Cyber Security Institute

§ Current Worries

Top 3 Worries

  • Regulations
  • Old Firewall Configurations
  • Security Awareness

§ Listening

For the best information

  • The underground
  • Audible
  • Executive Excellence
  • Music (to keep me sane)

§ Watching

For early warnings

  • 150 Security Websites
  • AP Newsfeeds
  • Vendors

Tuesday, July 12, 2005

What is Endpoint Security?

Endpoint security is something that many IT professionals think they have, though few can agree on what it is.  According to a recent study by research firm IDC, the confusion over endpoint security is leaving enterprises open to attack from destructive malicious sources.

Almost 65 percent of respondents to the survey indicated they have an endpoint security solution in place.

Allan Carey, program manager of security and business continuity services at IDC, said survey participants’ definitions of endpoint security ranged from secure devices to firewalls and security policies.  “One of the most surprising findings was the amount of confusion over what endpoint security means,” Carey told  “Depending on their perspective, IT or business, endpoint security took on different flavors of how to control the issue.” 

“IDC defines endpoint security as centrally managed client security and likened it to a 21st century digitized watchdog protecting users from “a cesspool squirming with destructive technological deviants.” 

But security vendor Check Point, which owns personal firewall application vendor Zone Labs, has a related but somewhat different definition.  Rich Weiss, Check Point director of endpoint product marketing, explained that the term “endpoint security” means centrally managed personal firewall-based security and that it was popularized by Zone Labs in 2001. 

“More recently, the term has become so popular that others are putting their own spin on it, and some organizations such as IDC include anti-virus in the definition,” Weiss told  “However, we believe that personal firewall-based security and anti-virus are still distinct markets.  The original definition of endpoint security created by Zone Labs is still valid.”

Network risks have changed since 2001, though, and Check Point has expanded its definition.

“To meet the definition of a complete endpoint security solution today, a product must have a mature, proven network access control capability,” Weiss said.  “Considering that the penetration of antivirus in enterprises is virtually 100 percent, IDC’s numbers make sense if you mix them with pure endpoint security adoption rates,” Weiss explained. 

“We agree that anti-virus is effective at addressing threats that have been in the wild for a while.  Organizations voiced their concern for point products trying to solve the problem, when a more comprehensive solution is required consisting of processes, policies and end-user awareness, in addition to technology,” IDC’s Carey said.

Posted on 07/12