Trusted Updater
Permits automated updates to the application whitelist policy when changes are made by specifically authorized programs.
 Software Demo:
Automating Whitelist Management
|
Removes the operational burden of having to update the application whitelist policy every time an application hash file is changed/modified by self updating applications. Ideal for:
- Software Distribution Tools:
- Patch Management Tools:
- Self Updating Applications:
|
Browsers should not be classified as a trusted updater as trust is indirectly extended to the user of that browser.
Lumension recommends that browsers only be updated through a centrally managed software distribution or patch management tool instead.
|
Trusted Publisher
Enables "on-the-fly" changes to the application whitelist policy when changes are accompanied by a valid and signed certificate of the application developer.
|
Provides an operationally efficient means to update the application whitelist policy by application developers that may not have a standardized release cycle but update on a frequent enough basis to automate change. Ideal for:
- Cloud hosted and distributed applications such as Webex and GoToMeeting
- In-house, custom developed applications that need to be updated
- Browser plug-ins such as Shockwave, Flash, etc.
|
Lumension recommends using the trusted publisher capability for non-centrally managed, 3rd party applications and browser plug-ins. This should be used when the main browser is only centrally managed within another tool such as a patching or software distribution tool.
Learn more about the risk posed by user access rights and applications such as plug-ins.
|
Trusted Path
Allows the application whitelist policy to be automatically updated when changes are made within the library of known good applications.
|
Ideal for:
- Shared Network paths
- Applications that change “on the fly”, i.e. .Net assemblies, web services or just-in-time code
- Every install of app is unique
|
Security for these types of applications will only be as strong as your trusted path.
Lumension recommends these types of applications be secured through OS Privileges "and" using Lumension trusted path "and" identifying Trusted Authorizers within the trusted path policy to allow any kind of change to occur.
|
Denied Applications
Allows the IT administrator to identify specific non-trusted or out-of-policy applications.
|
Ideal for:
- Denying access to specific and unwanted, off-policy applications (i.e., Skype, Google toolbars, BitTorrent, etc.)
- Denying access to any known or prevalent hacking tools (i.e., Lopht Crack, End Map, Rainbow Crack, etc.)
|
Lumension recommends using this capability to contain zero-day malware by removing vulnerable versions of applications and adding anti-virus quarantine files to the denied application list.
|
Trusted Authorizer
Available Q3 2011
Enables "on-the-fly" changes to the application whitelist policy from specific identified individuals or departments.
|
Ideal for:
- Mobile users who may have urgent needs to install software (i.e., sales, product management, sales engineers, etc.)
- Executives or high-profile users who like to the use the latest and greatest technologies.
- Power users (i.e., IT staff that is frequently testing
|
Lumension recommends using this capability for assessing application usage requirements across a particular organization or department
Use this capability when you want to limit risk to a specific individual or department.
|