Mobile devices, like almost all computing devices, have the capacity to be used to attack other networked devices. The unique dual-connected nature (cellular and wireless Ethernet) of mobile devices makes them ideal platforms for circumventing traditional network security boundary protections. To prevent damage to the enterprise from a compromised mobile device, access to the enterprise must be restricted through one or more known network routes (i.e., Gateways) and inspected by standard network defenses such as stateful packet inspection, intrusion detection, and application and protocol filters. These standard defenses are collectively known as a "filter stack" because they serve to filter unwanted network traffic and are usually configured in a "stack" with traffic traversing each filter in sequence. The [Gateway and Security Stack] (GSS) typically functions at the session and below layers of the OSI network model.