Patent attributes
A system and a method enhance endpoint security of a computer network. The system and method generate security assessments of hosts on quarantined and non-quarantined networks. Based on the generated security assessments, secure hosts are connected to the non-quarantined network and non-secure or vulnerable hosts are connected to the quarantined network. A remediation engine assists with fixing vulnerabilities of the hosts on the quarantined network. Endpoint security agents, security scanners, and remediation engines that carry out the foregoing functions reside on each of the quarantined and non-quarantined networks on hosts that are different from the target hosts. Under such an architecture, the endpoint security system can advantageously be operating system agnostic and can provide complete and powerful endpoint security for targeted hosts without being installed on each individual targeted host. Alternatively, endpoint security agents, security scanners, and remediation agents can reside partially or wholly on one or more target hosts.
