A number of commercial endpoint policy management and enforcement systems manage network access control levels dynamically, using the results of scans or agent-based audits, allowing administrators to easily apply the same endpoint security requirements across many different types of network access methods including wireless, VPN/remote access and traditional LAN switches. Administrators can use these systems to display and verify many details about the endpoint configuration, including the registry settings, operating system and application versions, anti-virus signatures and running network services and processes. In addition to access control, these offerings typically support a variety of configurable endpoint remediation options, ranging from message pop-ups on the endpoint system to redirecting the user to a Web server to automated patching without any user intervention. This powerful combination of endpoint visibility and audit mechanisms, dynamic access enforcement and transparent remediation significantly reduces the chances that a rogue or infected PC will be able to compromise a production network through wireless (and other) links.

While all network topologies will benefit from policy enforcement technologies, wireless networks gain some of the most significant advantages. Even relatively simple checks – like verifying that the anti-virus process is up to date and running – can greatly reduce the chances of a virus or Trojan penetrating the wireless infrastructure. And an enforcement mechanism that requires all laptops to have critical patches, up-to-date and running anti-virus programs, no file sharing and encrypted storage for corporate documents will greatly reduce the chances of a laptop leaking sensitive data when connecting to the corporate network wirelessly from hotspots at an airport lounge or coffee shop.


Thus, the new wireless security paradigm starts at the endpoint, combining inspection and remediation tools with network-based dynamic access controls to let colleagues take full advantage of wireless network ease and convenience, while keeping competitors and other digital vermin out.