Lumension Endpoint Protection

Overview:

With the emergence of consumer technology in the workplace, social networking, Web 2.0 technologies and increasingly sophisticated cyber criminals, securing your endpoints is an uphill battle. Lumension Endpoint Protection combines proven antivirus technologies and innovative application whitelisting to establish a trusted endpoint environment to stop unwanted change, neutralize security threats, and prevent sensitive data from escaping.

Lumension Endpoint Protection
Online Flash Overview (Pop-up Window will open)

Endpoint Protection Business Drivers and Challenges

In today’s economy balancing the ease of doing business with endpoint security is a challenge. Endpoints are no longer bound to an office desk in a controlled environment. Employees are increasingly installing unauthorized and illegal applications on laptops and PCs which can cause increased support calls, performance issues and downtime.

And, malware and targeted attacks are on the rise. In fact analysts estimate that 75 percent of enterprises were infected with financially motivated, targeted malware that evaded traditional perimeter and host defenses.* According to a recent study, more than 21 million unique samples of malicious software were reported.**

Solid endpoint protection requires a proactive and complete approach that provides true defense-in-depth and is flexible enough to balance user productivity and convenience together with enterprise security needs.

Secure Enterprise Endpoints from Malware and Unauthorized Software that Impacts Productivity and Security

The Lumension Endpoint Protection solution fully protects endpoints from known malware and unknown threats (such as zero-day exploits) while enforcing the use of only authorized software. With Lumension® Application Control and Lumension AntiVirus, you can prevent known and unknown malware and centrally manage, monitor, and control application installation and use in your environment.

With the combination of antivirus and application whitelisting capabilities, known malware can be quickly removed from endpoints and only trusted applications will be authorized to run on your servers, locking them down from threats. This defense-in-depth approach protects endpoints by establishing a trusted environment.

In addition, you can improve operational desktop and server management by eliminating the unnecessary support calls and performance issues that come with managing unauthorized and illegal software. You can easily demonstrate compliance by discovering all applications in your environment, by enforcing software license policies and by providing a detailed audit trail of all application execution attempts.

How Lumension Endpoint Protection Works

1. Discover: Scan for and remove all known malware to establish a clean environment. Identify and organize all endpoint applications and executables into predefined management groups.

2. Implement: Assign permissions for applications to run based on executable, user, or user group attributes; use an application whitelist approach to ensure that only authorized and trusted applications can run on endpoints. Continue blocking known malware and use behavioral analysis tools to assess new unknown code which may or may not be legitimate.

3. Monitor: Monitor the effectiveness of endpoint security policies in real time and identify potential threats by logging all application execution attempts and recording all policy changes and administrator activities. Maintain ongoing antivirus scanning to identify and remove any “dead malware” that, although prevented by application control, is still present on endpoints.

4. Report: Demonstrate policy compliance and ensure software license compliance by drilling down on suspicious behavior for security or legal follow-up. Report on malware prevention and remediation on behavior of unknown or suspicious code and on current threat levels.

Take Control of Your Endpoint Protection

Protect your organization from threats starting today.

Sources:
*Gartner Research, Gartner’s Top Predictions for IT Organizations and Users, 2007 and Beyond, Daryl C. Plummer, December 1, 2006
**www.AVtest.org, 2009, cumulative unique malware samples reported through 24-July-2009

Key Features:

Application Discovery: Automatically determine what applications are in use through a non-blocking audit option, as well as through a variety of scanning tools to assess the current state.	Saves Time and Improves Security Understand the breadth of applications being used across the organization. Lay the foundation for the development of a comprehensive Endpoint Protection plan in compliance with internal security policy and external regulations / standards.
Endpoint Security Policy Definition: Define security policy with global and user- and/or machine-specific rules based on organizational needs using a “whitelist” approach.	Increases Security Compliance Create a whitelist of authorized applications with centralized policy management per user or user group as well as by computer.
Full Signature Matching Capabilities: Recognizes, blocks and removes viruses, worms, Trojans and other types of malware such as keyloggers, hijackers and rootkits.	Protects Against Known Threats Protects your organization from malicious code, which compromises security, privacy and/or performance.
Unique Behavioral Analysis: Protects against new and unknown malware (zero-day exploits) using multiple methods.	Prevents Unknown Threats from Executing on Systems Prevents known and unknown malicious threats from gaining unauthorized access to systems and data.
Comprehensive Cleaning Functionality: Ensures comprehensive clean-up, including rootkit removal	Removes Known Malware Ensures that any malware that manages to evade detection is not allowed to remain on network assets indefinitely.
Endpoint Security Policy Enforcement: Enforce your application usage policies across your entire network.	Automates Security Enforcement Automate the enforcement of endpoint protection security policy at any level of granularity. Prevent malware from executing on your endpoints.
Audit and Compliance: Automatically log all network events related to your endpoint security policy.	Enforces Compliance in Your Organization Meet compliance demands by enforcing software license compliance. Provide a detailed audit trail of all application execution attempts.
Flexible / Scalable / Secure Design: Provide organization-wide control and enforcement using scalable client-server architecture with a central database which facilitates load balancing and distributed control. Install tamper-proof agents on every endpoint on the network that are protected against unauthorized removal. Lumension Application Control fully supports both Windows Active Directory and Novell eDirectory / NDS structure.	Adapts to Your Growing Business Support any sized organization, from small, local startups to large, global corporations, from hundreds of endpoints to hundreds of thousand endpoints. Scale installation as needs dictate for fast growing organizations. Protect endpoints from unintentional and/or malicious tampering. Maintain security posture. Leverage existing directory information when enforcing policies. Reduce administrator workload. Reduce setup / startup / ramp up time.

Documentation:

Download the Lumension Endpoint Protection Datasheet (PDF).