Lumension® Endpoint Management and Security Suite:
Application Control

Module Features

Suite Core Features


Key Product Features

Benefits

Application Control/Whitelisting

  • Identifies and controls what applications are currently in your IT environment or can be added to your IT environment.
  • Automatically identifies trusted software that is authorized to run and prevent all other applications from executing – whether they are malicious, untrusted or merely unwanted.
  • Supports all executables including typical .EXEs, .DLLs, .COMs, etc.

Prevents the Execution of Unauthorized Applications

  • Eliminates unknown or unwanted applications in your network, reducing the risk and cost of malware, and ultimately improving network stability.
  • Identifies all applications running within the endpoint environment.
  • Protects against exploits of un-patched OS and 3rd party application vulnerabilities.

Advanced Memory Protection

  • Provides integrated protection against memory injection attacks by validating all new processes, even those initiated by approved running applications.

Prevents DLL and Reflective Memory Injection Attacks

  • Prevents the most common in-memory exploits used by attackers to inject payloads into trusted processes and which are not stopped by traditional application control products.

Application Reputation Scoring

Augments Trust Decision Making

  • Leverages select data sources – including rigorous in-house testing, governmental databases, and wider user network – to determine file trust levels.
  • Increases security, control and optimized management of the application ecosystem.

Easy Lockdown

  • Takes an automated "snapshot" of each endpoint, which is used to create a whitelist and begin enforcement of whitelist policies.
  • Creates a local whitelist immediately and begins enforcement of whitelist policies.

Simplifies Whitelist Creation and Prevents Unauthorized Change

  • Automates the creation of your whitelist to reduce IT workload.
  • Reduces zero-day and other unidentified malware attacks.
  • Immediate security without disrupting productivity.

Easy Auditor

  • Allows administrators to observe and audit whitelisting policies to ensure business needs and security considerations are achieved before enforcement actions are applied.
  • Ensures business needs and security considerations are achieved before enforcement actions are applied.

Ensures Effective Security Policies Are Defined

  • Reduces IT burden in creating and maintaining a whitelist of trusted applications.
  • Enables IT to identify and assess organizational friction as a result of application policies before they are enforced.

Automated Trust Engine

Automates whitelist updates based on trust policies, including:

  • Trusted Publisher: Enables "on-the-fly" changes to the whitelist when changes are accompanied by a valid and signed certificate by the application provider.
  • Trusted Updater: Permits automated updates to the whitelist when changes are made by specifically authorized programs.
  • Trusted Path: Allows the whitelist to be automatically updated as changes are made in the library of known good applications.
  • Local Authorization: Lets end users make ad hoc changes with accountability and control, by tracking end user change and enabling administrators to reverse the change if necessary. Software Demo:
    Empowering Users to Make On-the-Fly Whitelist Decisions

Removes Operational Burden from Managing Whitelist

  • Allows flexible, trust-based policies to be managed across multiple variables without imposing a laborious manual process as changes are approved automatically and do not require administrator involvement.
  • Provides IT with the flexibility to apply differing levels of policy enforcement to users/groups based on business need.
  • Streamlines operational requirements for IT and enhances organizational productivity by automatically enforcing policy.
  • Helps IT manage and better control change brought about by end users with Local Admin rights.
  • Integrates with inputs from Lumension and other third party antivirus and patch management products to facilitate automated whitelist updating.
  • Reduces operational costs around IT help desk costs and the number of machines needing to be re-imaged and improves overall productivity.

Local Authorization

Balances Productivity, Security and Operational Friction

  • Provides users with the flexibility to authorize previously un-encountered applications on their local endpoint, while logging actions for further review by admins.
  • Provides "3rd Way" between monitor-only and full lockdown modes.
  • Ensures that local decisions are not spread across entire network.

Application Library

Provides Application View

  • Supplies a view of every application running in the entire environment.
  • Allows administrators to group all executables into application and/or application groups.
  • Allows administrators to create a group called “unwanted apps” and assign a “denied apps” policy.

Application Event Log

Provides powerful log analysis and reporting while delivering necessary visibility into endpoint events, including:
  • All application events
  • All applications added by trusted updaters, paths and publishers
  • All denied application events
  • Easy Auditor (applications blocked when enforcement is enabled)
  • Most frequently denied applications

Provides Critical Feedback Mechanism

  • Closes the feedback loop between the whitelisting policy and end user actions.
  • Ensures that the appropriate balance between security and productivity is maintained.
  • Assists in whitelist maintenance as operational needs change.

Denied Application Policy

  • Discovered applications in the Application Library can be easily added to a denied application policy and prevented from executing.

Ensures Organizational Security Policy Adherence

  • Prevents users from installing or running applications that the organization has deemed as unwanted for security, productivity or licensing reasons.

Flexible User- and Machine-based Policy Enforcement

  • Active Directory support.
  • User-based policy enforcement.
  • Machine-based policy enforcement.
  • Hybrid user and machine based policy enforcement.
  • Granular control over individual, group or global entities.

Ensures both Security and Productivity Goals are Attained

  • Delivers granular and flexible policy control to accommodate any use-case scenario.
  • Individual, Group and Global enforcement enables easy management of policy in complex environments.

Offline Computer Protection

  • Enforces whitelist on endpoints, regardless of whether or not they are connected to the network.

Delivers On-going Protection

  • Ensures that remote/ disconnected users are constantly protected by keeping a local copy of updated hashes and permissions on each machine.

Integration with Lumension® Endpoint Management and Security Suite

Seamless Security Enforcement

  • Reduces endpoint agent bloat across endpoints and improves endpoint performance with coordinated scans and policy enforcement.
  • Improves endpoint visibility across antivirus protection, vulnerabilities, configurations, and device and application policies – for both on-line and off-line machines.
  • Extends security beyond perimeter to include removable devices like USB sticks, CDs / DVDs, and printers.
  • Lumension® Intelligent Whitelisting™ automatically updates hash files for whitelisted applications.
  • Unified workflow ensures security without disrupting IT or end user productivity.

 

How Secure is Your Network?

Lumension® Application Scanner Tool

This free security tool allows you to discover every application and executable on your network.

Get Your FREE Whitepaper

Intelligent Whitelisting

An Introduction to More Effective and Efficient Endpoint Security.