Quiz Entry - updated: 2026.07.14
What are endpoints, why are they vulnerable, and what is the modern approach to protecting them?
Endpoints are hosts like laptops, desktops, servers, phones, and BYOD (Bring Your Own Device) devices. They're vulnerable because users interact with email and web — the primary malware vectors. Modern protection combines NAC (Network Access Control), AMP (Advanced Malware Protection), ESA (Email Security Appliance), and WSA (Web Security Appliance).
Why endpoints are the weakest link:
- Users open phishing emails, click malicious links, download infected files
- BYOD means personal devices with varying security levels connect to the corporate LAN (Local Area Network)
- Traditional antivirus alone is no longer sufficient against advanced threats
Traditional endpoint protection:
- Antivirus / antimalware
- Host-based firewalls
- Host-based Intrusion Prevention Systems (HIPS)
Modern endpoint protection stack:
| Solution | What It Protects Against |
|---|---|
| NAC (Network Access Control) | Unauthorized device access — checks compliance before granting network access |
| AMP (Advanced Malware Protection) | Zero-day malware, file analysis, retrospective security (can recall files later found to be malicious) |
| ESA (Email Security Appliance) | Email-borne threats — blocks known threats, remediates stealth malware, discards bad links |
| WSA (Web Security Appliance) | Web-borne threats — URL (Uniform Resource Locator) filtering, malware scanning, application control, acceptable use policies |
Tip: Think of it as layers: NAC controls who gets on the network, ESA filters what comes in via email, WSA filters what comes in via web, and AMP catches anything that slips through.
Go deeper:
Endpoint security (Wikipedia) — the shift from plain antivirus to EPP/EDR.