With a vision to protect sensitive data in a network connected with multi devices and multi users, organizations are desperate to adopt strongest endpoint security solution. In such a scenario, it is imperative for organizations to follow some key issues while out for selecting right one.

“A new, more holistic & effective approach to endpoint protection has emerged today. This next-generation approach combines essential security technologies to proactively deliver a significantly higher level of protection against known and unknown threats.” Vishal Dhupar, MD, Symantec India

It is becoming increasingly difficult for IT managers to safeguard the corporate network. Employees' partners and contractors' increasingly have access to the network through remote access, LANs, or via wireless connections. These types of access open up the network to a myriad of potential web threats. Although antivirus, antispyware and other signature-based protection measures were sufficient to protect organizations in the past, small businesses now need proactive endpoint security measures that can protect against zero-day attacks and even unknown threats. They also need to take a structured approach to endpoint security, implementing a comprehensive solution that not only protects from threats on all levels but also provides interoperability, seamless implementation and centralized management.

Points to Ponder

Currently security vendors are now offering integrated security suites rather than individual products as per industry demand. Whether purchasing a security suite or individual products there are some areas and technologies you should be trying to get as part of your endpoint solution.

Advocating for a product with complete strength, Manoj Yadav, Business Development Manager, Satcom Infotech, suggests that a buyer should consider an Endpoint Security solution, which has comprehensive approach. It should be able to detect all threats from one console and should have small updates for the better performance of a computer. Besides supporting wide rage of OSs apart from Windows, it should have inbuilt firewall and it should be capable to manage through a central console. Most importantly the product should be backed by 24x7 support.

Vishal Dhupar, MD, Symantec India believes that a new, more holistic and effective approach to endpoint protection has emerged today. This next-generation approach combines essential security technologies to proactively deliver a significantly higher level of protection against known and unknown threats, including viruses, worms, Trojans, spyware, adware, rootkits and zero-day attacks. This approach combines antivirus, antispyware and firewall with advanced proactive protection technologies in a single deployable agent that can be administered from a central management console. To ensure flexibility, administrators can easily disable or enable any of the technologies based on their organization’s particular needs. A buyer needs to ensure that the solution that he purchases incorporates all of these features.

"Since the PC is vulnerable to varied threats today, a buyer should check whether the product provides Comprehensive security apart from Anti Virus, like - Anti-Spam, Anti-Malware, Firewall, Privacy control and System Monitor." Kesavardhanan Jayaraman, Founder and CEO, K7 Computing

According to Kesavardhanan Jayaraman, Founder and CEO, K7 Computing, since the PC is vulnerable to varied threats today, a buyer should check whether the product provides Comprehensive security apart from Anti Virus, like - Anti-Spam, Anti-Malware, Firewall, Privacy control and System Monitor. The buyer should also ensure the security product is compact so that it does slow down the system. From the support perspective, the buyer should be satisfied that the manufacturer provides post-sales support by a toll-free telephone, email and remote access.

Addressing the key issues, which a buyer always should look for, Leonard Gangi, VP & GM, Enterprise Security Solutions, Comodo Group, Inc, says that organizations must give priority to Endpoint Security Management. Easy management allows administrators to centrally and remotely control all endpoint security from a well-designed administrative GUI. Centralized control means rapid turnaround in critical situations and less IT time spent on administration overall. Maintaining endpoint security and configuration policies can significantly improve threat prevention as well as reduce unnecessary help desk support that all too often occurs when inexperienced users attempt to reconfigure their computers or download unsanctioned software.

Most Endpoint Security solutions available today offer virus and spyware protection, new variant detection, anti-rootkit security, malware, remnant removal and firewall security. But today desktops, laptops, and file servers are under attack by a new generation of threats that blend multiple malicious components designed to slip past security. Many of these are cyber crime attacks that download from the web and steal your private data. And until now, desktop security has lacked protection against web-based threats.

Amit Nath, Country Manager, India & SAARC, Trend Micro, feels that the buyers should be looking for Comprehensive Security including dedicated Web threat protection, virtualization and extended platform support along with ease of management while selecting an Endpoint Security solution.

