Trusted End-Point Computing has emerged as a critical element in Enterprise IT security. As technologies such as network-based authentication, Anti-virus, and Intrusion Detection mature, it becomes obvious that the next threshold to cross is that of the state of the devices attaching to the network. In this model, the attributes of the device serve as additional credentials that allow a machine to successfully authenticate to the network. Common attributes today include OS patch level, AV .dat file version, and the presence of selected software components such as desktop firewall or IPS.
This system does not require that user-based authentication be in place, but it does complement user-based authentication implementations by combining the identity of the user with the state of the machine in the determination of whether, and to what degree, to provide network access.
Benefits / attributes of a Trusted End-Point Computing System include:
- Unified network access model for verifying the user, the machine, and the state of the machine
- Minimize network outages caused by worms and viruses
- Guarantee enforcement of predefined security policies
- Authentication Integration & Implementation
- Vulnerability Assessment
- Versatile levels of Enforcement
- Installation, Implementation, Tuning and Training