Run the client application(s) on one machine, connect to another machine which is running the kernel extension, and administrate that remote machine in much the same manner that one can currently control the local machine with the client application(s).

The primary challenge in implementing this feature is that of security. If the remote administration socket connection is to be made directly to the kernel, then the cryptographic algorithms which secure that connection (including the key exchange and symmetric cipher algorithms) must also be implemented in the kernel.


   [Rules Server]

Instead of pulling the rules from disk on the local machine, the local machine would instead contact a rules server to pull down the default set of rules. Until such time as those rules were installed, the machine could be place in a no-network-access mode.

The primary difficulty for this feature is ensuring that the rules server is the "authentic" rules server for that network, and not a rogue server being run by a malicious user. The most likely method would be that of installing a certificate on each network machine, and that certificate would be used to authenticate access with the rules server.


   [Network Monitoring]

Monitor various statistics on a large set of machines in a single interface. Statistics would be presented in a graph form, showing history. When an admin-defined threshhold was exceeded, an alert would notify the admin. One-click support for locking down the network access for a given machine.