Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Endpoint Security: 6 Questions To Ask Before You Buy: Page 5 of 8

  • The next issue is how you will manage and deploy the protection software on your desktops. If you have a higher percentage of guest workers (say more than ten percent), have partners or contractors that own their own computers, or have remote workers that don't come into your headquarters' office, then you won't be able to reach out and touch those PCs easily. If you push out software updates and have a tight control over your desktop PCs, then you can more readily install software agents to do the health assessment and remediation. .

    There are three basic types of agents that potentially can be used by each appliance:

  • A "thick" agent that is permanently installed executable file on each endpoint PC,
  • An on-demand agent that doesn't persist beyond the period of time that a PC is connected to your network, typically delivered by a browser session or part of the network login process, and
  • An agentless solution that doesn't place any software on the endpoint, but operates with something that already exists on the PC.

    The problem is that the software agents that root out the dirty work are very specific in terms of browser version and operating system, and some require initial administrator rights to be installed on the endpoint. While most products support Firefox and IE browser versions, there are some exceptions, particular as you move away from Windows OSs.

    Microsoft's NAP is weakest in this area, particularly if you are still running versions of Windows prior to XP. Microsoft has promised agents for Windows XP SP2 and for Vista to support its Network Access Protection system. If you have older versions of Windows then you'll have to find third party agent suppliers. Both NAC and TNC have been designed for a wider support of Windows, Mac, and Linux endpoint operating system clients.