Is there one tool that can protect against Web-based attacks by combining all the following approaches: Network-based,...
host-based, misuse-based and anomaly-based? Or would doing so require more than one tool?
There is no one tool that will solve all endpoint security issues, but companies have been developing endpoint protection suites that include all of the various components of network-based, host-based, misuse-based and anomaly-based protections for many types of Web attacks. There are companies that have either developed or acquired these various components, such as IBM, McAfee Inc./Intel Corp., Sophos Ltd., Symantec Corp. , Trend Micro Inc. and others. The benefits of endpoint protection suites that bundle multiple products together to provide a broad range of protections include potential improvements in integration and the potential for one management platform. These benefits are not guaranteed, however, the various companies may still be integrating their developed or acquired products into cohesive bundles.
One of the core information security fundamentals is defense in depth. Thus, using one bundled suite or endpoint security system for all of your protections and retiring all of your other information security controls is generally unwise. While it may be worthwhile to retire security controls that are no longer necessary or can be replaced with more modern tools, protecting sensitive client systems with multiple security controls still has value. A large (or even small) enterprise cannot rely solely on one piece of software to be both effectively deployed to and managed at all of its endpoints.
Effective deployment and management are both necessary to successfully protect the endpoint, so enterprises may want to include other controls to protect the systems that don’t have the endpoint protection software. This is where additional information security controls, such as firewalls, could have significant value. If you plan to deploy a new endpoint protection tool, you may want to make sure you know how it could potentially fail and what would be exposed by that failure, so you can ascertain which other security controls are necessary in your environment.
Related Q&A from Nick Lewis, Enterprise Threats
Chameleon malware targets insecure wireless access points. Enterprise threats expert Nick Lewis explains how to defend against the malware.continue reading
The Zeus malware is threatening RTF security by embedding itself in the file, which is commonly seen as safer than other file formats such as PDFs. ...continue reading
Enterprise threats expert Nick Lewis explains how to detect and avoid one of the most advanced malware threats: The Mask.continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.