Lumension Application Control

Overview:

The battle to protect IT assets from malware and unauthorized software is a costly, ongoing struggle taking up valuable resources and time.

Each time a new malware threat appears or unsupported software causes a compatibility conflict, IT has to stop what they’re doing to resolve the issue. Whether that’s updating antivirus signatures to ensure that systems and information are protected or re-imaging laptops due to software conflict blue-screens, the end result is an increased support burden and lower operational efficiency.

Lumension Application Control
Online Flash Overview (Pop-up Window will open)

Secure Endpoints, Servers, Kiosks and POS Systems from Malware

The threats aren’t going to stop and antivirus software alone cannot control the problem as malware threats are being developed faster than the necessary fixes. Malware has grown over 500% with more than 5.49 million unique samples of malicious software reported1 and attacks are more targeted, being designed to specifically bypass antivirus solutions.

Lumension Application Control enables you to prevent the execution of malicious code utilizing application whitelisting. This approach allows only authorized applications to run on laptops, PCs, servers, terminal services servers and thin clients without relying on antivirus signature-updates, freeing up network bandwidth and IT resources.

With no viral attacks to thwart, malware to hunt down, or incompatible applications to invoke the blue screen of death, you can spend more time on more strategic activities instead of constantly fixing computers.

Lumension Application Control provides:

Endpoint protection from malware without relying on signature updates
Optimized IT support with decreased helpdesk calls to support unauthorized software
Improved system availability and service levels by preventing known and unknown threats
Audit-readiness with detailed tracking of all application execution attempts and policy changes

Key Features

Application Whitelisting
Automated Application Discovery
Standard File Definitions
Automatic Authorization of Software Updates
Script / Macro Protection
Flexible File Authorization
Local Authorization
Spread Check
Offline Computer Protection
Active Directory and eDirectory Support

Key Benefits

Prevents Known and Unknown Threats
Blocks Targeted Malware and Zero-Day Attacks
Enforces Trusted Application Environment
Improves Server Availability
Reduces Endpoint Security TCO

How it Works

How Lumension Application Control Works 1. Discover - Identify all executable files and devices, collect profiles and organize into pre-defined file groups.

2.Implement - Assign permissions for applications to run based on executable, user, or user group attributes. Use an application whitelist approach to ensure that only authorized and legal applications can run on a computer. When a user wants to run an application, the OS request at the kernel level is intercepted by the Lumension driver. If the user has rights, then access will be granted. If the application is not known or the user does not have rights, then access will be denied.

3.Monitor - Monitor the effectiveness of endpoint security policies in real time and identify potential threats by logging all application execution attempts and recording all policy changes and administrator activities.

4.Report - Demonstrate policy compliance and ensure software license compliance to meet Sarbanes Oxley, NERC, HIPAA, PCI, and GLBA requirements by drilling down on suspicious behavior for security or legal follow-up.

Key Features:

Application Whitelisting	Blocks Malware Attacks Eliminates unknown or unwanted applications in your network, reducing the risk of malware and spyware and ultimately improving network stability
Automated Application Discovery	Saves Time and Improves Security Provides flexible and fast options to create or update whitelists.
Standard File Definitions	Saves IT Operations Time and Effort Speeds and simplifies whitelist definition with classified, pre-loaded whitelist of all supported OS files.
Automatic Authorization of Software Updates	Simplifies Software Updates and Decreases Risk Eliminates risk of accidentally restricting user access to frequently updated Microsoft applications.
Script / Macro Protection	Enhances Security Policy Enforcement Extends application policy enforcement to include specific scripts/macros, enabling business without compromising protection.
Path Protection	Delivers Flexible Support for Files Provides flexibility to support executable files for which hash definitions are not useful or applicable (i.e. auto-changing .exe files).
Flexible File Authorization	Improves Network Stability Provides flexible and fast option to identify new and updated applications for review and ultimately to generate whitelists.
Local Authorization	Maintains Administrative Control and Increases User Satisfaction Delivers flexibility to the user, without giving up administrative control by allowing trusted users to authorize applications locally, while maintaining a log for your review.
Spread Check	Ensures Network Security Contains risk of malicious code spreading through network due to local authorization by disabling suspicious executables that are locally authorized on too many computers.
Highly Scalable Architecture	Adapts to Your Growing Business Provides flexible and scalable deployment options in large and complex networks with a three tier architecture.
Powerful Log Analysis and Reporting	Ensures Audit Readiness Demonstrates policy compliance and drills down on suspicious behavior for legal or management follow up.
Offline Computer Protection	Delivers On-going Protection Ensures that remote/ disconnected users are constantly protected by keeping a local copy of updated hashes and permissions on each machine.
Active Directory and eDirectory Support	Reduces IT Operations Time and Effort Reduces setup and maintenance of users and user groups by leveraging definitions in existing Active Directory and eDirectory.
Multi-Language Support	Delivers Support for International Use Improves user experience in international organizations.Supports 12 languages on Application Control client machines.

Requirements :

Supported Operating Systems:

	Agent	Admin	Server	Database
Windows 2000 Professional
Windows 2000 Server
Windows XP Professional
Windows Vista
Windows 7
Windows Server 2003
Windows Server 2008
Windows Server 2008 R2
Windows XP Embedded (XPe)
Windows Embedded Point of Service
Windows XP Tablet PC Edition
Citrix Access Gateway 4.5
Citrix Presentation Server 4.5
Windows 2008 Hyper-V
VMware Infrastructure 3

Hardware and Software Requirements:

Component
Database	Hardware	512 MB (4 GB recommended) memory Pentium® Dual-Core or AMD equivalent CPU 3 GB minimum hard disk drive 100 MBits/s NIC
Database	Software	One of the following: Microsoft SQL Server 2005 Microsoft SQL Server 2005 Express Edition Microsoft SQL Server 2008 Microsoft SQL Server 2008 Express Edition
Application Server	Hardware	512 MB (1 GB recommended) memory Pentium® Dual-Core or AMD equivalent CPU 3 GB minimum hard disk drive 100 MBits/s NIC
Application Server	Software	No additional software requirements
Management Console	Hardware	512 MB (1 GB recommended) memory Pentium® Dual-Core or AMD equivalent CPU 15 MB hard disk drive for installation, and 150 MB additional for application files 100 MBits/s NIC 1024 by 768 pixels for display
Management Console	Software	No additional software requirements
Client	Hardware	256 MB (1 GB recommended) memory Pentium® Dual-Core or AMD equivalent CPU 10 MB hard disk drive for installation 100 MBits/s NIC
Client	Software	No additional software requirements

Multi-Language Support:

Supports 12 languages on client machines; this includes Traditional Chinese, Simplified Chinese, Dutch, English, French, German, Italian, Japanese, Portuguese, Russian, Spanish and Swedish.

Documentation:

Download the Lumension Application Control Datasheet (PDF).