- Details
- Category: Solutions
Lumension Endpoint Protection
Proactive and Complete Protection to Ensure a Trusted Endpoint Environment
Endpoint Protection Business Drivers and Challenges
In today’s economy balancing ease of doing business with endpoint security is a challenge. With the emergence of consumer technology in the workplace, social networking, Web 2.0 technologies and increasingly sophisticated cyber criminals, securing your endpoints is an uphill battle.
Endpoints are no longer bound to an office desk in a controlled environment. Employees install unauthorized and illegal applications on laptops and PCs which can cause increased support calls, performance issues and downtime.
And malware is on the rise. In fact, analysts estimate that 75 percent of enterprises were infected with financially motivated, targeted malware that evaded traditional perimeter and host defenses.1 According to a recent study, more than 21 million unique samples of malicious software were reported. 2
Solid endpoint protection requires a proactive and complete approach that provides true defense-in-depth and is flexible enough to balance user productivity and convenience with enterprise security needs.
Overview
The Lumension Endpoint Protection solution fully protects endpoints from malware and unknown threats while enforcing the use of authorized software. With Lumension Application Control and Lumension AntiVirus, you can prevent known and unknown malware and centrally manage, monitor and control applications. By employing an application whitelisting approach, you can ensure that only authorized applications are allowed to run on laptops, PCs, mission-critical servers and POS terminals, preventing the execution of unknown or malicious code.
Malware only needs seconds to infect systems, and you need your mission-critical servers available 24/7. With the combination of antivirus and application whitelisting capabilities, known malware can be quickly removed from endpoints and only trusted applications will be authorized to run on your servers, locking them down from threats.
With Lumension Endpoint Protection, operational desktop management is improved by eliminating unnecessary support calls and performance issues that come with managing unauthorized and illegal software. And, you can easily demonstrate compliance by enforcing software license policies and by providing a detailed audit trail of all application execution attempts.
Solid endpoint protection requires a proactive approach that is flexible enough to balance user productivity with enterprise security needs. With Lumension Endpoint Protection solution, you can:
How it Works
1. Discover: Scan for and remove all known malware to establish a clean environment.
Identify all executable files, collect profiles and organize into pre-defined
file groups.
2. Implement: Assign permissions for applications to run based on executable, user, or user group attributes; use an application whitelist approach to ensure that only authorized and trusted applications can run on endpoints. Continue blocking known malware and use behavioral analysis tools to assess new unknown code which may or may not be legitimate.
3. Monitor: Monitor the effectiveness of endpoint security policies in real time; identify potential threats by logging all application execution attempts and recording all policy changes and administrator activities. Maintain ongoing antivirus scanning to identify and remove any “dead malware” that, although prevented by application control, is still present on endpoints.
4. Report: Demonstrate policy compliance and ensure software license compliance by drilling down on suspicious behavior for security or legal follow-up. Report on malware prevention and remediation, on behavior of unknown or suspicious code, and on current threat levels.
Key Capabilities and Benefits
Solution Capability |
Benefit |
| Application Discovery: Automatically determine what applications are in use through a non-blocking audit option, as well as through a variety of scanning tools to assess the current state. | Saves Time and Improves Security
|
| Endpoint Security Policy Definition: Define security policy with global and user- and/or machine-specific rules based on organizational needs using a “whitelist” approach. | Increases Security Compliance
|
| Full Signature Matching Capabilities: Recognizes, blocks and removes viruses, worms, Trojans and other types of malware such as keyloggers, hijackers and rootkits. | Protects Against Known Threats
|
| Unique Behavioral Analysis: Protects against new and unknown malware (zero-day exploits) using multiple methods. | Prevents Unknown Threats from Executing on Systems
|
| Comprehensive Cleaning Functionality: Ensures comprehensive clean-up, including rootkit removal | Removes Known Malware
|
| Endpoint Security Policy Enforcement: Enforce your application usage policies across your entire network. | Automates Security Enforcement
|
| Audit and Compliance: Automatically log all network events related to your endpoint security policy. | Enforces Compliance in Your Organization
|
| Flexible / Scalable / Secure Design: Provide organization-wide control and enforcement using scalable client-server architecture with a central database which facilitates load balancing and distributed control. Install tamper-proof agents on every endpoint on the network that are protected against unauthorized removal. Lumension Application Control fully supports both Windows Active Directory and Novell eDirectory / NDS structure. | Adapts to Your Growing Business
|
Source:
Gartner Research, Gartner’s Top Predictions for IT Organizations and Users,
2007 and Beyond, Daryl C. Plummer, December, 2006
www.avtest.org, cumulative unique malware samples reported through 24-July-2009