Download this presentation to learn how your organization must implement a defense-in-depth approach that goes beyond standalone anti-virus to effectively prevent malware. In this presentation, you will:
*Learn what intelligent whitelisting is and how it addresses the challenges associated with traditional whitelisting technologies in dynamic environments
*Explore how intelligent whitelisting delivers a proactive defense that fills gaps left open by reactive solutions such as anti-virus
*See a live demonstration of Lumension Intelligent Whitelisting and how it integrates three levels of endpoint malware defense – patch management, antivirus and application whitelisting – into a single solution and workflow with one agent and one console
Using Intelligent Whitelisting to Effectively and Efficiently Combat Today’s Endpoint Malware
1.
2. Brought to you by Speakers Chris Chevalier, Senior Product Manager Chris Merritt, Director of Solution Marketing http://www.lumension.com/Solutions/Intelligent-Whitelisting.aspx
4. Whitelisting is critical for defense-in-depth against endpoint malware No substitute for patch and AV but both are: Reactive Negative security model Straining to deal with pace and sophistication of today’s financially- / politically-motivated attackers
5. Whitelisting is critical for defense- in-depth against endpoint malware For real defense-in-depth Additional layer needed Fundamentally different approach Application whitelisting Proactive Positive security model
6. Whitelisting also helps addressrisks inherent with local admins Neither patch or AV protect against end-users with admin authority Adding unwanted software Accessing/modifying restricted system settings Regedit, ftp, telnet, security settings Whitelisting prevents local admins From installing new, unauthorized software Or accessing restricted system components
7. Challenges with traditional whitelisting Each PC is unique PCs are not static Starting from a pristine environment unrealistic Identifying trusted applications Endpoint uniqueness and Constant Change Existing PCs Needing Immediate Protection Identifying ALL trusted applications Challenges to Application Whitelisting
8. Making whitelisting intelligent Acknowledge the uniqueness of each PC Ensure user productivity by making more intelligent trust decisions Recognize trusted agents of change Progressive implementation
9. Treat each PC as unique Implement local whitelist for each PC Based on software already present New malicious or unwanted software instantly stopped Existing unwanted software addressed Blacklist Later policy development Centrally build list of all software present throughout all endpoints To be leveraged as prevalence knowledge
10. Trusted agents of change Whitelists require continual maintenance since PC software is constantly updated Specify trusted agents of change e.g. patch agents, system management processes and other software deployment agents No coordination or maintenance required by IT staff when software updated
11. More intelligent trust decisions Trusted updaters Trusted publishers Trusted paths Denied applications Trusted authorizers Leverage Prevalence information collected by agents
14. Brought to you by Speakers Chris Chevalier, Senior Product Manager Chris Merritt, Director of Solution Marketing http://www.lumension.com/Solutions/Intelligent-Whitelisting.aspx