Endpoint Security Solution (ESS)

The Endpoint Security Solution (ESS) is the DoD's mandated endpoint protection platform. ESS replaced the older Host Based Security System (HBSS) and is built on Trellix (formerly McAfee/FireEye) technology. It provides antivirus, host intrusion prevention, application control, and endpoint detection and response capabilities for DoD endpoints.

ESS is a required component on DoD systems — it must be installed, properly configured, and actively monitored. The platform provides both prevention (stopping known threats) and detection (identifying suspicious behavior) capabilities.

Why It Matters

ESS deployment and management is a fundamental requirement for DoD systems. If you manage endpoints on DoD networks, ensuring ESS is properly configured and maintained is essential for both security and compliance.

Related Resources

CMMC: AC.L1-3.1.1
CMMC: AC.L1-3.1.2
CMMC: AC.L2-3.1.3
CMMC: AC.L2-3.1.4
CMMC: AC.L2-3.1.5
CMMC: AC.L2-3.1.6
CMMC: AC.L2-3.1.7
CMMC: AC.L2-3.1.8