Endpoint security is an approach to network protection that requires each computing device on a corporate network to comply with certain standards before network access is granted. Endpoints can include PCs, laptops, smart phones, tablets and specialized equipment such as bar code readers or point of sale (POS) terminals.
Endpoint security systems work on a client/server model in which a centrally managed server or gateway hosts the security program and an accompanying client program is installed on each network device. When a client attempts to log onto the network, the server program validates user credentials and scans the device to make sure that it complies with defined corporate security policies before allowing access to the network. Required elements may include an approved operating system, a VPN client and anti-virus software with current updates. Devices that do not comply with policy are given limited access or quarantined on a virtual LAN (VLAN).
Simple forms of endpoint security include personal firewalls or anti-virus software that is distributed and then monitored and updated from the server. The term is evolving, however, to include intrusion detection with behavior-blocking components that monitor devices and look for actions that are typically initiated by rootkits. The term endpoint security is also being used in association with anti-virus in the cloud. In this software-as-a-service (SaaS) delivery model, the host server and its security programs are maintained remotely by the vendor.