Server-client authentication with integrated status update

What is claimed is: 1. A computer program product for identifying compromised assets, the computer program product comprising computer executable code embodied in a non-transitory computer readable medium that, when executed by an endpoint, performs the steps of: locally monitoring a health state of the endpoint with a local security agent executing on the endpoint; periodically creating a heartbeat encoding the health state; transmitting the heartbeat to a network device for a local area network in an enterprise network, for communication by the network device to a threat management facility for the enterprise network; and when the health state of the endpoint is a compromised state, encoding with the local security agent executing on the endpoint an instruction for one or more other endpoints to proactively terminate communications with the endpoint through the local area network, and broadcasting from the endpoint over the local area network the instruction for one or more other endpoints to proactively terminate communications from the endpoint to the one or more other endpoints on the local area network, wherein the local area network includes a shared medium network. 2. The computer program product of claim 1 wherein the health state is based on an indicia of potential compromise of the endpoint. 3. The computer program product of claim 1 wherein the one or more other endpoints include at least one of a second endpoint coupled to the local area network, a firewall, a router, a gateway, and a switch. 4. The computer program product of claim 1 wherein transmitting the heartbeat includes transmitting the heartbeat to a threat management facility. 5. The computer program product of claim 1 wherein locally monitoring the health state includes applying at least one of behavior analysis and static analysis to the endpoint. 6. The computer program product of claim 1 further comprising code that performs the step of cryptographically securing the heartbeat. 7. The computer program product of claim 6 wherein cryptographically securing the heartbeat includes digitally signing the heartbeat. 8. A method comprising: locally monitoring a health state of an endpoint with a locally executing security agent on the endpoint, the endpoint coupled in a communicating relationship with a local area network; periodically creating a heartbeat encoding the health state; transmitting the heartbeat to a network device for the local area network in an enterprise network, for communication by the network device to a threat management facility for the enterprise network; when the health state of the endpoint is a compromised state, encoding an instruction with the locally executing security agent executing on the endpoint for one or more other endpoints in a local area network with the endpoint to proactively terminate communications with the endpoint; and transmitting from the endpoint over the local area network the instruction to proactively terminate communications from the endpoint to the one or more other endpoints in the local area network, wherein the local area network includes a shared medium network. 9. The method of claim 8 wherein the health state is based on an indicia of potential compromise of the endpoint. 10. The method of claim 8 wherein the network device includes at least one of a firewall, a router, a gateway, and a switch. 11. The method of claim 8 wherein transmitting the instruction includes transmitting the instruction to a router for the local area network. 12. The method of claim 8 wherein transmitting the heartbeat includes transmitting the heartbeat to the threat management facility for the enterprise network. 13. The method of claim 8 wherein the local area network includes an Ethernet local area network or a WiFi local area network. 14. The method of claim 13 wherein transmitting the instruction includes broadcasting a notification on the local area network. 15. The method of claim 8 wherein locally monitoring the health state includes applying at least one of behavior analysis and static analysis to the endpoint. 16. The method of claim 8 further comprising cryptographically securing the heartbeat. 17. The method of claim 16 wherein cryptographically securing the heartbeat includes digitally signing the heartbeat. 18. The method of claim 16 wherein cryptographically securing the heartbeat includes encrypting contents of the heartbeat. 19. The method of claim 8 wherein the local area network includes a peer-to-peer network. 20. An endpoint comprising: a network interface configured to couple the endpoint in a communicating relationship with one or more devices through a local area network; a memory; and a processor configured by computer executable code stored in the memory to perform the steps of locally monitoring a health state of the endpoint with a locally executing security agent on the endpoint, periodically creating a heartbeat encoding the health state, transmitting the heartbeat to a network device for the local area network in an enterprise network, for communication by the network device to a threat management facility for the enterprise network, when the health state of the endpoint is a compromised state, encoding an instruction with the locally executing security agent for one or more other endpoints to proactively terminate communications with the endpoint, and transmitting from the endpoint over the local area network the instruction to proactively terminate communications with the endpoint to the one or more other endpoints, wherein the local area network includes a shared medium network.