Proactive and Complete Protection to Ensure a Trusted Endpoint Environment
Endpoint Protection Business Drivers and Challenges
In today’s economy balancing ease of doing business with endpoint security is a challenge. With the emergence of consumer technology in the workplace, social networking, Web 2.0 technologies and increasingly sophisticated cyber criminals, securing your endpoints is an uphill battle.
Download the Solution Brief
Endpoints are no longer bound to an office desk in a controlled environment. Employees install unauthorized and illegal applications on laptops and PCs which can cause increased support calls, performance issues and downtime.
And malware is on the rise. In fact, analysts estimate that 75 percent of enterprises were infected with financially motivated, targeted malware that evaded traditional perimeter and host defenses.1 According to a recent study, more than 21 million unique samples of malicious software were reported. 2
Solid endpoint protection requires a proactive and complete approach that provides true defense-in-depth and is flexible enough to balance user productivity and convenience with enterprise security needs.
Overview
The Lumension® Endpoint Protection solution fully protects endpoints from malware and unknown threats while enforcing the use of authorized software. With Lumension® Application Control and Lumension® AntiVirus, you can prevent known and unknown malware and centrally manage, monitor and control applications. By employing an application whitelisting approach, you can ensure that only authorized applications are allowed to run on laptops, PCs, mission-critical servers and POS terminals, preventing the execution of unknown or malicious code.
Malware only needs seconds to infect systems, and you need your mission-critical servers available 24/7. With the combination of antivirus and application whitelisting capabilities, known malware can be quickly removed from endpoints and only trusted applications will be authorized to run on your servers, locking them down from threats.
With Lumension® Endpoint Protection, operational desktop management is improved by eliminating unnecessary support calls and performance issues that come with managing unauthorized and illegal software. And, you can easily demonstrate compliance by enforcing software license policies and by providing a detailed audit trail of all application execution attempts.
Solid endpoint protection requires a proactive approach that is flexible enough to balance user productivity with enterprise security needs. With Lumension® Endpoint Protection solution, you can:
How it Works
- 1. Discover: Scan for and remove all known malware to establish a clean environment. Identify all executable files, collect profiles and organize into pre-defined file groups.
- 2. Implement: Assign permissions for applications to run based on executable, user, or user group attributes; use an application whitelist approach to ensure that only authorized and trusted applications can run on endpoints. Continue blocking known malware and use behavioral analysis tools to assess new unknown code which may or may not be legitimate.
- 3. Monitor: Monitor the effectiveness of endpoint security policies in real time; identify potential threats by logging all application execution attempts and recording all policy changes and administrator activities. Maintain ongoing antivirus scanning to identify and remove any “dead malware” that, although prevented by application control, is still present on endpoints.
- 4. Report: Demonstrate policy compliance and ensure software license compliance by drilling down on suspicious behavior for security or legal follow-up. Report on malware prevention and remediation, on behavior of unknown or suspicious code, and on current threat levels.
Key Capabilities and Benefits
| Solution Capability |
Benefit |
| Application Discovery: Automatically determine what applications are in use through a non-blocking audit option, as well as through a variety of scanning tools to assess the current state. |
Saves Time and Improves Security
- Understand the breadth of applications being used across the organization.
- Lay the foundation for the development of a comprehensive Endpoint Protection plan in compliance with internal security policy and external regulations / standards.
|
| Endpoint Security Policy Definition: Define security policy with global and user- and/or machine-specific rules based on organizational needs using a “whitelist” approach. |
Increases Security Compliance
- Create a whitelist of authorized applications with centralized policy management per user or user group as well as by computer.
|
| Full Signature Matching Capabilities: Recognizes, blocks and removes viruses, worms, Trojans and other types of malware such as keyloggers, hijackers and rootkits. |
Protects Against Known Threats
- Protects your organization from malicious code, which compromises security, privacy and/or performance.
|
| Unique Behavioral Analysis: Protects against new and unknown malware (zero-day exploits) using multiple methods. |
Prevents Unknown Threats from Executing on Systems
- Prevents known and unknown malicious threats from gaining unauthorized access to systems and data.
|
| Comprehensive Cleaning Functionality: Ensures comprehensive clean-up, including rootkit removal |
Removes Known Malware
- Ensures that any malware that manages to evade detection is not allowed to remain on network assets indefinitely.
|
| Endpoint Security Policy Enforcement: Enforce your application usage policies across your entire network. |
Automates Security Enforcement
- Automate the enforcement of endpoint protection security policy at any level of granularity.
- Prevent malware from executing on your endpoints.
|
| Audit and Compliance: Automatically log all network events related to your endpoint security policy. |
Enforces Compliance in Your Organization
- Meet compliance demands by enforcing software license compliance.
- Provide a detailed audit trail of all application execution attempts.
|
| Flexible / Scalable / Secure Design: Provide organization-wide control and enforcement using scalable client-server architecture with a central database which facilitates load balancing and distributed control. Install tamper-proof agents on every endpoint on the network that are protected against unauthorized removal. Lumension® Application Control fully supports both Windows Active Directory and Novell eDirectory / NDS structure. |
Adapts to Your Growing Business
- Support any sized organization, from small, local startups to large, global corporations, from hundreds of endpoints to hundreds of thousand endpoints.
- Scale installation as needs dictate for fast growing organizations. Protect endpoints from unintentional and/or malicious tampering.
- Maintain security posture.
- Leverage existing directory information when enforcing policies.
- Reduce administrator workload.
- Reduce setup / startup / ramp up time.
|
Save up to 33% with our Solution Packs
| Combining award-winning software, world-class 24x7 technical support and expert training, Lumension® Solution Packs rapidly enhance your security posture and reduce IT operational costs – enabling an always-on and always-protected business.
|
 |
Source:
- Gartner Research, Gartner’s Top Predictions for IT Organizations and Users, 2007 and Beyond, Daryl C. Plummer, December, 2006
- www.avtest.org, cumulative unique malware samples reported through 24-July-2009