some valuable Misc Endpoint Security Tools that can be used by anybody on any individual computer...
Endpoint security solutions protect your organization from known and unknown threats and enforce security policies
on laptops, desktops, servers and mobile devices that access network resources. Advanced endpoint protection tools
include anti-virus, anti-spyware, firewall, intrusion prevention and device control combined with network-independent
access control.
The Network Access Control (NAC) market is still creating standards, protocols, etc. It's starting to mature now that
most organizations are deploying mobile devices that extend the network boundaries. Because these laptops and
other devices connect to networks beyond the standard perimeter and then connect to internal resources, it is now
more important to ensure they don’t bring unwanted malware from outside networks (such as Internet) into the
organizational LANs. Below are a few links that try to define NAC, but there is still some dispute as to what truly
represents best practices and technologies to enforce security policies on mobile platforms…
What is endpoint security?
Why endpoint security?
Endpoint security organization (Endpointsecurity.org)
NAC Defined
NAC Analysis
TechTarget Definition (opening ad?)
NAC Standards White Paper (Juniper Networks, June 2006)
_______________________________________________________________________________________________
Why endpoint security?
Endpoint security organization (Endpointsecurity.org)
NAC Defined
NAC Analysis
TechTarget Definition (opening ad?)
NAC Standards White Paper (Juniper Networks, June 2006)
Misc Endpoint Security Tools
Sophos Endpoint Assessment Test (Free scan to assess your security)Sophos Security Scans (Free, scan either a single computer or many networked computers for malware, etc)
DumpSec (SomarSoft's security auditing program used for Microsoft Windows computers so that holes in system security are readily apparent)
Identity Finder (discovery tool for home or business users that searches individual computers for personal data such as credit card info, SSNs, etc)
Free Download (Windows-based; how it works)
License (Terms of use)
Review (Computerworld.com)
Index.dat Analyzer (View, examine and delete contents of index.dat files; hidden files on your computer that contain all tracks of your online activity)
Free Download (Download.com; view and delete the content of files that contain references to cookies, browser history and cached pages)
HashCalc (Check file integrity by comparing hash values of two files to see if they are identical; offers a choice of 13 popular hash and checksum algorithms)
Free Download (Download.com)
Tripwire (powerful configuration assessment and change auditing solutions that let IT gain configuration control of the entire IT infrastructure)
Open Source Tripwire (security and data integrity tool useful for monitoring and alerting on specific file changes on a range of systems)
_______________________________________________________________________________________________
Computer Forensics
SANS Forensics Community (courses, events, certification, links, blogs, whitepapers, etc)SANS SIFT Workstation (download requires SANS portal account)
EnCase Forensic (gives investigators the ability to image a drive and preserve it in a forensic manner; a digital evidence container validated by courts worldwide)
EnCase Defined (including countermeasures)
_______________________________________________________________________________________________
Enterprise Endpoint Security & NAC Products
Check Point (Excellent solution)(Haven't personally tested products below)
Cisco Network Admission Control
eEye Digital Security
McAfee NAC & IntruShield IPS
Sophos Endpoint Security & Control
Symantec Endpoint Security
_______________________________________________________________________________________________
Device Control Data Disposal