+ 0 Votes You have two issues here fenton.yew 6 years ago My suggestion is that you separate these two issues as they are two distinct problems. Rootkit detection/prevention is a whole other ballgame. Zero-day exploit prevention will require adequate defense-in-depth strategies. NAP/NAC can help make sure machines are up to date and patched before connecting to your VPN but unfortunately, targeted rootkit attacks will go under the radar with most AV implementations. What you need to understand is "risk management."