Uygulama Kullanımını Denetleyerek Kötü Huylu Uygulamalardan Kurtulun
Ağınızı kötü huylu uygulamalardan korumak için verdiğiniz savaş başa çıkılamaz görünebilir.Anti-virüs üreticilerinden biri 2008 başlarında 400.000inci tehditi algılıyor olmayı beklemektedir. Maalesef anti-virüs yazılımları tek başlarına sorunu kontrol edebiliyor olmaktan çok uzaktadırlar. % 99 oranında anti-virüs uygulamasına sahip olan kuruluşların % 66'sı hala kötü huylu uygulamalara (malware) maruz kalıyorlar¹. Analistler 2007 yılı sonuna kadar, kurumların % 75'inin, geleneksel savunma mekanizmalarından sakınabilen, finansal olarak motive olmuş, hedefleri olan kötü huylu uygulamalara maruz kalacaklarını öngörmektedirler.².
Sanctuary Application Control, uç noktalarınızın, veri sızıntısı, malware, spyware, keyloggerlar, Truva Atları, rootkitler, wormlar ve virüslerden, sıfır-gün tehditlerinden ve istenmeyen lisanssız yazılımlardan korunması için politika-tabalı uygulama kullanımı sağlar.
İşinizin güvenliğini sağlamak için sıkıcı anti-virüs güncellemelerine bağımlılığı ortadan kaldırır.
Sarbanse Oxley, HIPAA, GLBA ve pek çok diğer standarlarda yazılım lisans kullanımı uyumluluğu sağlar.
Uç noktalarınızda yasadışı, zararlı ya da istenmeyen kodun çalışmasını engellemek için uygulama izlemeyi sağlar.
Kurumunuz/işletmenizde izinsiz uygulama kullanımını engeller.
Acele etmeden patch kurulumlarınızı test etmenizi ve planlamanızı sağlar
Yetkilendirilmiş OS ve yaygın kullanılan uygulamaların ön tanımlı setlerini yüklemek için Standard Dosya Tanımlarından faydalanın.
1 – Yankee Group, 2005 Security Leaders and Laggards Survey
2 – Gartner Research, “Gartner’s Top Predictions for IT Organizations and Users, 2007 and Beyond,”, Daryl C. Plummer, December 1, 2006
Overview
Protect your organization against malware attacks before they occur by proactively controlling the applications executing on your desktops, laptops, servers, kiosks and POS systems with Lumension Application Control, a primary component of Lumension® Endpoint Protection solution.
Centrally manage, monitor, and control applications with a whitelist approach that allows only authorized applications to run ensuring no malware, spyware, keyloggers, Trojans, worms, viruses, zero-day threats and unwanted or unlicensed software will execute on your network and disrupt your business.
Lumension Application Control provides complete malware protection and increases IT and end-user productivity by preventing unwanted applications from causing configuration issues and consuming network bandwidth.
You’ll be audit-ready with a detailed audit trail of all application and device execution attempts along with proof that software licenses are in compliance. With no viral attacks to thwart, malware to hunt down, or incompatible applications to invoke the blue screen of death, you can spend more time on other projects instead of constantly fixing computers.
How It Works
1. Discover - Identify all executable files and devices, collect profiles and organize into pre-defined file groups.
2. Implement - Assign permissions for applications to run based on executable, user, or user group attributes. Use an application whitelist approach to ensure that only authorized and legal applications can run on a computer. When a user wants to run an application, the OS request at the kernel level is intercepted by the Lumension driver. If the user has rights, then access will be granted. If the application is not known or the user does not have rights, then access will be denied.
3. Monitor - Monitor the effectiveness of endpoint security policies in real time and identify potential threats by logging all application execution attempts and recording all policy changes and administrator activities.
4. Report - Demonstrate policy compliance and ensure software license compliance to meet Sarbanes Oxley, NERC, HIPAA, PCI, and GLBA requirements by drilling down on suspicious behavior for security or legal follow-up.
