 "A Unified Approach To Endpoint Security")
Organisations today face a threat landscape that involves stealthy, targeted, and financially-motivated attacks that exploit vulnerabilities in endpoint devices. Many of these sophisticated threats can evade traditional security solutions, leaving organisations vulnerable to data theft and manipulation, disruption of business-critical services, and damage to corporate brand and reputation. To stay ahead of this emerging breed of stealthy and resilient security threats, organisations must advance their endpoint protection.
Endpoint protection enables organisations to take a more holistic and effective approach to protecting their endpoints—laptops, desktops, and servers. An effective endpoint protection solution combines five essential security technologies to proactively deliver the highest level of protection against known and unknown threats, including viruses, worms, Trojan horses, spyware, adware, rootkits, and zeroday attacks in a single deployable agent that can be administered from a central management console. Also, some solutions allow administrators to easily disable or enable any of these technologies based on their particular needs.
Seamless and multi-layered endpoint protection delivers:
• Advanced threat prevention — Exceeding traditional signature-based file scanning methods, it provides comprehensive endpoint protection against known and unknown threats from inside or outside the organisation via best-of-breed technologies that automatically analyse application behaviour and network communications, with additional tools to restrict high-risk device and application behaviour.
• Simplified, holistic approach to endpoint protection — The consolidation of essential endpoint security technologies into a single agent makes endpoint protection solutions easy to install, maintain, and update, saving organisations time and money while protecting their assets and business. Automated security updates provide hassle-free protection from the latest threats. Administrators gain endpoint visibility with a unified management console, which includes graphical reporting, centralised logging, and threshold alerting.
An integrated approach to endpoint protection
The IT threat landscape has changed dramatically over the past few years. In the past, the majority of attacks were meant simply to make headline news. Today, attacks have become more sophisticated and stealthy, targeting specific organisations to reap financial gain. Professional hackers continuously develop new tactics to gain unauthorised, undetected, and ongoing access to an organisation’s systems and information. One gauge of the growing sophistication of attacks is the appearance of blended threats, which integrate multiple attack methods such as worms, Trojan horses, and zero-day threats.
Antivirus, antispyware, and other signature-based protection measures, which are primarily reactive, may have been sufficient to protect an organisation’s vital resources a few years ago, but not so today. Organisations now need proactive endpoint security measures that can protect against zero-day attacks and even unknown threats. They need to take a structured approach to endpoint security, implementing a comprehensive solution that not only protects from threats on all levels, but also provides interoperability, seamless implementation, and centralised management.
Some endpoint protection solutions include turnkey, proactive technologies that automatically analyse application behaviours and network communications to detect and block suspicious activities, as well as control features that allow administrators to deny specific device and application activities deemed to be high risk for their organisation. They can even block specific actions based on the user’s location.
This multi-layered approach significantly lowers risks and gives organisations confidence that their business assets are protected and they also have the option to customise the solution according to their needs. Whether the attack emanates from a malicious insider or an external intruder, endpoints are protected.
Multiple technologies, one solution
To combat the ever-growing threats against their IT infrastructures, administrators need to understand the importance of endpoint protection technologies. However, this often translates into making sure each endpoint has installed on it an antivirus, antispyware, desktop firewall, intrusion prevention, and device control technology. Deploying these security products individually on each endpoint is not only time-consuming, but it also increases IT complexity and costs. Organisations then need to provide management, training, and support for a variety of different endpoint security solutions. Also, differing technologies can often work against one another or impede system performance due to high resource consumption.
To reduce the complexities and costs associated with deploying and managing multiple solutions, best-in-breed endpoint protection technologies can be consolidated into a single, integrated agent that can be administered from a single, unified management console. This eliminates the administrative overhead and costs associated with multiple security products. Furthermore, it gives administrators the flexibility to scale their protection over time. They can start with a limited set of protection technologies and then enable additional technologies as needed.
Single endpoint protection agent
The consolidation of capabilities into a single endpoint security agent enables operational efficiencies such as a single communication method and content delivery system across security technologies. Service configuration and exclusions can be performed globally at a single point on the client or at the management server. Furthermore, automated security updates to the agent provide hassle-free protection from the latest threats.
Administrators can customise the interface, allowing them to decide which technologies can run at the client and which configuration options will not be available to the end user. Administrators also have the option to completely hide the interface from users. These features provide flexibility and control to protect endpoint devices in a manner that meets the organisation’s unique requirements. Also, features and options can be easily turned on or off by the administrator at any time.
Single, unified management console
The ability to manage all services from a single, unified console enables administrators to take a holistic approach to endpoint security management. Console administrators can create and manage policies, assign them to agents, view logs, and run reports for endpoint security activities. The unified console simplifies endpoint security administration and enables operational efficiencies, including centralised software updates, policy updates, reporting, and licensing maintenance.
The console’s management architecture can scale to meet the most demanding environments. It can provide granular control over administrative tasks, while simplifying and unifying management efforts to reduce total cost of ownership. A flexible management structure allows different administrators to be granted different levels of access to the management system based on their roles and responsibilities.
This multi-layered approach to endpoint security offers protection in a single agent deployment that significantly lowers risks without added resource overhead so that organisations can efficiently manage security and gain confidence that their corporate assets and business are protected.
Effective endpoint security
Endpoint protection solutions seamlessly combine best-in-breed protection mechanisms into a single agent to deliver the highest level of comprehensive endpoint security:
• Antivirus/antispyware
• Network threat protection
• Proactive threat protection
Furthermore, a network access control ready solution can allow organisations to ensure endpoints comply with corporate security policy before gaining access to the network. This eliminates the need to deploy additional network access control software on an organisation’s endpoint devices.
Dhupar is managing director, Symantec India.