LATEST INTELLIGENCE
details the core requirements to help you navigate your enterprise
endpoint protection solution analysis, and it provides a solution
questionnaire to help you with your evaluation process.
A multi-layer approach to endpoint security
One successful malware infection provides the foothold
cybercriminals need to steal your organization’s sensitive data.
Protecting the corporate endpoint is not achieved by a single “silver
bullet” or next-generation technology.
Anti-malware techniques each have their own capabilities that add
value in detecting an infection attempt. But one technique, alone,
does not deliver effective results. Attackers use multiple vectors to
deliver a successful attack; securing the endpoint requires multi-
vector protection.
Your endpoint security solution must have multiple layers of
protection with a mix of static and dynamic approaches. Each
layer has its positive attributes and shortcomings, which is why no
individual layer is 100% effective on its own.
Your endpoint solution must have a mix of layers that work together
as a collaborative system. This approach delivers the most effective
protection, and often detects and stops zero-day attacks.
Known attack detection
A solution’s “known attack detection” layer blocks malware quickly
and with low overheads. This is done with matching (i.e., signatures)
and rules-based technologies. Despite some claims that signatures are
outdated and ineffective, they have their place in a multi-layer process.
Signature-based detection is a lightweight method to protect
against common attacks with minimal resource processing and
administration requirements. Signatures are good at stopping the
bulk of the less sophisticated attacks, and they do so with minimal
processing and end user impact. n
Download whitepapers free from www.intelligentcio.com/me/whitepapers/
www.intelligentcio.com
INTELLIGENTCIO
23