End-point security should address both hidden potential threats and actual
weaknesses at the end point. Many vendors offer products that resolve specific
end-point-related security issues and describe these as end-point security
solutions, but this is misleading.
For example, vendors offering products that control use of memory sticks, digital cameras or other types of USB memory device are not offering end-point security, but device control. Vendors offering application control products are only covering one category of
security threat; even networks that lock down installations so that only approved applications may be installed leave the end point open to other security breaches.
Combining commodity security products, such as firewalls, anti-virus and behavioural IDS/IPS, is not an end-point security solution. These products should be obligatory for firms that want safe networks.
The layer of end-point security needs to cover processes, services and their configurations and start-up commands, plus application and device control. Add a form of change control that can identify a bypassed proxy or disabled group policy, plus functionality that includes detecting multiple network connections from a single PC and one is closer to a full view of an end point’s activity while connected to the network.
A comprehensive solution also needs remediation capabilities to minimise the impact on administrators managing the company end points and should address misuse, misconfiguration and malicious activity. Most network access control (NAC) products prescribe quarantining end points that do not conform to company policy; they also suggest that each end point should exhibit a specific set of security requirements and be without malware infections before admittance to the network.
However, they are often performed only when the end point joins the network.
So, while NAC has its benefits and provides a barrier against infected end points from joining a clean network, it is only one part of end-point security. Unless a
NAC solution offers complete end-point security on a continuous basis, it must be seen as a
product that merely complements end-point security.
Ari Tammam is channels vice president at Promisec.
Infrastructure provider says international sales now make up 51 per cent of its revenue
Suzanne Chappell of TMS plans sailing venture after selling Oxfordshire-based TMS to acquisitive Chess
Withdrawal of credit insurance by some providers a 'reflection' of current challenge facing IT sector, according to MD Steve Soper
SMART's UK managing director joins Lenovo to boost SMB business