An endpoint agent-based product continues to provide protection for applications running directly on the operating system. An endpoint agent-based product will not be able to intercept browser connections where ECH is supported, as any interception is considered an attack by the TLS protocol extension for ECH.