DISA has recently “rebranded” HBSS (Host-Based Security System) into a new suite, Endpoint Security Solutions (ESS), which adds new capabilities on top of the existing HBSS commercial, off-the-shelf (COTS) Endpoint Security software that the Department of Defense uses to monitor, detect, and defend IT assets and systems.  Like HBSS, McAfee developed this system using the ePolicy O rchestrator (ePO) management engine.

Endpoint Security is a multi-point product designed to meet known intrusion points, discover gaps, and reduce the likelihood of unauthorized device and network access. 

Leading point products include:

  • Endpoint Security (ENS)
  • Asset Publishing Service (APS)
  • Asset Configuration Compliance Module (ACCM)
  • Data Loss Prevention (DLP)
  • Policy Auditor (PA)
  • Rogue System Detection (RSD)
  • Threat Intelligence Exchange TIE/Data Exchange Layer (DXL)
  • McAfee Application and Change Control (MACC) 


Protecting Your Network

At the Endpoint Security Solutions center is a data monitoring, analytics, and protection capability that provides administrators and select teams access to real-time asset status and reports, plus centralized configuration and management tools that enable your organization to react quickly.

The Endpoint Security suite of products is designed to actively protect your network assets from theft, manipulation, or loss from internal or external threats. The centrally-managed server allows staff to deploy, update, configure, and manage the suite of products remotely and discreetly across your network.


Our Expertise

ESS support is a core requirement for any SIPRNet environment, and to maintain a passing grade for your CCRI. ESS is a powerful tool that significantly reduces risk and protects core assets by safeguarding network assets. However, managing this tool and/or integrating the new FRAGO 6 requirements can be complex and costly.

Our team of experts work side-by-side with a variety of agencies who utilize Endpoint Security and its many components. We design our efforts to identify risks that ESS can mitigate or detect, and help you determine the best implementation policies and plans to maintain the delicate balance of maintaining a secure network while maximizing daily organization operations. We also provide on-the-job ESS training that will make your staff members subject matter experts for this enterprise tool.

Together, we can build a strategy that optimizes your assets, budget, and personnel to employ Endpoint Security in a way that gives you today’s leading cyber threat protections on your most prolific devices. Collectively, our team has many of the foremost certifications in the industry.

Our team can help you make sure that you are compliant with DISA OPORD 16-0080 for Endpoint Security (effective January 9, 2017) and FRAGO 6 (effective September 30, 2021).

Implementing ESS

Here at SecureStrux, we work with our clients to ensure that they get the best result for their individual needs. We offer services for:

Project Support

Training — One of our subject matter experts (SMEs) will provide onsite or virtual ESS training for your team to educate and mentor them on ESS.

HBSS Setup & Implementation — One of our highly qualified SMEs will work for a set period of time to help you implement and enhance your ESS configuration.

Embedded Defense Support Plan

A Subject Matter Expert (SME) will join your team for a set number of weeks per month or year, to reinforce your team and help you maintain your compliance and enhance your cyber hygiene. This is often done in conjunction with our Embedded Defense Support Plan, where we will also provide support for ACAS, Engineering, and other technical areas to support your team.

Staff Augmentation

For an extended period of time, an SME will come to your site and work on implementing, monitoring, and managing your Host-Based Security System for an extended period of time. This plan ensures you have constant support for your Endpoint Security. The Endpoint Security Technology consists of Managed Assets/Endpoints Configuration, Security Requirements, Source of Requirements, and User’s operational needs. This technology is ever-changing and evolving. Our SME will keep your organization apprised of and prepared for all such changes and enhancements in an efficient on-site or remote training.

Utilizing the full suite of Endpoint Security point products allows government agencies, defense contractors, and other R&D organizations to meet the latest CCRI requirements in every criteria element. The Endpoint Security dashboards, queries, and reports provide a constant flow of data to improve asset management and visibility. Thus, allowing you to manage specific assets across your network and enhancing compliance monitoring and remediation capabilities.

Together, we can create a plan to pass any upcoming CCRI with a smart, sophisticated approach.

Partners in CCRI Compliance

Simplify your path to pursuing a passing CCRI grade and reduce your exposure to risk. Whether you need a Staff Assisted Visit (SAV), fix-action support or continuous monitoring, we’ll support your team through to compliance.