End point Protection Solution:
Managing the End point is one of the key areas where security to be built strongly. As this is the entry point, arresting at this level would help and make our network stable. So Data at rest (end storage), data during motion (connectivity), data in use(end point) should be secured . Data in use is always more threat than others. In present scenario, end point does not mean only desktop, it includes mobile, tab, thin client etc. With boom in Social media sites, accessing internet has increased with treats and vulnerable. We should bring proper process, procedure with proper tools in place otherwise stopping shadow IT will be a tough task. In our Group we have deployed multiple products to defence this shadow IT at end point level like DLP, Antivirus with Anti spam, Encryption etc.
Mandatory Points to consider while deploying End point management solution:
- Before evaluating a product, we need to understand requirement clearly. To finalise the requirement, need to discuss with all stake holders and come to a proper requirement.
- Understand the license pattern properly like single user, multi user, O/S dependant etc
- Support mechanism like 24x7, gold support etc are the areas normally we need to be clear while evaluating a end point product.
- Updation of patches, versions should be decided as per our requirement like central management or distributed metho
- If you have more end points, you can explore the options of two products say region based. This will help in understanding and comparing. We can approach the solution provider with proper proof.
- It is obvious that once we discuss with the solution provider, solution would get change. Do not worry on that keep speaking to multiple vendors and try to get various options.
- Do not try to implement based on the deployment only through referenced customer. Their requirement would be varying from yours. However, do understand their solution, their deployment tasks and take whichever is related and proceed accordingly.
- Always keep the budget in mind. However if solution is good and budget exceeds, try to convince the CFO and get it approved.
- Negotiate strongly but do squeeze much. Vendor could agree the price but will compensate with a striped version or bring down the support level. Always try make as win -win strategy.
- Always ensure that logs are stored and find out how easy it to read during crisis. Management or auditor may ask for any period. Ensure that the product has options to store the entire log. It is must to store the logs for all security products.
- Also ensure that Central management option is available and proper dash board is available to monitor. Need to take remote and resolve the issue.
- As per our requirement in small branch offices, we have decided not to buy routers and use firewall instead as connectivity comes now in Ethernet.
- Ensure that any changes in the client level are getting notified in the central server as a log or an alert. Even it need not get triggered immediate; we need it to get stored in specified frequency.
- Always try to have a redundant setup so that if any failure, we can manage with the other one. Based on the budget we can plan for hot standby or warm standby. It can be either a equivalent model or a lower one based on the business requirement.
- Ensure that the policies we set should be quite simple and members in security team should understand. Try to avoid implementing more security policies on the appliances. There could be a chance of performance dip.
- We have ensured that proper password is protected in the client and the user should not have a option to remove the active agent.
- When we deploy a security solution, it is obvious that there could be a dip in the existing performance. Ensure that configuration of the endpoint has enough resource and find out difference between pre and post deployment. Try to have this feature as one of the major factor to decide.