santiago silver - Fotolia
When it comes to picking endpoint detection, protection and management utilities, you have a lot of options, but comparing them can be difficult. Endpoint management tools don't line up neatly against one another, so you probably won't be able to do an apples-to-apples comparison.
Instead, you must identify key features and functions, and approach vendor claims with a healthy amount of skepticism. You must turn those claims into useful information and consider ease of deployment and use.
The endpoint management market has somewhat fuzzy boundaries, so the tools often come with features and functions similar to security management products. Such features include asset and software license detection, inventory and management components. These functions also deal with matters of governance, policy and control that have legal and financial implications.
The console's the thing
The central and unifying factor of all endpoint management tools is the console. It's usually some kind of Web-based interface that acts like a high-level dashboard. Most companies share similar concerns and desires for informative and easy-to-interpret displays, but no two companies are exactly alike. As a result, nearly all descriptions of what should appear on a console differ from one business to the next. This is also true from one branch or department to the next in companies large enough to span multiple constituencies, industries or customer bases.
Flexibility and customizability within consoles are key attributes. When you're evaluating endpoint tools it's essential to dig in and understand how you can configure each one's console to display key metrics, alarms and alerts. It's also important to know how that information may appear on a dashboard; it should be properly labeled and easy to understand.
Likewise, the data that appears as you drill drown into dashboard elements is important. Effective endpoint management involves filtering out raw information that you can safely ignore, but still prioritizing and focusing on the information you need. Data filtering mechanisms, selection rules and policies establishing event and value priorities all control what makes its way onto a dashboard's uppermost drill-down displays. The finer details are there for admins who need them, but those people aren't usually the same ones who must keep their fingers on the pulse and posture of endpoint security.
Endpoint management vendors tout the things their products or services can do well, and avoid highlighting weaknesses. As you're evaluating and selecting endpoint management tools, it's up to you to short-list or pilot-test products. This will give you a clear sense of what kinds of information about endpoints you and other admins will need to see, and then make sure candidate tools meet at least minimum console data handling, layout and display capabilities to match.
Who leads the endpoint management pack?
Gartner's technology research, especially the Magic Quadrant for the endpoint protection market can give you an idea of which products to consider. The Magic Quadrant ranks vendor tools in a specific market along two axes.
The key players in these rankings generally come from Quadrant 1 (top right), with judicious selections from other quadrants -- especially 2 and 4 -- often selected to round out the mix. These endpoint protection and management vendors are worth further consideration:
- Intel Security/McAfee Endpoint Protection
- Symantec Endpoint Protection
- Kaspersky Endpoint Security for Business
- Trend Micro Smart Protection for Endpoints
- Panda Security Adaptive Defense 360
- IBM Endpoint Manager
- Webroot SecureAnywhere Business Endpoint Protection
- LANDESK Security Suite
- Microsoft System Center Endpoint Protection
What's really important in endpoint management?
Ultimately what matters first and foremost in endpoint protection and management is providing end users with access to the data, applications, and services they need -- and are authorized to access or use.
Organizations that have to provide such access must always balance managing risk and limiting liability or exposure against unnecessary or unfriendly limitations to productivity and convenience. This is the fundamental conundrum inherent to information security in all of its many forms and manifestations.
The human aspect of security management should never be underestimated or ignored, either.
The best and most capable technology still needs to be buttressed and supported with careful and regular user security awareness training, whenever you onboard new users, and at regular intervals thereafter. Users who understand the security implications of what they're trying to use endpoints for, and under what circumstances, are far less likely to tax the capabilities and boundaries of any endpoint management tool.
Workplace evolution changes endpoint management
Endpoint management FAQ
Complete guide to endpoint management