Through interviews and needs assessment interviews, it was clear a solution was needed to minimize the amount of time IT professionals must spend maintaining the whitelist profile. Viewfinity Application Control automates the method for rating, restricting and classifying unknown applications, all while not disturbing end user productivity, due to its greylisting model. The product helps detect advanced persistent threats by monitoring for unauthorized change, and chronicles detailed forensics data in the event of a breach. It integrates with existing Microsoft infrastructures, easily scales, is simple to install and use, and is up-and-running quickly, representing higher IT efficiency and lower TCO.
A recent Gartner report indicates that application control provides operational and security benefits, including but not limited to reducing the number of images to support and improve automation, reducing the number of help desk calls, detects advanced targeted attacks by monitoring for unauthorized change, gathers detailed forensics information in the event of a breach, and more. "Ideally, enterprises would apply both application control and remove administrative rights, but only a few vendors support application control and privilege elevation," according to Gartner. ("How to Successfully Deploy Application Control," Neil MacDonald, January 2013).
"There is great danger if administrative rights are allowed in a whitelisting model: users that retain administrative rights may attempt to bypass or uninstall application control agents, and attackers may target the whitelisting mechanism to get bad code recognized as legitimate," explains Leonid Shtilman, CEO, Viewfinity. "The ideal solution is to remove administrative rights and set up a risk-based application control framework that allows approved applications, yet doesn't block all unknown applications but instead establishes default behavior for managing applications not yet classified. We've extensively beta tested Viewfinity Application Control in several enterprise environments and believe it's the best product on the market for protecting a corporate network infrastructure of any size."
View a Q&A webinar with Leonid Shtilman, Viewfinity CEO, and featured Gartner Analyst Neil MacDonald entitled "Application Control Gains Adoption By Providing Tighter Control Against Advanced Persistent Threats."
How it Works
Viewfinity Application Control effectively minimizes the impact on end user productivity and the amount of time IT must spend managing the whitelist profile. Our automated rating and restricting of unclassified applications proactively secures applications that have not yet been classified, allowing them to run in our greylist mode, which restricts privileges and limits access to resources until automatically rated and classified. Users operate with least privilege rights and if an application explicitly requires admin rights, the software simply elevates privileges for the application, not the user.
In addition, Viewfinity's patent-pending Forensic Analysis feature identifies information related to malicious files and tracks applications being installed and run, and who, when, and from where applications and files are introduced onto corporate endpoints, following the forensic trail from generation to generation. Application origination points are tracked from the source through the network to any removable storage device, as well as through software distributors, Internet downloads, and can be used for reputation scoring and for investigation.
By silently tracking an application's history before any policies are implemented, rules can be applied to pre-existing applications based on information such as installation point of origin, trusted vendor, and other criteria. This data is reported through a centralized console allowing IT to perform application audits, apply policies or review screen recorded video for auditing and forensic purposes for breach investigations.
Viewfinity Application Control is available immediately and lists at $50 per endpoint for a basic 1000-seat installation and $225 per server (volume discounts apply). For details, call 800-455-2010, or send email to [email protected]
Viewfinity provides the only solution which offers complete application control features and administrative privilege capabilities to protect against sophisticated zero-day attacks, malware, and advanced persistent threats. Our next generation application control provides everything needed for whitelisting – from trusted sources and updaters to a cloud-based system which can rank unknown applications, reinforced with managed administrative privileges. Applications not yet classified run in a "greylist mode" and are automatically evaluated and assigned to a white/black list. Our patent-pending forensics automatically tracks file origins to enable better investigation of malware incidents. This fortified approach leads to more secure desktop and server environments, enables high operational IT efficiency via a lower TCO model, and maximizes end user productivity. For more information, visit www.viewfinity.com.