Critical systems are increasingly targeted because they contain the most valuable information. These systems cannot afford a moment of unscheduled downtime or performance degradation as they are the lifeblood of the organization. Companies whose systems hold highly sensitive data must utilize a solution that can guarantee their data won’t be breached or stolen.
Application Control is the answer to reducing layering multiple, ineffective security products, which is costly, creates risk and jeopardizes performance. Below is the Application Control FAQ:
1. What is application control?
Application control is a security model focused on allowing known “good” applications to run rather than blocking known “bad”.
2. Where should application control be use?
Application control is use to lock down data centers and critical systems such as servers domain controllers, servers, card data environments, fixed function devices, high-risk endpoints and EOL legacy systems.
3. Why do I need application control?
Security experts including the FBI, the Department of Homeland Security, Gartner and NIST all agree that application control is the best security strategy for critical systems.
4. Why is application control more effective than antivirus?
Using a ‘Default Deny’ approach, application control stops known and unknown malware, non-malware, zero-day and ransomware attacks by preventing unwanted change. No signatures, definitions or behaviour patterns are required.
5. How does application control work?
By only allowing trusted software to run, application control will stop exploits and reduce the administration associated with system and application patching and updates. It also monitors behavioral indicators of malicious activity and conducts continuous recording of attack details to provide rich visibility into everything suspicious that attackers attempt to do.
6. Isn’t application whitelisting very tedious?
No. It has the capability to automatically approve software based on cloud reputation services, IT-based trust policies and out-of-the box templates to eliminate the burden of whitelist management.
7. How does application control prevent the computer from being compromised?
Application control ensures that only trusted and approved software is allowed to execute on an organization’s critical systems and endpoints.
8. What types of applications can be controlled?
Any types of applications can be controlled as long as they are file-based applications.
9. What if the application has patches/fixes/updates, will it be blocked?
There are various mechanism to ensure that software deployed is automatically approved, including automated risk assessment of new files.
10. What happens when a file or application is being blocked?
The file or application will not be able run; and for a good reason since all files should be verified in test environment before being deployed in production. Furthermore, these files could be malicious and should be block.
11. Are the USB ports secure as well?
Yes, the use of removable devices via USB can be restricted. This is to block unauthorized users from copying files out of the machine into the USB.
12. What platform does it support?
- Windows XP, Server, Vista, Embedded, POS
- RHEL Linux
- CentOS Linux
- Oracle RHCK Linux
- Mac OS X
13. What is the impact on machine performance ?
Application control agents are designed to be high-performance and low touch, even as low as Windows XP, Pentium 4 processor with 256 MB RAM.
14. How is application control deployed?
Application control agent is deployed into the machine by either a simple “1-click” process or with software distribution tools. Except for Windows XP, no reboot is required.
15. Can application control work offline?
Yes, application control complete critical system protection is designed to work offline.
16. Can users bypass the application control agent by disabling or stopping it?
No. The agent is designed to be tampered proof with detection and cannot be disabled by any means nor can it be removed by user.
17. Can application control meet regulatory requirements?
Yes. It accelerates compliance by meeting many of the requirements in regulatory standards and frameworks, such as PCI-DSS, HIPAA/HITECH, SOX, NERC CIP, GDPR and NIST 800-53
18. Can application control coexist with antivirus ?
Yes, while application control can work with antivirus, it is not necessary when application control is implemented correctly