Methods and systems for network security

What is claimed is: 1 . A network interface device coupled to an end-point-protection platform (EPP), the network interface device comprising: a memory for storing a first set of instructions and one or more processors configured to execute the first set of instructions to: a) receive, from the EPP, a report message comprising information about a detected security threat, a security state of a base system logic, or a security configuration, wherein the EPP is hosted on the base system logic; and b) instruct, in response to the report message, the network interface device to perform one or more actions comprising at least one of the following: suspending network traffic associated with the detected security threat, isolating the base system logic from the network, redirecting a network traffic associated with the detected security threat to a destination address and destination port based on a predetermined deception based technology, sending a beacon message to the network related to the security state of the base system logic, preventing the base system communication with an internet host, or suspending an application, a user name or a service. 2 . The network interface device of claim 1 , wherein the network interface device is further configured to: a) monitor, control, or both monitor and control network traffic activity; b) generate an alert comprising information about a threat detected by the network interface device; and c) forward the alert to the EPP. 3 . The network interface device of claim 2 , wherein the network interface device detects the threat by filtering the network traffic. 4 . The network interface device of claim 2 , wherein the network interface device detects the threat by comparing a traffic pattern to an expected traffic pattern. 5 . The network interface device of claim 2 , wherein the network interface device detects the threat by identifying a malware, a virus, a trojan, an embedded macro, an unpermitted application access, an unauthorized username for authentication, or an attempt to initiate a new service or application access. 6 . The network interface device of claim 1 , wherein the network interface device is coupled to the base system logic via an I/O bus or a virtual port of an I/O bus. 7 . The network interface device of claim 1 , wherein the network interface device is coupled to the base system logic via internal connection or a virtual network connection. 8 . The network interface device of claim 1 , wherein the EPP comprises a plurality of security function modules. 9 . The network interface device of claim 8 , wherein the plurality of security function modules comprise a firewall. 10 . The network interface device of claim 8 , wherein the plurality of security function modules comprise a module determining the security state of the base system logic. 11 . The network interface device of claim 10 , wherein the security state of the base system logic is determined based at least in part on detection of diminished system performance, detection of explicit evidence of malware, or both diminished system performance and detection of explicit evidence of malware. 12 . The network interface device of claim 8 , wherein the plurality of security function modules comprise a module generating and forwarding the report message to the network interface device. 13 . The network interface device of claim 1 , wherein the base system logic comprises a memory for storing a second set of instructions and one or more processors configured to execute the second set of instructions to generate the report message. 14 . The network interface device of claim 1 , wherein the base system logic comprise one or more virtual machines or containers. 15 . The network interface device of claim 14 , wherein the base system logic comprises a hypervisor or a docker base for controlling the one or more virtual machines or containers and wherein the hypervisor or the docker base is coupled to the network interface device. 16 . The network interface device of claim 15 , wherein the hypervisor or the docker base is hosted on the base system logic. 17 . The network interface device of claim 15 , wherein the hypervisor or docker base is a component of the network interface device. 18 . The network interface device of claim 1 , wherein the security configuration comprises one or more instructions to the network interface device. 19 . The network interface device of claim 18 , wherein the one or more instructions comprise an instruction to direct the network interface device to perform an action selected from the one or more actions. 20 . The network interface device of claim 1 , wherein the report message is analyzed to generate one or more control instructions to the network interface device. 21 . The network interface device of claim 20 , wherein the one or more control instructions comprise an instruction to activate or deactivate the network interface device, and wherein the control instruction is generated based on the security state of the base system logic provided by the report message. 22 . The network interface device of claim 20 , wherein the one or more control instructions comprise an instruction to suspend network traffic associated with the detected security threat, and wherein the control instruction is generated based on address identified from the detected security threat. 23 . The network interface device of claim 20 , wherein the one or more control instructions comprise an instruction to redirect network traffic associated with the detected security threat to the destination address and destination port based on the predetermined deception based technology, and wherein control instruction is generated according to the detected security threat and the security configuration provided by the report message. 24 . The network interface device of claim 20 , wherein the one or more control instructions comprise an instruction to send a beacon message to the network informing the security state of the base system logic and wherein the control instruction is generated when the security state of the base system logic is determined to be below a predetermined threshold. 25 . The network interface device of claim 24 , wherein the threshold is determined by the network interface device. 26 . The network interface device of claim 24 , wherein the threshold is determined by the EPP. 27 . A method for providing network security, comprising: a) receiving, at a network interface device, a report message generated by an end-point-protection platform (EPP) that is configured to monitor network traffic activity or security state of a base system logic hosting the EPP, wherein the report message comprises information about a detected security threat, the security state of the base system logic, or a security configuration, and wherein the report message is transmitted via an internal connection; and b) performing, by the network interface device, one or more actions in response to the report message, wherein the one or more actions comprising at least one of the following: suspending network traffic associated with the detected security threat, isolating the base system logic from the network, redirecting a network traffic associated with the detected security threat to a destination address and destination port based on a predetermin