Is there one tool that can protect against Web-based attacks by combining all the following approaches: Network-based,...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
host-based, misuse-based and anomaly-based? Or would doing so require more than one tool?
There is no one tool that will solve all endpoint security issues, but companies have been developing endpoint protection suites that include all of the various components of network-based, host-based, misuse-based and anomaly-based protections for many types of Web attacks. There are companies that have either developed or acquired these various components, such as IBM, McAfee Inc./Intel Corp., Sophos Ltd., Symantec Corp. , Trend Micro Inc. and others. The benefits of endpoint protection suites that bundle multiple products together to provide a broad range of protections include potential improvements in integration and the potential for one management platform. These benefits are not guaranteed, however, the various companies may still be integrating their developed or acquired products into cohesive bundles.
One of the core information security fundamentals is defense in depth. Thus, using one bundled suite or endpoint security system for all of your protections and retiring all of your other information security controls is generally unwise. While it may be worthwhile to retire security controls that are no longer necessary or can be replaced with more modern tools, protecting sensitive client systems with multiple security controls still has value. A large (or even small) enterprise cannot rely solely on one piece of software to be both effectively deployed to and managed at all of its endpoints.
Effective deployment and management are both necessary to successfully protect the endpoint, so enterprises may want to include other controls to protect the systems that don’t have the endpoint protection software. This is where additional information security controls, such as firewalls, could have significant value. If you plan to deploy a new endpoint protection tool, you may want to make sure you know how it could potentially fail and what would be exposed by that failure, so you can ascertain which other security controls are necessary in your environment.
Dig Deeper on Endpoint protection and client security
Related Q&A from Nick Lewis
As the Magento Community Edition suffers a new zero-day vulnerability, expert Nick Lewis explains how it's being exploited and how to mitigate the ...continue reading
Cross-platform malware enables attackers to leverage their attacks using infected Microsoft Word docs. Expert Nick Lewis explains how the attacks ...continue reading
How was the ATMitch malware able to loot cash machines, then delete itself? Expert Nick Lewis explains how the fileless malware works and how it ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.