Abstract: Disclosed herein is a certificate authority server configured to provide multi-factor digital certificates. A processor readable medium may include a plurality of instructions configured to enable a certificate authority server of a certificate authority, in response to execution of the instructions by a processor, to receive a request to provide a multi-factor digital security certificate by digitally signing a certificate request having a plurality of factors and a cryptographic key, wherein a first of the plurality of factors is an identifier of a device and a second of the plurality of factors is an identifier of a user of the device. The instructions are also configured to enable the certificate authority server to associate the cryptographic key with the plurality of factors and issue the digital security certificate based on the certificate request. Also disclosed is a method of using a multi-factor digital certificate as part of the authorization process to implicitly bind the plurality of factors.

Abstract: Systems, apparatus and methods for periodically validating the identity of two or more machines that have established a secure communication connection over a network. A client may initiate a secure communication session with a server by providing an identification certificate. Upon establishing a secure connection with the server, the client may periodically reaffirm its identity by sending a secure heartbeat message that includes a timestamp offset and a client identifier in order to keep the connection open. The server can require periodic receipt of the secure heartbeat message in order to maintain the secure communication session. The client identifier may include a code or value based on a unique physical attribute of the client. The timestamp offset may be calculated by the client based on a timestamp provided by the server.

Abstract: The present disclosure provides a method for providing network protection. A method according to one embodiment may include detecting an infected data packet at an in-line device. The method may further include receiving a first instruction from the in-line device at a central management server, the instruction identifying the origin of the infected data packet. The method may also include receiving a marking instruction from the central management server at an infected endpoint device and marking outgoing data packets at the infected endpoint device to create marked data packets. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.

Abstract: The present disclosure provides a method for providing network protection. A method according to one embodiment may include detecting an infected data packet at an in-line device. The method may further include receiving a first instruction from the in-line device at a central management server, the instruction identifying the origin of the infected data packet. The method may also include receiving a marking instruction from the central management server at an infected endpoint device and marking outgoing data packets at the infected endpoint device to create marked data packets. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.

Abstract: The present disclosure provides a method for providing network protection. A method according to one embodiment may include detecting an infected data packet at an in-line device. The method may further include receiving a first instruction from the in-line device at a central management server, the instruction identifying the origin of the infected data packet. The method may also include receiving a marking instruction from the central management server at an infected endpoint device and marking outgoing data packets at the infected endpoint device to create marked data packets. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.

Abstract: Various embodiments of the invention pertain to a wireless communications device to receive multicast transmissions, and to transmit diagnostic information regarding those multicast communications in response to a triggering event. Other embodiments pertain to another wireless communications device to transmit the multicast transmissions, request the diagnostic information, and receive that information.

Abstract: A method and apparatus for network security elements using endpoint resources. An embodiment of a method includes receiving a request for access to a network at an endpoint server. The method further includes detecting that the request for access to the network includes a request that is unauthorized. The request for access to the network is directed to a network security element.

Abstract: The present disclosure provides a method for providing network protection. A method according to one embodiment may include detecting an infected data packet at an in-line device. The method may further include receiving a first instruction from the in-line device at a central management server, the instruction identifying the origin of the infected data packet. The method may also include receiving a marking instruction from the central management server at an infected endpoint device and marking outgoing data packets at the infected endpoint device to create marked data packets. Of course, many alternatives, variations and modifications are possible without departing from this embodiment.

Abstract: Device, system and method of multicast/broadcast communication. For example, an apparatus in accordance with an embodiment of the invention includes a transmitter to transmit, in response to an incoming multicast communication frame received from a multicast communication source, a multicast acknowledgment frame indicating receipt of the incoming multicast communication frame.

Abstract: A method and apparatus for providing Quality of Service (QoS) on a per application basis is described herein. A QoS policy is established for a specific application that is executable on a client of a network. The QoS policy is distributed to the client. Packet traffic originating from the application is filtered based at least in part on the QoS policy.

Abstract: Embodiments of multi-partition virtual machine networking mechanisms are described generally herein. Other embodiments may be described and claimed.