Entries Categorized as 'Endpoint Protection Platform'
by Neil MacDonald | March 16, 2013 | Comments Off
The idea of “sandboxing” potentially malicious content and applications isn’t new but interest in this type of approach on Windows desktops is growing. Further, the increasing variety of virtualization and abstraction techniques available on Windows create isolation that can be used to provide security separation – aka “sandboxing”. Given the innovation around virtualization techniques [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Virtualization Virtualization Security Tags: APTs, Beyond Anti-Virus, Browser Security, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Virtualization, Virtualization Security, Whitelisting, Windows
by Neil MacDonald | January 31, 2013 | 1 Comment
Seriously, is anyone surprised? I’m sure you’ve seen the news about Chinese infiltration at the New York Times: http://www.nytimes.com/2013/01/31/technology/chinese-hackers-infiltrate-new-york-times-computers.html According to the article: Over the course of three months, attackers installed 45 pieces of custom malware. The Times — which uses antivirus products made by Symantec — found only one instance in which Symantec [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Tags: APTs, Best Practices, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Whitelisting
by Neil MacDonald | September 13, 2012 | 3 Comments
I blogged about this question years ago, but a recent blog on CSO got me thinking once again. Has anything changed? Thoughts: 1) The question “Has antivirus outlived its value?” is wrong. AV hasn’t been AV for years. Gartner stopped calling the market “AV” back in 2006. Modern Endpoint Protection Platforms (EPP – the term [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Next-generation Security Infrastructure Windows 8 Tags: Adaptive Security Infrastucture, Apple, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Information Security, Microsoft, Microsoft Security, Windows
by Neil MacDonald | September 29, 2011 | 2 Comments
I’ve made it a point over the past 6 months to ask clients if they are combining their endpoint protection platform contracts across desktops, laptops and servers. In most cases (about 75%), the answer is yes – contracts are being combined in order to reduce complexity and costs. Is protecting a desktop different than a [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Next-generation Security Infrastructure Tags: Adaptive Security Infrastucture, Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Lockdown, Next-generation Security Infrastructure, Reducing Complexity, Reducing Cost, Windows
by Neil MacDonald | August 23, 2011 | 2 Comments
Run more of your Windows users without administrator rights. I’ve talked about this several times before – including here, here and here. While it may not be feasible to remove administrator rights from all users, it is an absolutely achievable goal to continue to improve the percentage of Windows users running without administrator rights year [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Microsoft Security Windows 7 Tags: Best Practices, Beyond Anti-Virus, Endpoint Protection Platform, Lockdown, Microsoft Security, Security No-Brainer, Windows
by Neil MacDonald | August 22, 2011 | 3 Comments
I’ve had two discussions with clients today already on the role of full drive encryption ( FDE technologies such as Microsoft’s BitLocker, McAfee Total Protection, Sophos/Utimaco, Symantec PGP, Check Point, Trend/Mobile Armor etc) for fixed desktops. Full drive encryption should be considered mandatory for laptops and most organizations have implemented this – either with Windows [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Windows 7 Tags: Beyond Anti-Virus, Defense-in-Depth, Endpoint Protection Platform, Microsoft Security, Windows
by Neil MacDonald | August 4, 2011 | Comments Off
Licensing changes for Microsoft’s enterprise endpoint antimalware protection solution that were announced in March at Microsoft’s MMS conference take affect this month. If you are licensed under Microsoft’s Core Client Access License program, it now includes CALs for Forefront Endpoint Protection. For many organizations that are already licensed under Core CAL, this means that FEP [...]
Category: Endpoint Protection Platform Microsoft Microsoft Security Windows 7 Tags: Apple, Endpoint Protection Platform, Microsoft, Microsoft Security, Windows
by Neil MacDonald | June 9, 2011 | 1 Comment
On 3 June 2011, RSA, the Security Division of EMC, confirmed that Lockheed Martin had proof that hackers attacked its network partly by using data stolen in a March 2011 attack on RSA. Subsequently, on 6 June 2011, RSA announced a program to replace customers’ RSA SecurID one-time password (OTP) authentication product tokens We’ve updated [...]
Category: Application Security Endpoint Protection Platform Information Security Tags: Best Practices, Defense-in-Depth, Endpoint Protection Platform, Information Security, Security-Summit-NA
by Neil MacDonald | May 17, 2011 | 1 Comment
I’m having lots of discussions with clients on Microsoft’s new Forefront Endpoint Protection offering that was released in December of 2010. In addition to recent licensing changes, the biggest change over the pervious release (formerly called Forefront Client Security) is the change out of the management, policy and reporting infrastructure underneath to be based on [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Information Security Tags: Beyond Anti-Virus, Endpoint Protection Platform, Information Security, Microsoft Security, Reducing Complexity, Reducing Cost, Security-Summit-NA, Windows
by Neil MacDonald | May 4, 2011 | Comments Off
In discussions with clients, I still run into some confusion on whether or not removal of administrator rights constitutes “lockdown”. Perhaps this was the case a few years ago with older Windows applications and Windows XP, but this is not the case today with Windows 7. For example: Standard users can install and execute well-written [...]
Category: Beyond Anti-Virus Endpoint Protection Platform Microsoft Security Windows 7 Tags: Apple, Beyond Anti-Virus, Endpoint Protection Platform, Lockdown, Microsoft Security, Security-Summit-NA, Whitelisting, Windows
