Trellix logo
Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

Gartner Marketplace Guide (XDR)
Gartner® Report: Market Guide for XDR

As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."

Trellix Launches Advanced Threat Research Center
Trellix Launches Advanced Research Center

Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.

The Threat Report - Summer 2022
Latest Report

Our Summer 2022 threat report details the evolution of Russian cybercrime, research into medical devices and access control systems, and includes analysis of email security trends.

Trellix CEO
Our CEO on Living Security

Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.

What Is Endpoint Management?

Endpoint management is the practice of authenticating and supervising the access rights of endpoint devices to a network and applying security policies that prevent any external or internal threats posed by that access. Network owners typically use endpoint security management software to:

  • Restrict access to the network for only authorized endpoint devices and its users, either on premises or over a broader network (e.g., a wide area network or the internet).
  • Apply and monitor endpoint security policies throughout the entire network with small software apps on each managed device (agents).
  • Enable security administrators to manage these devices and processes from one central console or application.

PCs, laptops, tablets, and smartphones accessing networks either on premises or over remote/internet connections are the most prevalent devices that require endpoint management. Specialized endpoint hardware and embedded software is also used to secure and manage internet of things (IoT) devices, such as remote sensors and industrial controls. Worldwide, there are billions of endpoints on enterprise, internet, intranet, and mobile networks. Also, it's common for one user to access networks over multiple devices—a PC at the office, a laptop or tablet on the road, and a smartphone from pretty much anywhere. The more endpoint devices an organization has deployed, the greater the need to manage them all.

Endpoint management policies


The first task for securing endpoints is assuring that only authorized devices and users can connect to the network. Typically, this entails setting up username and password authentications on approved devices so that authorized members of the network can log in and perform work.

In many organizations, due to the large volume of endpoints and wide range of permission rights for users, setting each device individually is not practical. This develops the need for endpoint security management policies. Management can decide which permissions, and even what types of devices, can use the network. With endpoint security management policies, administrators can efficiently grant (or deny) specific rights on the network, restricting which areas, workloads, and applications the user can access. For example, sales department users need access to lead generation applications, the order tracking system, internal communications, etc. By setting and creating a sales security policy template, security administrators can use endpoint security management software to set up and monitor many devices—including multiple allowed devices—for every user in the sales group. As changes are made in the network, administrators and security managers can modify policies and distribute changes to all group members.

Because protecting access to the network is increasingly important, and passwords can be hacked, endpoint security management can also entail embedding device-specific tokens (e.g., encrypted software-based IDs) onto devices to ensure the device (and its user) are authentic and authorized. Biometrics such as fingerprint and retina scans, especially with smartphones, are also used widely.

However, secure login is only the first step in endpoint security. Once users gain access to the network, their activities and their devices pose an ongoing security concern. After a successful, authorized network login, endpoint security software steps in to provide protection.

Endpoint security software and endpoint management


Endpoint security and endpoint security management function best when they work together. Endpoints are work tools and network interfaces, and as such, they constantly create and exchange data. Each change on either the endpoint device or the data it accesses on any network is a potential threat to security. It’s the function of endpoint security software to analyze and vet all changes and movement of data, scan for malware and viruses, and apply patches and updates where needed.

Endpoint security management should coordinate and prioritize updates, consolidate, and communicate monitoring alerts and reports, and provide unified security services through a single console.

While endpoint security software does the grunt work of detecting and protecting endpoints and the network from threats, endpoint security management unifies, simplifies, and strengthens an organization's overall security posture and daily threat preparedness. Organizations that deploy endpoint security management typically realize the following benefits:

  • Faster response and mitigation of security threats
  • Rapid deployment of the latest security features and technology
  • Enhanced security communication across the organization
  • Lower costs, yet tighter security
  • Pathway to future enhancements and automation

Because of the rapid advances in security software and IoT deployments, to provide even greater benefits, endpoint security management systems based on an open architecture provide the best platform for the future.