It used to be that we could control malware coming into our network by blocking ports on the router (GNN phase I!) and making sure that all machines were patched. But what if that doesn't work anymore? How can you get some control back from the malware so that a wrong click by the end-user doesn't mean you spend the next 6 months chasing Conficker around your network? That is what we will talk about in this hour long session - things you can do to get a jump on malware infections so they don't spread to every machine on your network.