Is there one tool that can protect against Web-based attacks by combining all the following approaches: Network-based,...
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
host-based, misuse-based and anomaly-based? Or would doing so require more than one tool?
There is no one tool that will solve all endpoint security issues, but companies have been developing endpoint protection suites that include all of the various components of network-based, host-based, misuse-based and anomaly-based protections for many types of Web attacks. There are companies that have either developed or acquired these various components, such as IBM, McAfee Inc./Intel Corp., Sophos Ltd., Symantec Corp. , Trend Micro Inc. and others. The benefits of endpoint protection suites that bundle multiple products together to provide a broad range of protections include potential improvements in integration and the potential for one management platform. These benefits are not guaranteed, however, the various companies may still be integrating their developed or acquired products into cohesive bundles.
One of the core information security fundamentals is defense in depth. Thus, using one bundled suite or endpoint security system for all of your protections and retiring all of your other information security controls is generally unwise. While it may be worthwhile to retire security controls that are no longer necessary or can be replaced with more modern tools, protecting sensitive client systems with multiple security controls still has value. A large (or even small) enterprise cannot rely solely on one piece of software to be both effectively deployed to and managed at all of its endpoints.
Effective deployment and management are both necessary to successfully protect the endpoint, so enterprises may want to include other controls to protect the systems that don’t have the endpoint protection software. This is where additional information security controls, such as firewalls, could have significant value. If you plan to deploy a new endpoint protection tool, you may want to make sure you know how it could potentially fail and what would be exposed by that failure, so you can ascertain which other security controls are necessary in your environment.
Dig Deeper on Client security
Related Q&A from Nick Lewis
An HTTPS session with a reused nonce is vulnerable to the Forbidden attack. Expert Nick Lewis explains how the attack works, and how to properly ...continue reading
The Irongate malware has been discovered to have similar functionality to Stuxnet. Expert Nick Lewis explains how enterprises can protect their ICS ...continue reading
APT groups have been continuously exploiting a flaw in Microsoft Office, despite it having been patched. Expert Nick Lewis explains how these attacks...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.