing system. Embodiments may further include executing the first OS on hardware resources of the computing system. Some embodiments may also include suspending execution of the first OS, and executing the second OS on the hardware resources while execution of the first OS is suspended.

Abstract: Methods and systems for monitoring network data packets within a secure network are described. One method includes receiving, at a consumer endpoint, a data packet from a second endpoint, the data packet being encrypted with an encryption key associated with a packet auditing community of interest and having a routing header appended thereto, the routing header identifying the consumer endpoint. The method includes decrypting the data packet using the encryption key associated with the packet auditing community of interest, and removing at least a portion of the routing header identifying the consumer endpoint from the decrypted data packet. The method also includes performing at least one packet auditing operation on the decrypted data packet.

Abstract: Methods and systems for configuring a security topology in an enterprise security management configuration tool are disclosed. One method includes manipulating an icon representing one or more nodes in a configuration user interface of an enterprise security management configuration tool to associate the one or more nodes into a manual grouping of nodes in an enterprise network; and, after manipulating the icon, selecting, from a tool palette of the configuration user interface, an automatic association tool, the automatic association tool determining an association among a plurality of nodes into a plurality of automated logical groupings of nodes. In some cases, the manual grouping of nodes is different from the plurality of automated logical groupings, and the automatic association tool preserves the manual grouping of nodes.

Abstract: Methods and systems for assigning security settings to one or more nodes within an enterprise network are disclosed. One method includes receiving network concordance data at an enterprise security management configuration tool from a plurality of nodes within an enterprise network, and receiving, in a configuration user interface, a selection of an affinitization level selected from a plurality of discrete affinitization levels, each of the discrete affinitization levels corresponding to a different extent to which nodes within an enterprise are grouped into profiles. The method also includes automatically grouping each of the plurality of nodes identified in the network concordance data into a plurality of profiles based on the selected affinitization level, and applying a common security policy to each of the nodes included in one of the plurality of profiles.

Abstract: Methods and systems for configuring security management settings within an enterprise network are disclosed. One method includes receiving network concordance data at an enterprise security management configuration tool from a plurality of nodes within an enterprise network, and, based on the network concordance data, classifying each of the plurality of nodes based on an affinitization between the two or more nodes. The method also includes defining a profile for one or more nodes or grouped nodes, and defining one or more solutions within the enterprise security management configuration tool, the one or more solutions each including one or more nodes of the plurality of nodes. The method also includes receiving a deployment selection identifying at least one of the one or more solutions, and, in response to the deployment selection, generating a security settings file describing security settings for each of the one or more nodes.

Abstract: Methods and systems for configuring a security topology in an enterprise security management configuration tool are disclosed. One method includes manipulating an icon representing one or more nodes in a configuration user interface of an enterprise security management configuration tool to associate the one or more nodes into a manual grouping of nodes in an enterprise network; and, after manipulating the icon, selecting, from a tool palette of the configuration user interface, an automatic association tool, the automatic association tool determining an association among a plurality of nodes into a plurality of automated logical groupings of nodes. In some cases, the manual grouping of nodes is different from the plurality of automated logical groupings, and the automatic association tool preserves the manual grouping of nodes.

Abstract: Methods and systems for assigning security settings to one or more nodes within an enterprise network are disclosed. One method includes receiving network concordance data at an enterprise security management configuration tool from a plurality of nodes within an enterprise network, and receiving, in a configuration user interface, a selection of an affinitization level selected from a plurality of discrete affinitization levels, each of the discrete affinitization levels corresponding to a different extent to which nodes within an enterprise are grouped into profiles. The method also includes automatically grouping each of the plurality of nodes identified in the network concordance data into a plurality of profiles based on the selected affinitization level, and applying a common security policy to each of the nodes included in one of the plurality of profiles.

Abstract: Methods and systems for defining a solution within an enterprise security management configuration server is disclosed. One method includes, based on network concordance data, grouping a plurality of nodes within an enterprise network into a plurality of profiles and identifying one or more channels among the plurality of profiles within a project of an enterprise security management configuration tool. The method also includes displaying the plurality of profiles in a configuration user interface, and automatically identifying one or more solutions among the plurality of profiles. The method further includes collapsing each of the one or more solutions into a single icon within the configuration user interface, each single icon representing a solution.

Abstract: Methods and systems for periodically generating and managing passwords for one or more websites of users are disclosed. The users are provided with the ability to automatically replace their old passwords with new passwords for their one or more website accounts. The users can set a pre-determined frequency at which their passwords are to be updated and replaced with new passwords. The users can further define additional one or more rules based on which their passwords are updated. The methods and systems are further configured to auto log into user's website accounts with the updated passwords.

Abstract: Methods and systems for periodically generating and managing passwords for one or more websites of users are disclosed. The users are provided with the ability to automatically replace their old passwords with new passwords for their one or more website accounts. The users can set a pre-determined frequency at which their passwords are to be updated and replaced with new passwords. The users can further define additional one or more rules based on which their passwords are updated. The methods and systems are further configured to auto log into user's website accounts with the updated passwords.

Abstract: Methods and systems for periodically generating and managing passwords for one or more websites of users are disclosed. The users are provided with the ability to automatically replace their old passwords with new passwords for their one or more website accounts. The users can set a pre-determined frequency at which their passwords are to be updated and replaced with new passwords. The users can further define additional one or more rules based on which their passwords are updated. The methods and systems are further configured to auto log into user's website accounts with the updated passwords.

Abstract: Methods and systems for periodically generating and managing passwords for one or more websites of users are disclosed. The users are provided with the ability to automatically replace their old passwords with new passwords for their one or more website accounts. The users can set a pre-determined frequency at which their passwords are to be updated and replaced with new passwords. The users can further define additional one or more rules based on which their passwords are updated. The methods and systems are further configured to auto log into user's website accounts with the updated passwords.

Abstract: A secure application system and method for a host computing device. The system includes an ultraboot application divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The virtual service partition is an isolated secure partition having a secure application executing therein. The isolated secure partition includes a security manifest portion for controlling the execution of the secure application within the isolated secure partition, and a secure application operating system (OS) portion that supports only the execution of the secure application within the isolated secure partition. The secure application is executed within the isolated secure partition without the need for any standard operating system (OS).

Abstract: Systems and methods for executing multiple operating systems on a computing system without rebooting the computing system are disclosed. Embodiments may include installing a first OS and a second OS on a computing system. Embodiments may further include executing the first OS on hardware resources of the computing system. Some embodiments may also include suspending execution of the first OS, and executing the second OS on the hardware resources while execution of the first OS is suspended.

Abstract: A secure application system and method for a host computing device. The system includes an ultraboot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources. The virtual service partition is an isolated secure partition having a secure application executing therein. The isolated secure partition includes a security manifest portion for controlling the execution of the secure application within the isolated secure partition.

Abstract: A secure platform system and method for a host computing device. The system includes an ultraboot application that operates in the less privileged user memory and divides the host computing device into a resource management partition, at least one virtual service partition and at least one virtual guest partition. The virtual guest partition provides a virtualization environment for at least one guest operating system. The virtual service partition provides a virtualization environment for the basic operations of the virtualization system. The resource management partition maintains a resource database for use in managing the use of the host processor and the system resources. The virtual service partition is a secure virtualization platform (s-Platform) having at least one isolated secure partition for executing at least one secure application therein. The system also includes at least one monitor that operates in the most privileged system memory.