Lumension -- Sanctuary Application Control

Sanctuary Application Control provides policy-based enforcement of application use to secure endpoints from data leakage, malware, spyware, zero-day threats and unwanted or unlicensed software. Sanctuary Application Control:

• Protects all endpoints against zero-day, malware, spyware, keyloggers, Trojans, rootkits, worms and viruses
• Eliminates the reliance on tedious anti-virus subscription updates to secure your business
• Enforces software license compliance, Sarbanes Oxley, HIPAA and GLBA and many other regulatory requirements
• Enables application monitoring to avoid propagation of illegal, malicious or unwanted code on your endpoints
• Prevents unauthorized application use throughout your organization
• Allows you to test and plan patch deployment with no rush

Proactive Approach to Endpoint Security

By employing a whitelist approach, Sanctuary Application Control enables only authorized applications to run on a network, laptop or PC - facilitating security and systems management, while providing the necessary flexibility to the organization.

Simple, Fast, Flexible Administration and Management

Sanctuary Application Control enables administrators to quickly establish and enforce application control policies by rapidly identifying applications and then assigning permissions at a high level or all the way down to specific application per users, user groups or even a particular computer. Sanctuary links application policies to user and user group information stored in Microsoft Windows Active Directory or Novell eDirectory, dramatically simplifying the management of endpoint application resources.

Endpoint Security Built to Scale

With a three-tier architecture and load-balancing capability, Sanctuary is designed to provide endpoint security to organizations ranging in size from 50 to 100,000 endpoints. Through integration with Active Directory or eDirectory, Sanctuary integrates with your existing technical infrastructure and logical organization. Sanctuary has also been ported to Windows Embedded platforms to protect the growing number of exposed embedded devices.

Endpoint Security for Workstations, Servers and Terminal Services Environments

Sanctuary Application Control is available for workstations as well as for protecting servers and terminal services environments:

• Sanctuary Custom Edition: Enforces a granular policy over user/user groups and their use of specific applications to match complex and distributed enterprise environments, including desktops, laptops and embedded devices.
• Sanctuary Server Edition: Prevents/denies unwanted executables within server environments, stopping attacks on mail servers, CRM applications, web and other critical database servers.
• Sanctuary Terminal Services Edition: Optimizes Sanctuary for the complex thin client terminal environment (both Windows® and Citrix®) by providing granular application and access control over users on business critical terminal services, enhancing availability and stability.