Lumension's Intelligent Whitelisting leverages both blacklisting and whitelisting approaches to deliver a more effective and operational endpoint security solution

February 26, 2010

6 Min Read


Scottsdale, Ariz. (PRWEB) February 23, 2010 -- Shift happens. In today's dynamic threat environment, more sophisticated and targeted malicious threats continue to rapidly increase, plaguing organizations worldwide. There has been exponential growth in known malware that now exceeds 30,000 identified signatures each day. Web 2.0 technologies and the social business environment of today's workforce has introduced unprecedented levels of unknown malware, and IT risks that traditional threat-centric endpoint security approaches (i.e., blacklisting) technologies were never designed or intended to protect against. While more effective proactive security approaches (i.e., application whitelisting) have been used in limited pockets for critical locked-down systems, these solutions have been limited in their ability to adjust to the dynamic needs of today's business environment.

New Intelligent Application WhitelistingNew Intelligent Application Whitelisting focus is no longer on identifying the known bad, but rather on identifying the known good, and managing change based on trust.

To ensure effective endpoint protection in today's increasingly connected and "always on" business arena, organizations must now look beyond traditional threat-centric models and more towards effective endpoint security approaches. The focus is no longer on identifying the known bad, but rather on identifying the known good, and managing change based on trust.

"Organizations are at risk from malware that targets user data and settings, rather than system files," said Neil MacDonald, vice president and Gartner Fellow, Gartner Research. "Application control solutions address these issues and provide organizations with more flexibility and granularity for all users regarding the applications that can and cannot be run. Users can be left running as administrators, allowing them to update client software as needed, including Web applications. Software that's detrimental can be automatically blacklisted, but resources may be needed to keep the list current."

To address these emerging endpoint security requirements, Lumension, the global leader in endpoint management and security, shifts the industry debate away from Blacklisting vs. Whitelisting with the unveiling of Intelligent Whitelisting as part of its Lumension' Endpoint Management and Security Suite, the first integrated solution to enable IT organizations to meet endpoint and application risks head on without the operational headaches of traditional application whitelisting.

Lumension's Intelligent Whitelisting focuses on leveraging the best of both blacklisting and whitelisting approaches to deliver a more effective and operational endpoint security solution that meets the needs of the organization without impacting employee productivity. The approach extends beyond simply looking for malicious threats; rather, it determines whether change should be allowed to occur in the IT environment by providing the necessary control to define and enforce security policy without disrupting business operations.

"In the past, traditional application whitelisting approaches were a challenge because it was nearly impossible to anticipate and manage the changing needs of the business. This relegated traditional application whitelisting solutions to very static environments like Point-of-Sale (POS) or server environments where there isn't a lot of change taking place," said Patrick J. Clawson, chairman and CEO, Lumension. "As a result, companies were left with two choices: a reactive endpoint security approach that was efficient but ineffective, or a proactive approach what was very effective, but not operational. Nobody was focused on how to bring the best in both approaches together, and manage change in a way that would better meet the needs of the business."

Lumension's Intelligent Whitelisting solution is centered on a rules-based trust engine that can define what types of change is acceptable. By setting up rules around how change can be introduced, rather than focusing solely on what kinds of change should be stopped, a balanced and more effective operational model of endpoint security management can be achieved. Lumension's Intelligent Whitelisting Solution accomplishes this by integrating Lumension' Application Control together with Lumension' AntiVirus and a trusted change management model. This enables IT organizations to work across a very simple yet effective unified workflow:

Clean IT: Using Lumension's integrated anti-malware technology (Lumension AntiVirus) IT administrators can scan the IT environment for any known malware. With potentially more than 50 percent of existing systems having some form of malware on it, this time-tested approach ensures that production systems are as clean as possible. Once existing malware is identified, it is automatically removed.

Lock IT: With Lumension's Easy Lock Down technology, a "snapshot" of the entire system is taken and a whitelist is automatically created. From this point on, nothing new is allowed to execute without first proving that it's wanted and trusted.

Trust IT: Utilizing Lumension's Trusted Change Manager, IT managers can quickly and simply identify the rules by which they want to manage and introduce change into their whitelisted environment. Change can come from many sources, including application vendors, trusted software updaters, trusted locations and even trusted users. Lumension's trusted change policy can be as flexible or tightly controlled as needed by the organization.

Lumension's Intelligent Whitelisting solution has eliminated traditional operational friction associated with maintaining application whitelists, and ongoing patch management by automatically updating the whitelist manifest each time a patch is applied. IT managers no longer have to be concerned with maintaining the security level of their whitelisted environment, or manually managing the whitelist each time a patch is applied.

"Apart from the obvious endpoint security benefits, there are many operational benefits as well, explains Paul Zimski, vice president of solution marketing, Lumension. "Intelligent Whitelisting allows IT to create and maintain a clean ecosystem through an automated, yet flexible, trust model where IT management can automate better risk-based decisions about what can be introduced into an IT environment, who is introducing it, and whether or not they should be allowed to introduce it. This added change management capability will go a long way in reducing the operational headaches encountered by IT managers due to user-introduced change in their IT environments. As a result, not only will overall security posture be enhanced, but reduced endpoint TCO can also be achieved."

As part of the Lumension Endpoint Management and Security Suite, endpoint TCO and productivity is enhanced as the Intelligent Whitelisting workflow is managed through a single console and deployed on a single server, single agent architecture. Lumension can also enable the use of existing non-Lumension anti-malware and patching solutions while still deploying its intelligent whitelisting capabilities, thus offering a non-disruptive solution to the customer.

Lumension's Intelligent Whitelisting solution will be showcased at the RSA Conference 2010, booth 923 on March 1-4 in San Francisco, CA. About Lumension Security, Inc. Lumension Security, Inc., a global leader in endpoint management and security, develops, integrates and markets security software solutions that help businesses protect their vital information and manage critical risk across network and endpoint assets. Lumension enables more than 5,100 customers worldwide to achieve optimal security and IT success by delivering a proven and award-winning solution portfolio that includes Vulnerability Management, Endpoint Protection, Data Protection, Antivirus and Reporting and Compliance offerings. Lumension is known for providing world-class customer support and services 24x7, 365 days a year. Headquartered in Scottsdale, Arizona, Lumension has operations worldwide, including Virginia, Texas, Utah, Florida, Ireland, Luxembourg, the United Kingdom, Australia, and Singapore. Lumension: IT Secured. Success Optimized. More information can be found at

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights