Download Security Monitor Pro 4.19

In the early 2000s, there was the first battle for the endpoint. IT departments everyhere were completely unprepared for the rapid spread of malware such as SQL Slammer and Code Red. This lead to an explosion of antivirus and personal firewall products.

Ultimately, the winners were those that outlasted their competitors. Symantec, McAfee, and TrendMicro all rose to prominence during this time. Microsoft even managed to field an endpoint security product to surprising success (and unsurprising implosion.)

Endpoint IDS/IPS also became a viable product at this time as well. All the big players rapidly acquired innovative companies. McAfee acquired Entercept, Symantec acquired Sygate, Cisco acquired Okena, and my beloved BlackICE agent would find home at ISS (ultimately IBM). These acquisitions were spun into endpoint security suites that sold like crazy. New companies rushed into the space as well, such as Eset, Sophos, and Kaspersky. Everybody had an endpoint security suite with new features, such as encryption, application control, and data-loss prevention getting added constantly.

However, the fall out was coming. By 2008 pundits were saying “anti-virus” is dead, and really meaning it. However, the fall of the endpoint was not a failure of performance, capability, or accuracy as many believe.  Rather, it was more mundane.

Fall of the Endpoint Security Suite

The troubles with endpoint security is rooted in a single fact: managing endpoint agents is an epic headache. For a large enterprise, managing tens of thousands of endpoint agents is not merely difficult, it is a miserable time suck of non-stop support tickets and tinkering. Endpoint agents are demanding monsters. They require perpetual care and feeding, and the the slightest misstep can crash desktops and bring the entire enterprise to its knees.

Such was the case with of 2010. An error in the virus signature updates crashed Windows desktops, requiring manual clean up. This left numerous large enterprises paralyzed while technicians raced around to cleaning up affected systems.

That event (and others) galvanized the opposition to the endpoint. If a product required an endpoint agent it would be mercilessly removed from the shortlist. This fever got so hot, that by 2011 companies were regularly promoting their “agentless” capabilities. While companies were resigned to anti-virus being an annoying must-have, they were not going to add anything else the mix.