Employees, contractors and partners regularly enter the corporate network via remote access, LANs and even wireless connections. This type of access creates new endpoint security threats for IT administrators. Even those companies who are running the most sophisticated perimeter-security defenses are vulnerable if one computer connects to the network and is not in a secure state. This problem is compounded by the fact that most security solutions such as anti-virus, intrusion detection and software patches are reactive technologies. By the time a patch or signature can be pushed to the network the damage is already done. It is therefore critical that every organization has a proactive endpoint security strategy that is defined by IT security policy.
An effective endpoint security strategy should require that every endpoint runs a host-based firewall and antivirus protection with up-to-date signatures before it is granted a connection to the LAN. It should also require that a critical Windows patch and an updated VPN client is installed prior to network access. Instead of having to wait for patches and signatures to be pushed out throughout the network, this strategy forces each network entry to be "clean" before connecting.
Other features of a solid endpoint security plan include:
- Policy Compliance: Ensures that all PCs that access the network-whether employee or guest, and regardless of access point -are clean before they are allowed to enter the network.
- Tight Integration: Integration with network gateway products - from VPN's to switches to wireless points - ensures that non-compliant PC's are quarantined and brought back into compliance before they are allowed access to network resources.
- Client Lock Down: Prevent users and attackers from disabling endpoint security or enforcement of network access policy. The ability to deliver comprehensive, assured endpoint security and policy compliance enterprise wide enables threats to be defeated.
- Inbound Threats: Allow open PC ports only for authorized network traffic and block network intrusion attempts; port stealthing hides endpoint PCs from port scans.
- Outbound Threats: Prevent unauthorized applications and malicious code from capturing and sending enterprise data to hackers.
- Email Protection: Quarantine suspicious email attachments and help prevent address book hijacking.
- Easy and Fast Remediation: Quick solution resolution for out of compliance endpoints, so users stay productive and don't call the help desk while they're getting into compliance.