Endpoint security: not there yet

While the security industry comes up with more and more solutions enabling endpoint security (Cisco NAC, Check Point Integrity etc), I remain sceptical about the whole thing.

There are couple of reasons for that:

  • Strong authentication for users and systems is seldom used – so the fundamentals are missing;

  • Client system health and compliance checks run on the client – so the client is trusted for granting itself access, in a way;

  • I haven’t seen a solution that reliably denies transforming a connected client to a network bridge/gateway;

  • Switching and routing infrastructure is completely and entirely trusted;

  • Solutions that are on the market don’t feature great multiplatform support – support for your Windows Mobile, Symbian and Mac OS X systems is rather limited at best.

There’s one simple question that I like to ask my colleagues – at any point in time, can you tell me how many systems are connected to your IP network? (I define system as an instance of any operating system with IP stack) No one from enterprise-scale environment can. And if you are to implement an endpoint security solution, just ask yourself if you’re going to have the answer as a result of that. If not, then you’re going to have unknown endpoints – which, in my opinion, kills the idea.

Leave a Reply

Your email address will not be published. Required fields are marked *