End point security

End point security (also, "endpoint security") is an information security concept that assumes that each device (end point) is responsible for its own security.

Traditionally, firewalls, central virus scanners and other intrusion detection or intrusion prevention devices were held responsible for securing an end-point.[1] However, with the SSL VPN, the intrusion prevention systems in the perimeter become ineffective as SSL VPN can be controlled at the two end points one being the desktop and the other outside the user control in the Internet space.[2]

End point security places the onus of security on the device itself. Examples exist with Broadband users' increasing use of desktop firewalls, spam and antivirus software.

A variant of the end point security is the on-demand securing of a device. In this concept the server sends ActiveX or java components which take appropriate security measures: Profiling of the client environment from perspective of firewall, antivirus, patches, etc., memory protection program to create virtual desktop whose memory is different from that of the host system and deletes all data on exit.

Another look at endpoint security should include computer level tools that provide administrative control over the use of memory devices. Controlling the use of memory sticks, SD cards and other flash drive type memory devices. Endpoint security also includes the protection of a businesses network from employee memory devices that may unknowingly contain malware.

End point security can include protection and forensic investigation of the following types of device:

- mobile phones and other mobile communication devices - printers - PCs - notebooks - mass media writers - email - home PC access

References

  1. ^ End Point Security, [1] Retrieved on 6 December 2011.
  2. ^ End Point Security, [2] Retrieved on 6 December 2011.