Endpoint

"Endpoint" distinguishes user devices from network infrastructure (switches, routers) and servers. The term is particularly prevalent in security, where endpoint protection — antivirus, EDR, MDM policy enforcement — is a distinct discipline from network security.

Every endpoint is a potential entry point for attackers: a phished credential, a malicious download, an unpatched vulnerability. EDR (Endpoint Detection and Response) provides behavioral monitoring and response capabilities on each device. MDM enforces security policies: disk encryption, screen lock, patch status, VPN requirements.

The shift to remote work expanded the endpoint security challenge: devices now operate outside the network perimeter, on untrusted networks, without the protection of on-premises firewalls and filtering. Zero Trust treats each endpoint as potentially compromised regardless of network location — verifying device health at every access request rather than trusting based on network position.

In infrastructure terms, endpoint count drives switch port planning, network addressing, access-control rollout, and PoE power budgeting.