“A buyer should consider an Endpoint Security solution, which has comprehensive approach. It should be able to detect all threats from one console and should have small updates for the better performance of a computer. Most importantly the product should be backed by 24x7 support.” Manoj Yadav, Business Development Manager, Satcom Infotech

Adrian Harrington, BDM, Emerging Markets, GFI, suggests customers to look for a product which should provide the administrator with comprehensive control over the use of portable storage devices on the network. These devices, ranging from laptops and smartphones to PDAs and flash drives, can be a security threat unless the organization can control not only user activity but also the type of devices in use. He also says, easy of installation, ease of configuration and a guarantee that the agent used to control individual workstations cannot be tampered with are very important factors to consider. The price and its cost-effectiveness for the organization are also important.

Table: Latest Solutions Available and Features

Don’t Forget

While comparing products from multi vendors, you have to be very cautious and intelligent to understand their claims. Since almost all the vendors offers almost similar kind of features, you have to be intelligent enough to judge their individual strength. You also must consider the TCO and RoI factors, while selecting an appropriate solution.

Organizations now need proactive endpoint security measures that can protect against zero-day attacks and unknown threats. They need to take a structured approach to endpoint security, implementing a solution that not only protects them from threats on all levels, but also provides interoperability, seamless implementation, and centralized management.

Historically, cyber criminals have continued to advance their malware development skills, and the security industry has responded with new technologies to combat threats. Most recently, however, the explosion of new threats and the tendency toward combined threats is complicating protection efforts. As threats have increased in number and complexity, conventional, pattern-based antivirus protection is falling short and security update deployment issues are impacting network and system performance. Clearly, a new approach is needed to combat evolving Web threats.

Advanced approach to endpoint protection provides advanced threat prevention that protects endpoints from targeted attacks as well as attacks not seen before. It includes proactive technologies that automatically analyze application behaviors and network communications to detect and block suspicious activities, as well as administrative control features that allow administrators to deny specific device and application activities deemed as high risk for the organization. They can even block specific actions based on the location of the user. In the case of an infected endpoint, security products repair the damage by disinfecting or quarantining the system. The remediation process is then completed by deploying the necessary patch.

This approach calls for consolidating endpoint protection technologies in a single, integrated agent that can be administered from a central management console. The goal is to increase endpoint protection while eliminating the administrative overhead and costs associated with multiple security products.

“The buyers should be looking for Comprehensive Security including dedicated Web threat protection, virtualization and extended platform support along with ease of management while selecting an Endpoint Security solution.” Amit Nath, Country Manager, India & SAARC, Trend Micro

Generically quantifying the TCO for an enterprise security solution is not an easy task, especially without knowing the specifics of a customer’s environment. It is however possible to identify those elements contributing to TCO—besides the license and renewal cost. These are mainly around deployment, management and support of any given solution. When looking at the support-aspect of TCO, two things are important: How easily can the local administrator drill down on issues and how well is the vendor’s support organized to help him. For example, if a solution provides central logging, in that case, log Information from the managed clients is forwarded to the central management server. So when a problem shows up on the products status summary page, he can easily drill down to the individual endpoint reporting that problem and use log-information to identify the issue, without having to physically touch the machine or involving the user.

ROI can be achieved in hours or days as multiple and blended threats are increasing on an hourly basis and frequent automated updates ensure that no part of the network is left unprotected. A delay of even an hour can bring the whole network down. With targeted attacks and unknown threats emerging rapidly the ROI is achieved every time the pc is protected and this is the fact that every second is important for the user to be protected as there is no particular time for the threats to emerge, its in fact a proactive protection which is to be looked at.

The duration till complete ROI is achieved mainly depends on the exposure to threats—and that is increasing in virtually any scenario. A single infection spreading through the network or a single event of confidential and sensitive information leaking to illegitimate third parties can bring instant ROI. In any case, Endpoint Security today no longer has the image of an insurance-type of investment.

Conclusion

—By: 'InfoSecurity' Bureau.