Endpoint Protection is a client/server information security (IS) methodology for protecting a corporate network through focusing on network devices (endpoints) by monitoring their status, activities, software, authorization and authentication. Security software is installed on any endpoint device, as well as network servers. Such software may include antivirus, antispyware, firewall and a host intrusion prevention system (HIPS).
For management and IT security personnel, endpoint security is an increasingly critical element for corporate networks as more employees and authorized outsiders (like business partners, consultants, customers and clients) are granted network access through the Internet and/or a variety of mobile devices.
Endpoint Protection is evolving with technological advances. Security elements now include intrusion protection and prevention, as well as behavior blocking software to monitor endpoint device activities for unsanctioned applications or malicious intent.
Some complex endpoint security programs focus on user device authentication. As a user attempts to login, credentials are validated, and the device is scanned for compliance with corporate policies, which may include a scan for unauthorized software (such as games and peer-to-peer applications), updated virtual private network (VPN), antivirus software, a firewall, mandatory corporate software and an approved operating system (OS). Devices that don’t meet such corporate policies may be granted limited access or quarantined. This is known as network access control (NAC), which is used to unify many elements of endpoint security technology. When access is provided, it is often according to the user’s profile.