1. Field of the Invention
Embodiments of the invention relate to endpoint security of a computer network.
2. Description of the Related Art
Computer networks can be susceptible to a number of security flaws or vulnerabilities. Such vulnerabilities include, for example, open ports, rogue applications, trojan horses, backdoors, viruses, and worms. If they are not remedied, these vulnerabilities can harm individual computers on a computer network, such as by causing lost or corrupted data or by allowing access to unauthorized users. Additionally, a vulnerability on one computer can damage another computer on the same network. For example, an unauthorized user can sometimes exploit the vulnerability of one computer on a network in order to gain access to other computers on the network, or, in some cases, even to the entire network. Furthermore, many vulnerabilities, such as viruses and worms, tend to spread from one computer to another on a network. In light of the foregoing, the risk that security breaches will occur on a computer network increases as more hosts with security vulnerabilities are connected to the network.
Endpoint security focuses on reducing the risk that non-secure or vulnerable hosts will harm other hosts on a computer network. One way to reduce that risk is to fix vulnerable hosts, such as, for example, by using virus scanners to detect and remove viruses. Another way to reduce that risk is to restrict the access that vulnerable hosts have to other computers on a computer network. A number of tools exist to assist network administrators to maintain endpoint security on a computer network.