- Endpoint protection management is a policy-based approach to network security that requires endpoint devices to comply with specific criteria before they are granted access to network resources.
- Endpoint security management systems,which can be purchased as software or as a dedicated appliance discover.manage to the corporate network.
- Endpoint security systems work on a client/server model in which a centrally managed server or gateway hosts the security program and an accompanying client program is installed on each network device.
Unified Endpoint Management
A UEM platform is one that converges client-based management techniques with Mobile Device Management (MDM) application Programming Interfaces (API)
Endpoint Protection and Response
Key mitigation capabilities for endpoints:
- Deployment of devices with network configurations.
- Automatic quarantine/blocking of non-compliant endpoints.
- Ability to patch thousands of endpoints at once.
Endpoint Detection and Response
- Automatic policy creation for endpoints.
- Zero-day OS updates.
- Continuous monitoring,patching and enforcement of security policies across endpoints.
Examining an Endpoint Security Solution
Three key factors to consider:
- Threat hunting.
- Detection Response.
- User Education.
New Approach to UEM
- Discover
- Define
- Access
- Act
Unified Endpoint Management with AI
- Cognitive
- People and Identity
- Apps and Content
- Devices and IoT
Traditional Client management System
Example - Windows
- Involves an agent-based approach
- Great for maintenance and support.
- Standardized rinse and repeat process.
- Applicable for some OS and server.
Mobile Device Management
- API-based management technique.
- Security and management of corporate mobile.
- Specialized to over-the-air configuration.
- Purpose-built for smartphones and tablets.