Johannesburg, 04 Sep 2009
Endpoint security remains a key challenge for network security professionals, especially given the fact that a single unprotected endpoint renders the entire network open to attack.
However, the growing number of solutions required to successfully secure an endpoint are making the task increasingly difficult to manage. Hennie Moolman, Managing Director of network security expert, AfricaSD, highlights an approach that can help reduce this complexity without compromising a network's security.
Securing network endpoints is a complex, multifaceted task. There are an enormous number of potential vulnerabilities that need to be managed. It is a task that requires deploying and co-ordinating a wide range of technologies, including data encryption, port control, virtual private networks (VPNs), network access control (NAC) and anti-virus software - and the proprietary solutions required to do so are often neither interoperable or compatible.
As a result, deploying all of these solutions across every endpoint in the organisation, ensuring that they are compliant with each other and kept up-to-date can quickly become a complex, time-consuming task.
According to Hennie Moolman, Managing Director of AfricaSD, adopting a holistic approach - focusing on the overall relationship between the various solutions and the endpoint security system as a whole - can simplify the management of endpoint security and make it easier for companies to deploy appropriate solutions within their existing infrastructure.
"Too often, security threats are dealt with on an 'as and when' basis, which results in the staggered deployment of multiple endpoint solutions," Moolman observes. "According to an IDC survey, nearly 61% of all network professionals are using multiple consoles to manage their endpoint security because of its growing complexity - making it a daunting task, especially in large organisations and with the growth of mobile computing."
Unifying agents
An emerging solution to this challenge is the unifying of endpoint security measures through the use of a single software agent. Such agents can monitor, manage and respond to threats on behalf of the network administrator, and usually combine all of the necessary security measures into a single interface.
Agents can also help administrators proactively enforce security policies at the endpoint, by making sure users can only access critical areas of the system once certain criteria have been met. For example, forcing users to download the latest update for their anti-virus software before access is granted.
Certain agents allow administrators to integrate existing firewalls, VPNs and other endpoint security infrastructure, while most include a management console that allows for central configuration and policy administration.
"Endpoint security is built on the premise that a single unprotected endpoint renders the entire network open to attack. The more complex and varied your endpoint security measures, the more likely you have a chance of a security breach," concludes Moolman. "Agents reduce this complexity by unifying the management of endpoint security across an organisation. Costs are reduced through the elimination of multiple endpoint solutions, and the network professional's time is freed for more productive tasks."
Share