The end-point protection technique can be elaborated this way. It helps a company defend against Internet-based breaches and data losses. It provides barriers against malware, data loss, and theft and mitigates network intrusion. The type and number of endpoints, how it is hosted – on-site, in a virtualized environment, or the cloud, the management tools required whether it is on-site, remote, or mobile, its performance expectations and support determine the choice of vendor for the endpoint protection. Reviewers of endpoint protection technologies indicate that the size of a company does not matter to the endpoints being protected. Also, endpoint protection typically scales to hundreds or thousands of endpoints. An endpoint device is an Internet-capable computer hardware device on a TCP/IP network with an address and port that clients can connect. This can be any web service or application of any size that can be reached over say HTTP or HTTPS. The devices hosting the applications can be cloud-based servers, on-site web farms, desktop computers, laptops, smartphones, tablets, thin clients, printers, or other specialized hardware such as POS terminals and smart meters.
Policies are associated with endpoints and these are managed as network rules and firewalls within an organization. A system administrator may divide the network, secure access via firewalls, disable ports, and establish static rules to prevent undesirable access to devices hosting endpoints. One of the techniques used to protect endpoints is an HTTP proxy. As a man in the middle, it does not require any invasion of the server offering the services and can perform the same mitigations that could have been taken on the said server. This proxy monitors and measures incoming traffic to the advantage of services behind it. The proxy can not only support relay behavior but also filtering. They support the promiscuous mode of listening. Proxies can also be forward or reverse where the former helps with anonymity in that it retrieves resources from the web on behalf of the users behind the proxy. A reverse proxy is one that secures the resources of the corporate from outside access. A reverse proxy can do several things such as load-balancing, authentication, decryption, or caching. SSL acceleration is another option where this proxy enables hardware acceleration and a central place for SSL connectivity for clients.
No comments:
Post a Comment