|
The battle to protect your network from malware can
seem insurmountable. One anti-virus vendor expects to
identify its 400,000th threat in early 2008.
Unfortunately, anti-virus applications alone cannot
control the problem. Out of the 99% of enterprises with
anti-virus protection, 62% still suffered a malware
infectioną. Analysts estimate that by the end of 2007,
75% of enterprises were infected with financially
motivated, targeted malware that evaded traditional
perimeter and host defenses˛.
Sanctuary Application Control provides granular,
policy-based enforcement of application use to proactively
secure endpoints from data leakage, malware, spyware,
keyloggers, Trojans, rootkits, worms and viruses, zero-day
threats and unwanted or unlicensed software.
- Eliminates the reliance on anti-virus subscription updates to secure your business
- Enforces software license compliance, Sarbanes Oxley, HIPAA and GLBA and many other regulatory requirements
- Enables application monitoring to avoid propagation of illegal, malicious or unwanted code on your endpoints
- Prevents unauthorized application use throughout your organization
- Allows you to test and plan patch deployment with no rush
- Benefit from Standard File Definitions to rapidly load a predefined set of authorized OS and most commonly used applications
1 – Yankee Group, 2005 Security Leaders and Laggards Survey
2 – Gartner Research, “Gartner’s Top Predictions for IT Organizations and Users, 2007 and Beyond,”, Daryl C. Plummer, December 1, 2006
Sanctuary Application Control Overview:
Sanctuary Application Control is the only
comprehensive endpoint security solution to centrally
manage, monitor and control applications on the
corporate network. Sanctuary Application Control
provides relief from the onslaught of malware by
proactively controlling the applications that can
execute on a network servers, terminal services servers,
thin clients, laptops or desktops.
Proactive Approach to Endpoint Security
By employing a whitelist approach, Sanctuary
Application Control enables only authorized applications
to run on a network, laptop or PC - facilitating
security and systems management, while providing the
necessary flexibility to the organization.
Granular control over the use of all applications
Simple, Fast, Flexible Administration and Management
Sanctuary Application Control enables administrators to
quickly establish and enforce application control
policies by rapidly identifying applications and then
assigning permissions at a high level or all the way
down to specific application per users, user groups or
even a particular computer. Sanctuary links application
policies to user and user group information stored in
Microsoft Windows Active Directory or Novell eDirectory,
dramatically simplifying the management of endpoint
application resources.
Detailed reporting of application usage
Endpoint Security Built to Scale
With a three-tier architecture and load-balancing
capability, Sanctuary is designed to provide
endpoint security to organizations ranging in size
from 50 to 100,000 endpoints. Through integration
with Active Directory or eDirectory, Sanctuary
integrates with your existing technical
infrastructure and logical organization. Sanctuary
has also been ported to Windows Embedded platforms
to protect the growing number of exposed embedded
devices.
Sanctuary Application Control - Server Edition
Sanctuary Application Control - Server Edition
secure mission critical servers from unauthorized,
illegal or unwanted applications through the
automated enforcement of application use policies.
By blocking the execution of unwanted applications,
Sanctuary Application Control - Server Edition
proactively reduces the potential for malware
intrusion on mail servers, CRM applications, web
servers, database servers, and other
mission-critical servers within your environment,
preventing any interruption to the flow of your
business.
Sanctuary Application Control - Terminal Services Edition
Sanctuary Application Control - Terminal Services
Edition enforces application use policies to secure
Windows or Citrix terminal services environments
from unauthorized, illegal or unwanted applications.
Terminal Services Edition provides a secure thin
client terminal environment and enhances the
availability and stability of your remote services.
