Almost every contemporary corporation and organization has acquired and deployed security solutions
or mechanisms to keep its networks and data secure. Hardware and software tools such as firewalls,
network-based intrusion prevention systems, antivirus and antispam packages, host-based intrusion
prevention solutions, and vulnerability scanners have proven effective to a certain degree, but only if
they are kept up to date. For example, classic virus attacks sent via e-mail attachments, such as netsky
and MyDoom, can easily be detected and prevented by any up-to-date antivirus and antispam software
package. The key to stopping host attacks is being able to proactively enforce security policies that
ensure all hosts must be fully patched and have up-to-date security software running before allowing
them full network access. Existing security solutions do not proactively stop a PC from entering the
network if its security software and operating system software are not current. Frequently, users will
manually disable their host security software because it either reduces the overall performance of their
PC or prevents an application from installing. When antivirus and antispam packages are out of date or
not running, the likelihood of PC virus infections increases. This in turn increases the overall security
risk to the organization.