Endpoint security through whitelisting
The latest release of McAfee Application Control is integrated with McAfee Global Threat Intelligence to show the file reputation of every file in the enterprise. This feature coupled with whitelisting and memory protection makes it an ideal solution for blocking advanced persistent threats and zero-day attacks.
The solution is centrally managed by McAfee ePolicy Orchestrator software and uses a dynamic trust model which reduces costs by eliminating expensive manual support requirements.
McAfee Application Control is now a powerful solution for corporate desktops with the introduction of a set of desktop-specific features including friendly end-user notifications and approval requests. Protecting the desktop and the endpoint is essential as that is often a vulnerable point subject to human error.
Employees and online users can unintentionally introduce software that installs malware, creates support issues, and violates software licenses – compromising systems and the overall business. McAfee Application Control allows only trusted applications to run on the company’s endpoints and servers.
McAfee Application Control key features:
McAfee Global Threat Intelligence – a cloud-based knowledge of reputation of files which is used by McAfee Application Control to classify applications as good or bad. This feature indicates whether any malware is being whitelisted inadvertently and also highlights files without a reputation, which need to be investigated internally.
Dynamic Whitelisting – can configure it such that the whitelist will grow dynamically when systems are patched and updated, which alleviates the hassle of manual updates to the whitelist.
Memory protection – helps ensure that the whitelisted programs which might contain some inherent vulnerabilities cannot be exploited through a buffer overflow or other means. This feature helps prevent complex threats from circumventing whitelisting.
McAfee ecosystem – well integrated within the McAfee product ecosystem to create a multi-faceted whitelisting solution. Integration with the ePolicy Orchestrator platform gives organizations a single security console to manage all their security solutions, thus improving operational efficiency. Additionally, integration with McAfee Risk Advisor helps prioritize which systems to patch first and offers visibility on whether or not McAfee Application Control gives them coverage from the most recent threats. Building upon the whitelisting capabilities is McAfee Host Intrusion Prevention which can be used to firewall files with unknown reputations.