Features & Benefits:
|
Feature |
Function |
Benefit |
|
Whitelist |
Assign
permissions for authorized applications to
users or user groups, and by default those
not authorized are not allowed |
Eliminates
unknown or unwanted applications in your
network, reducing the risk of malware and
spyware and ultimately improving network
stability |
|
Standard File Definitions |
Classified,
pre-loaded whitelist of all supported OS
files |
Speeds and
simplifies whitelist definition |
|
Automated Application Discovery |
Process of
identifying, categorizing and authorizing
applications which produces a record of all
executables on client computers, file
servers and/or local directories |
Provides
flexible and fast options to create or
update whitelists |
|
Automatic Authorization of Software
Updates |
Automatic
authorization of Microsoft software updates
through integration with Windows Updates:
SUS and WSUS |
Eliminates
risk of accidentally restricting user access
to frequently updated Microsoft applications |
|
Script / Macro Protection |
Controls the
execution of specific VBScript, Microsoft
Office VBA and JavaScript with central
authorization or a prompt to local users |
Extends
application policy enforcement to include
specific scripts/macros, enabling business
without compromising protection |
|
Path Protection |
Optional file
authorization based on location or path
rules; Create a trusted owner, such as
administrator, to reinforce security |
Provides
flexibility to support executable files for
which hash definitions are not useful or
applicable (i.e. auto-changing .exe files) |
|
Non-Blocking Mode |
Execute and
log activity for administrator review |
Enables
Sanctuary to identify current state before
defining and enforcing policy |
|
Flexible File Authorization |
Versatile File
Processor (FileTool.exe) enables directory
and subdirectory scans to discover new
applications and packages while online or
offline |
Provides
flexible and fast option to identify new and
updated applications for review and
ultimately to generate whitelists |
|
Nested Executable File Groups |
Hierarchical
structure of organizing file groups |
Provides fast
administration of file groups and assignment
of user permissions |
|
Relaxed Logon |
Executes logon
scripts without authorization and
automatically switches system into blocking
mode after either a set of time or at the
end of the script |
Eliminates
need to administer logon scripts in
Sanctuary without compromising the security
of the system |
|
Local Authorization |
Trusted users
can authorize applications locally, while
maintaining a log for administrator review |
Delivers
flexibility to the user, without giving up
administrative control |
|
Spread Check |
Disables
suspicious executables that are locally
authorized on too many computers |
Contains risk
of malicious code spreading through network
due to local authorization |
|
Highly Scalable Architecture |
Three tier
architecture with Database, one or more
Application servers, and Client |
Provides
flexible and scalable deployment options in
large and complex networks |
|
Powerful Log Analysis and Reporting |
Detailed log
analysis with flexible filter, sort and
display options and stored query templates
as well as central reporting |
Detailed log
analysis with flexible filter, sort and
display options and stored query templates
as well as central reporting |
|
Offline Computer Protection |
Local copy of
updated hashes and permissions is kept on
each machine |
Ensures that
remote/ disconnected users are constantly
protected |
|
Active Directory and eDirectory Support |
Leverages user
and user group definitions in existing
Active Directory and eDirectory |
Reduces setup
and maintenance of users and user groups |
|
Multi-Language Support |
Supports 12
languages on Sanctuary client machines |
Improves user
experience in international organizations |
|
Custom Reports |
Custom query
templates can be scheduled to automatically
generate reports in HTML, XML or CSV formats
and delivered via email or network file
share |
Extends
application policy enforcement to include
specific scripts/macros, enabling business
without compromising protection |
Requirements:
|
Client (32-bit unless specified) |
Database |
Server |
Management Console |
|
Windows 2000 (SP 3+) Professional, Windows
XP Professional, Windows XPe, Windows
Embedded Point of Service, Windows XP Tablet
PC Edition, Windows Server 2003, Windows
Vista (32 and 64 bit) |
Windows 2000 (SP 3+) Server or Professional,
Windows XP Professional, Windows Server 2003 |
Windows 2000 (SP 4+) Server or Windows
Server 2003 |
Windows 2000 (SP 3+) Server or Professional,
Windows XP Professional, Windows Server 2003 |
|
For Sanctuary Server/Terminal Services
Edition: Windows 2000 Server or Windows
Server 2003 |
Microsoft SQL Server (2000/2005), SQL Server
2005 Express Edition or MSDE 2000 |
|
Lumension
Sanctuary Application Control