Endpoint Security- Stopping Malware and Other Threats

Mike John By Mike John, 30th Aug 2016 | Follow this author | RSS Feed | Short URL http://nut.bz/24xy8v3g/
Posted in Wikinut>Guides>Technology>Computer Software

To avoid the cybercrime threats and malware, you are required to deploy properly configured endpoint that offers more protection than antivirus.

Endpoint Security- Stopping Malware and Other Threats

To avoid the cybercrime threats and malware, you are required to deploy properly configured endpoint that offers more protection than antivirus. The properly configured endpoint security delivers you layered protection against the malware and other threats. Just follow the steps given below to reduce the threats of malware and infection.

Apply layered protection at the endpoint: You must enable the full-protection stack to protect your system against mutating malware, web-based attacks, drive-by downloads, unpatched vulnerabilities and suspicious file behavior. To gain maximum protection and efficiency, just turn on Network Threat Protection, Firewall, the Intrusion Prevention System (IPS), Insight, Antivirus, and SONAR.

Restrict the attack surface: To reduce the possible points of infection, you must restrict the applications and devices allowed to run and connect besides restricting the actions a system can perform. Highly sensitive or single-use endpoints (like point-of-sale, ATM or embedded) can considerably reduce the threats. By enabling the policies that reduce the attack surface, you can reduce the risk.

Improve default Symantec Endpoint Protection settings

You must improve the default settings of your Symantec Endpoint Security product. This will reduce the threats by just a few changes made in the settings
Browser plugins to be kept patched: The web-browsers, MS Internet Explorer, Adobe Reader, Flash, Acrobat etc are also vulnerable to attacks. Regularly apply the auto updates for each vendor or software distribution tools by installing patches as and when they become available.

Block P2P usage: The most vulnerable position of getting malware and other threats is hidden inside files shared on peer-to-peer (P2P) networks. You must generate and enforce a no-P2P policy, which includes home usage of a machine.

The simplest method for distributing malware is hidden inside files being shared on peer-to-peer (P2P) networks. Build and enforce a no-P2P policy, including home usage of a company machine. To enforce the policy at the gateway, use SEP’s optional Application and Device Control (ADC) component at your desktop.

Turn off AutoRun: You can prevent Conficker/Downadup and other network based worms by jumping from USB keys and network drives. For this, do not change company polices on Open Shares.

Apply all Operating System patches: Regularly apply operating system patches as soon as they are available. Most of the vendors like Microsoft and Apple release their hotfixes, endpoint management solutions and service packs to prevent known defects in their operating systems. Computers applied with manufacturer’s patches are not vulnerable to these threats.

More optional settings
• The enhanced security in Adobe Reader needs to be turned on.
• Narrow down the use of network shares (mapped drives) to bare minimum.
• Regularly review mail security and gateway blocking efficiency.
• Security content distribution schedule to be reviewed regularly.
• Install all SEP’s components.
• Employ application control rules to block specific threats.

Following above steps will avoid the cybercrime threats and malware to your network. Properly configured endpoint Security deliver you layered protection against any possible malware and other threats. These configurations provide more effective protection than antivirus software. Make your networks more secured than ever before.


Endpoint Mangement, Endpoint Security

Meet the author

author avatar Mike John
Sorry, this author hasn't written a bio yet.

Share this page

moderator Peter B. Giblett moderated this page.
If you have any complaints about this content, please let us know


Add a comment
Can't login?