This is default featured slide 1 title
This is default featured slide 2 title
This is default featured slide 3 title
This is default featured slide 4 title
This is default featured slide 5 title
 

Protection Techniques For Endpoint Security

A typically robust Endpoint Security Platform would contain the following features:

  • Containment with auto-sandboxing
  • Web URL Filtering
  • Firewall
  • Antivirus
  • Cloud-based File Lookup Services
  • Host Intrusion Protection System (HIPS)
  • Process Behavior Analysis

While numerous tools and techniques are available, endpoint security can be further enhanced with:

  • Network Access Control (NAC)
  • Data Loss Prevention (DLP)
  • Data Destruction

Data is stored on endpoints and users connect to the enterprise network in many ways. Hence, the network must be protected from possibly vulnerable devices (endpoints) or devices that are already infected and compromised. And there are many different types of devices that require different types of security.

Network Access Control (NAC)

Considering users, devices and BYOD, NAC is an important technology for admission control. Security policies are defined that ensure that an endpoint meets defined compliance levels before they are allowed to connect to the enterprise network. Non-compliant devices are blocked. This feature ensures that the endpoints are safe from malware, and if infected they are not allowed to connect to the network that may compromise other devices. The Lightweight Directory Access Protocol (LDAP), RSA and Active Directory are utilized by NAC to coordinate the working of the firewalls and devices – routers and switches. This defines who is allowed network access and who is not. Better security is ensured. NAC can also be integrated with mobile device management (MDM) technologies to check mobile device security.

Data Loss Prevention (DLP):

DLP tools can be integrated into endpoint protection suites or can be used as a separate cloud-based tool. These tools protect the data on devices from unauthorized malicious users trying to access or steal the data. It helps prevent sensitive data from being transferred out of the network. Automatic disabling of devices can be triggered when suspicious data transfer activities occur. DLP tools can be incorporated into mobile device management solutions for ensuring better security of mobile devices.