# Infrastructure protection | EUCSEC10: How do you implement network protection in your EUC environment? | | --- | | | Network protection is required between infrastructure, application servers, and end user facing systems to help you adhere to your organization's security policies and reduce risks. | EUCSEC11: How do you scan for vulnerabilities and perform patch management for your EUC instances? | | --- | | | Organizations commonly implement security policies requiring robust and continuous protection of systems that provide end user computing services. As new exploits emerge and vulnerabilities are discovered regularly, maintaining strong security is an ongoing process. You should routinely assess and update your systems with security patches to maintain an effective defence against evolving threats. | EUCSEC12: How do you prevent user access to non-essential software binaries present on systems that cannot be uninstalled? | | --- | | | Many organizations have security policies that require that users in end user computing systems only have access to the software and applications they need to fulfil their role. **Topics** + [EUCSEC10-BP01 Implement network separation for AWS EUC instances](eucsec10-bp01.md) + [EUCSEC10-BP02 Restrict access to open ports on instances to reduce risks](eucsec10-bp02.md) + [EUCSEC11-BP01 Perform vulnerability scanning on EUC instances](eucsec11-bp01.md) + [EUCSEC12-BP01 Allow user access to only the software binaries needed to perform their job](eucsec12-bp01.md)