Features & Benefits
| Key Product Features |
Benefit |
| Application Whitelisting |
Blocks Malware Attacks
- Eliminates unknown or unwanted applications in your network, reducing the risk of malware and spyware and ultimately improving network stability
|
| Automated Application Discovery |
Saves Time and Improves Security
- Provides flexible and fast options to create or update whitelists.
|
| Standard File Definitions |
Saves IT Operations Time and Effort
- Speeds and simplifies whitelist definition with classified, pre-loaded whitelist of all supported OS files.
|
| Automatic Authorization of Software Updates |
Simplifies Software Updates and Decreases Risk
- Eliminates risk of accidentally restricting user access to frequently updated Microsoft applications.
|
| Script / Macro Protection |
Enhances Security Policy Enforcement
- Extends application policy enforcement to include specific scripts/macros, enabling business without compromising protection.
|
| Path Protection |
Delivers Flexible Support for Files
- Provides flexibility to support executable files for which hash definitions are not useful or applicable (i.e. auto-changing .exe files).
|
| Flexible File Authorization |
Improves Network Stability
- Provides flexible and fast option to identify new and updated applications for review and ultimately to generate whitelists.
|
| Local Authorization |
Maintains Administrative Control and Increases User Satisfaction
- Delivers flexibility to the user, without giving up administrative control by allowing trusted users to authorize applications locally, while maintaining a log for your review.
|
| Spread Check |
Ensures Network Security
- Contains risk of malicious code spreading through network due to local authorization by disabling suspicious executables that are locally authorized on too many computers.
|
| Highly Scalable Architecture |
Adapts to Your Growing Business
- Provides flexible and scalable deployment options in large and complex networks with a three tier architecture.
|
| Powerful Log Analysis and Reporting |
Ensures Audit Readiness
- Demonstrates policy compliance and drills down on suspicious behavior for legal or management follow up.
|
| Offline Computer Protection |
Delivers On-going Protection
- Ensures that remote/ disconnected users are constantly protected by keeping a local copy of updated hashes and permissions on each machine.
|
| Active Directory and eDirectory Support |
Reduces IT Operations Time and Effort
- Reduces setup and maintenance of users and user groups by leveraging definitions in existing Active Directory and eDirectory.
|
| Multi-Language Support |
Delivers Support for International Use
- Improves user experience in international organizations.
Supports 12 languages on Application Control client machines.
|
Requirements
Supported Operating Systems
| |
Agent |
Admin |
Server |
Database |
| Windows 2000 Professional |
 |
|
|
|
| Windows 2000 Server |
|
|
|
|
| Windows XP Professional |
|
|
|
|
| Windows Vista |
|
|
|
|
| Windows 7 |
|
|
|
|
| Windows Server 2003 |
|
|
|
|
| Windows Server 2008 |
|
|
|
|
| Windows Server 2008 R2 |
|
|
|
|
| Windows XP Embedded (XPe) |
|
|
|
|
| Windows Embedded Point of Service |
|
|
|
|
| Windows XP Tablet PC Edition |
|
|
|
|
| Citrix Access Gateway 4.5 |
|
|
|
|
| Citrix Presentation Server 4.5 |
|
|
|
|
| Windows 2008 Hyper-V |
|
|
|
|
| VMware Infrastructure 3 |
|
|
|
|
Hardware and Software Requirements:
| Component |
|
|
| Database |
Hardware |
- 512 MB (4 GB recommended) memory
- Pentium® Dual-Core or AMD equivalent CPU
- 3 GB minimum hard disk drive
- 100 MBits/s NIC
|
| Software |
One of the following:
- Microsoft SQL Server 2005
- Microsoft SQL Server 2005 Express Edition
- Microsoft SQL Server 2008
- Microsoft SQL Server 2008 Express Edition
|
| Application Server |
Hardware |
- 512 MB (1 GB recommended) memory
- Pentium® Dual-Core or AMD equivalent CPU
- 3 GB minimum hard disk drive
- 100 MBits/s NIC
|
| Software |
No additional software requirements |
| Management Console |
Hardware |
- 512 MB (1 GB recommended) memory
- Pentium® Dual-Core or AMD equivalent CPU
- 15 MB hard disk drive for installation, and 150 MB additional for application files
- 100 MBits/s NIC
- 1024 by 768 pixels for display
|
| Software |
No additional software requirements |
| Client |
Hardware |
- 256 MB (1 GB recommended) memory
- Pentium® Dual-Core or AMD equivalent CPU
- 10 MB hard disk drive for installation
- 100 MBits/s NIC
|
| Software |
No additional software requirements |
Multi-Language Support: Supports 12 languages on client machines; this includes Traditional Chinese, Simplified Chinese, Dutch, English, French, German, Italian, Japanese, Portuguese, Russian, Spanish and Swedish.