Endpoint protection definitions not updating
Thus, a firewall may be as simple as a router with access lists or as complex as a set of modules distributed through the network controlled from one central location.The virtualized network poses challenges to network management systems -- and as more hardware components become virtualized, that challenge becomes even greater.With the recent spread of e-mail viruses, antivirus software at the mail server is becoming increasingly popular.The mail server will automatically scan any e-mail it receives for viruses and quarantine the infections.These are very common attack vectors, simply because you may harden a computer system as much as you like, but the weak point still remains the user who operates it.As crackers say, "The human is the path of least resistance into the network." Host-based IDS: These systems are installed on a particular important machine (usually a server or some important target) and are tasked with making sure that the system state matches a particular set baseline.
The firewall protects everything "behind" it from everything in "front" of it.
Therefore, you can allow your browser and mail client, but if you see some suspicious program trying to access the network, you can disallow it.
This is a form of egress filtering or outbound traffic filtering and provides very good protection against Trojan horse programs and worms.
Everyone is familiar with the desktop version of antivirus packages like Norton Antivirus and Mc Afee.
The way these operate is fairly simple -- when researchers find a new virus, they figure out some unique characteristic it has (maybe a registry key it creates or a file it replaces) and out of this they write the virus "signature." The whole load of signatures for which your antivirus software scans is known as the virus "definitions." This is the reason why keeping your virus definitions up-to-date is very important.