Endpoint security is another part of a layered approach to an enterprise ’ s security posture.
I ’ ve talked about network security a great deal in this book, but there ’ s also the need to
secure hosts. With the multitude of threats that exist today, there ’ s always the chance that
a host can be infected by a virus or a user might inadvertently download malware from a
website. Many other types of host threats exist.
The enterprise network used to be an entity with a hardened security perimeter around it and
that was it. But today ’ s network is used by telecommuters, business partners, and wireless users.
This network needs demilitarized zones (DMZs). In other words, the perimeter is everywhere
and nowhere, all at the same time. So there needs to be a way to secure the host as well as the
network. This is where endpoint security comes into play.
Cisco has a number of security elements, as shown in Table C.1, which are geared to
protect the host device.