As a strategic imperative, security is near the top of every CTO’s priority list. However, each new product and technology that comes to market is accompanied by new jargon and terminology – some of which are more important than others. The concept of an Endpoint Security Console is one concept that is worth understanding – as it could have a profound impact on your security posture.
Like an antimalware console – but better
Perhaps the best way to understand an Endpoint Security Console is to compare it to something you already know. Consider your antimalware defences which have a centralised console that provides oversight of your connected devices. At a glance you can see which endpoints are running outdated signatures, and which machines have been quarantined to contain infection – and you have the ability to deploy remote updates with a mouse click.
An Endpoint Security Console is similar – but with much more functionality. You can still see and control antimalware settings, but you also gain granular oversight of your security posture on every connected device – desktop, server, virtual machine and mobile device. You can submit suspicious files for analysis, scan devices for malware remotely and create exclusion rules if the test is returned ‘clean’.
Prevention, detection and response
While antimalware is primarily concerned with prevention, an endpoint security console like ESET PROTECT covers the entire security lifecycle – including detection and response. From a single pane of glass, you can pre-determine responses to security risks – and automate your response when an anomaly is detected. Automation significantly reduces threat by accelerating response times. Better still, you can automate updates and patch installation to ensure all endpoints are properly secured against compromise.
Like Active Directory – but for security
An endpoint control panel allows you to group and classify endpoint devices according to any criteria of your choosing. These groups can then be used to create and apply security policies, settings and even full disk encryption.
Hosted on-premise or in the cloud, the endpoint control panel automates device discovery. In the case of ESET PROTECT, devices are inventoried to provide granular insight into your IT estate. You can see software installations, versions and hardware component data – so you know the exact status of your devices and can upgrade accordingly. ESET PROTECT is also vendor agnostic, inventorying Windows, Mac OS and Linux endpoints as well as mobile devices.
A Swiss Army Knife console
Built for security management, an endpoint security console has plenty of use cases. Many of the issues of non-persistent hardware deployments (such as VDI) can be solved by including an agent in the software image. This will ensure that every subsequent session has its own unique, accurate record in the security console and that security controls are always applied correctly.
Total visibility of software and versions allows the IT team to define rules regarding new installations. Should a machine break one of these rules, such as a user installing new software, ESET PROTECT will prevent the new install and alert the user to their infraction.
An endpoint security console is versatile, effective and powerful. To learn more about ESET PROTECT and what it offers your business, please give us a call.