The endpoint protection solutions are: Cortex XDR (Currently sunsetting FireEye) – Modern anti-virus, threat detection and response. This blocks malware using both traditional signature-based and machine learning based engines. It enables Georgia Tech’s Security Operations Center (SOC) within Cyber Security to detect, quarantine, investigate, and mitigate system threats. Qualys – Vulnerability detection. This detects and reports software that is not patched and/or misconfigured to SOC. The endpoint management solutions are: SCCM/InTune – Windows endpoint and configuration management. Helps keep system parameters and software properly configured. JAMF – Apple endpoint and configuration management. Helps keep Apple system parameters and Apple software properly configured. Allows self-service installation of many GT licensed and other software tools. SaltStack – Endpoint and configuration management. Helps keep system parameters and local software properly configured for Windows, Mac, and Linux.

The endpoint protection solutions, Cortex XDR and Qualys, are required for all machines and the appropriate management agent is required based on the device type: SCCM/InTune for Windows, JAMF for Mac, and SaltStack for Linux.

GT-owned mobile devices and tablets must be enrolled in endpoint management and secured by encryption with PIN/password.

No. In order to apply patches and updates, the tools are run with administrator/root/system-level privileges. Like all GT systems and networks, these will be subject to the Georgia Tech Data Privacy Policy In particular, such access is only used for legitimate business purposes (e.g. to comply with legal requirements, maintain the security of GT networks, systems, and data, to diagnose and correct problems with system software or hardware, etc.). Please review the privacy policy for further details.

A series of knowledge base articles are shared on ServiceNow at Services.gatech.edu.