Is there one tool that can protect against Web-based attacks by combining all the following approaches: Network-based,...
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
host-based, misuse-based and anomaly-based? Or would doing so require more than one tool?
There is no one tool that will solve all endpoint security issues, but companies have been developing endpoint protection suites that include all of the various components of network-based, host-based, misuse-based and anomaly-based protections for many types of Web attacks. There are companies that have either developed or acquired these various components, such as IBM, McAfee Inc./Intel Corp., Sophos Ltd., Symantec Corp. , Trend Micro Inc. and others. The benefits of endpoint protection suites that bundle multiple products together to provide a broad range of protections include potential improvements in integration and the potential for one management platform. These benefits are not guaranteed, however, the various companies may still be integrating their developed or acquired products into cohesive bundles.
One of the core information security fundamentals is defense in depth. Thus, using one bundled suite or endpoint security system for all of your protections and retiring all of your other information security controls is generally unwise. While it may be worthwhile to retire security controls that are no longer necessary or can be replaced with more modern tools, protecting sensitive client systems with multiple security controls still has value. A large (or even small) enterprise cannot rely solely on one piece of software to be both effectively deployed to and managed at all of its endpoints.
Effective deployment and management are both necessary to successfully protect the endpoint, so enterprises may want to include other controls to protect the systems that don’t have the endpoint protection software. This is where additional information security controls, such as firewalls, could have significant value. If you plan to deploy a new endpoint protection tool, you may want to make sure you know how it could potentially fail and what would be exposed by that failure, so you can ascertain which other security controls are necessary in your environment.
Dig Deeper on Client security
Related Q&A from Nick Lewis
When it comes to state-sponsored attacks infecting mobile devices, do users have any chance of tracing the attack? Expert Nick Lewis offers some ...continue reading
Microsoft won't patch certain ASLR bypass flaws, but enterprises still need to protect against them. Expert Nick Lewis explains the threat and how to...continue reading
Threat actors in China are using VPN services to hide and anonymize their attacks. Expert Nick Lewis explains how to get a handle on these ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.