Module Features

Key Product Features

Benefits

Application Control/Whitelisting

  • Identifies and controls what applications are currently in your IT environment or can be added to your IT environment.
  • Automatically identifies trusted software that is authorized to run and prevent all other applications from executing – whether they are malicious, untrusted or merely unwanted.
  • Supports all executables including typical .EXEs, .DLLs, .COMs, etc.

Prevents the Execution of Unauthorized Applications

  • Eliminates unknown or unwanted applications in your network, reducing the risk and cost of malware, and ultimately improving network stability.
  • Identifies all applications running within the endpoint environment.
  • Protects against exploits of un-patched OS and 3rd party application vulnerabilities.

Easy Lockdown

  • Takes an automated "snapshot" of each endpoint, which is used to create a whitelist and begin enforcement of whitelist policies.
  • Creates a local whitelist immediately and begins enforcement of whitelist policies.

Simplifies Whitelist Creation and Prevents Unauthorized Change

  • Automates the creation of your whitelist to reduce IT workload.
  • Reduces zero-day and other unidentified malware attacks.
  • Immediate security without disrupting productivity.

Easy Auditor

  • Allows administrators to observe and audit whitelisting policies to ensure business needs and security considerations are achieved before enforcement actions are applied.
  • Ensures business needs and security considerations are achieved before enforcement actions are applied.

Ensures Effective Security Policies Are Defined

  • Reduces IT burden in creating and maintaining a whitelist of trusted applications.
  • Enables IT to identify and assess organizational friction as a result of application policies before they are enforced.

Trust Engine

Automates whitelist updates based on trust policies, including:

  • Trusted Publisher: Enables "on-the-fly" changes to the whitelist when changes are accompanied by a valid and signed certificate by the application provider.
  • Trusted Updater: Permits automated updates to the whitelist when changes are made by specifically authorized programs.
  • Trusted Path: Allows the whitelist to be automatically updated as changes are made in the library of known good applications.
  • Local Authorization (available in Q3, 2011): Lets end users make ad hoc changes with accountability and control, by tracking end user change and enabling administrators to reverse the change if necessary.

Removes Operational Burden from Managing Whitelist

  • Allows flexible, trust-based policies to be managed across multiple variables without imposing a laborious manual process as changes are approved automatically and do not require administrator involvement.
  • Provides IT with the flexibility to apply differing levels of policy enforcement to users/groups based on business need.
  • Streamlines operational requirements for IT and enhances organizational productivity by automatically enforcing policy.
  • Helps IT manage and better control change brought about by end users with Local Admin rights.
  • Integrates with inputs from Lumension and other third party antivirus and patch management products to facilitate automated whitelist updating.
  • Reduces operational costs around IT help desk costs and the number of machines needing to be re-imaged and improves overall productivity.

Application Library

  • Aggregates all data collected by local snapshot scans and provides grouping and filtering options for application policy management.

Provides Application View

  • Supplies a view of every application running in the entire environment.
  • Allows administrators to group all executables into application and/or application groups.
  • Allows administrators to create a group called “unwanted apps” and assign a “denied apps” policy.

Application Event Log

Provides powerful log analysis and reporting while delivering necessary visibility into endpoint events, including:
  • All application events
  • All applications added by trusted updaters, paths and publishers
  • All denied application events
  • Easy Auditor (applications blocked when enforcement is enabled)
  • Most frequently denied applications

Provides Critical Feedback Mechanism

  • Closes the feedback loop between the whitelisting policy and end user actions.
  • Ensures that the appropriate balance between security and productivity is maintained.
  • Assists in whitelist maintenance as operational needs change.

Denied Application Policy

  • Discovered applications in the Application Library can be easily added to a denied application policy and prevented from executing.

Ensures Organizational Security Policy Adherence

  • Prevents users from installing or running applications that the organization has deemed as unwanted for security, productivity or licensing reasons.

Flexible User- and Machine-based Policy Enforcement

  • Active Directory support.
  • User-based policy enforcement.
  • Machine-based policy enforcement.
  • Hybrid user and machine based policy enforcement.
  • Granular control over individual, group or global entities.

Ensures both Security and Productivity Goals are Attained

  • Delivers granular and flexible policy control to accommodate any use-case scenario.
  • Individual, Group and Global enforcement enables easy management of policy in complex environments.

Offline Computer Protection

  • Enforces whitelist on endpoints, regardless of whether or not they are connected to the network.

Delivers On-going Protection

  • Ensures that remote/ disconnected users are constantly protected by keeping a local copy of updated hashes and permissions on each machine.

Integration with Lumension® Endpoint Management and Security Suite

 

Seamless Security Enforcement

  • Reduces endpoint agent bloat across endpoints and improves endpoint performance with coordinated scans and policy enforcement.
  • Improves endpoint visibility across antivirus definitions, vulnerabilities, configurations, and device and application policies - for both online and offline machines.
  • Lumension® Intelligent Whitelisting™automatically updates hash files for whitelisted applications.