摘要 |
<p>The present invention is drawn to an apparatus and method for providing secure network communication. Each node or computer on the network (510) has a secure, intelligent network interface (512) with a coprocessor that handles all network communication. The intelligent network interface (512) can be built into a network interface card (NIC) or be a separate box between each machine and the network (513). The intelligent network interface (512) encrypts outgoing packets and decrypts incoming packets from the network based on a key and algorithm managed by a centralized management console (CMC) (520) on the network. The intelligent network interface (512) can also be configured by the CMC (520) with dynamically distributed code to perform authentication functions, protocol translations, single sign-on functions, multi-level firewall functions, distinguished-name based firewall functions, centralized user management functions, machine diagnostics, proxy functions, fault tolerance functions, centralized patching functions, Web-filtering functions, virus-scanning functions, auditing functions, and gateway intrusion detection functions.</p> |