Endpoint Security Management

To protect the endpoint devices in the University, a mix of security protection solutions are now in place which includes the anti-virus engine (AV), advanced threat protection agent (ATP), and network firewall. 

The anti-virus engine protects the endpoints against known viruses that are detected by the file and network traffic signatures; while the ATP agent defends against complex malware or hacking attacks that target sensitive data within an organization by setting baseline behaviours and usage.  As such, zero-day attacks can be identified and mitigated at the earliest possible time.  This solution anonymously and continuously collects and analyse the behaviours collected from the endpoint and other network security devices in order to establish the baseline endpoint usage and network traffic pattern.  The solution can therefore detect and report security outbreaks by correlating abnormal events that deviate from the baseline behaviour and usage.

The network firewall, on the other hand, disallows unwanted network traffic within and out of the campus network so that external attacks to the endpoint devices can be eliminated.