A few decades ago, corporate endpoints consisted mainly of stationary PCs glued to the desk. The attack vectors to break into an end-user device were also slim. Can you imagine that the first ransomware attack was distributed via 5.25-inch floppy disks to the attendees of a WHO conference? Back then, protecting endpoints involved anti-malware tools that sniff out suspicious files based on static signatures. That seemed satisfactory for the time it served.
With most employees working on-site, the focus gradually shifted from endpoints to perimeter. Companies had a clear delineation of the corporate boundary and considerable control over what enters the network. This network perimeter made it simple to cast a wider net that protects all the assets within the enterprise. Under this assumption, firewalls and secure web gateways took precedence, while endpoint security faded in the background.