ENDPOINT APPLICATION CONTROL

Prevents Unwanted and Unknown applications from executing

Overview


Organizations are becoming increasingly aware that traditional signature-based antivirus approaches do not provide adequate defense against modern threats and targeted attacks. This is exacerbated by the hundreds of thousands of new malicious software applications being rolled out daily, making it extremely difficult to protect against all potential threats. Without proper protection, you risk losing private company data that resides on endpoints. In addition, the machines can be used as a springboard for malicious threats to enter the network. This increases the need to safeguard data and machines against both inadvertent end-user behavior or unauthorized infiltration and the resulting execution of new unwanted or malicious applications.

 

Trend Micro endpoint application Control allows you to enhance your defenses against malware and targeted attacks by preventing unknown and unwanted applications from executing on your corporate endpoints. With a combination of flexible, dynamic policies, whitelisting and blacklisting capabilities, as well as an extensive application catalog, this easy-to-manage solution significantly reduces your endpoint attack exposure. For even greater insight into threats, user-based visibility and policy management are available in the local administration console or in the centrally-managed Trend Micro Control Manager

 

Software

Protection Points

  • Endpoints
  • Servers
  • Embedded and Point of Sale (POS) devices

 

Threat Protection

  • Vulnerability exploits
  • Malicious applications (executables, DLLs, device drivers, Windows® store apps, and others)

 

Key features

Enhanced Protection Defends Against Malware, Targeted Attacks,
and zero-day threats 

  • Prevents potential damage from unwanted or unknown applications (executables, DLLs, Windows app store apps, device drivers, control panels, and other Portable executable (PE) files)
  • Provides global and local real-time threat intelligence based on good file reputation data correlated across a global network
  • Interconnects with additional layers of security to better correlate threat data and stop more threats, more often
  • Leverages threat data analyzed and correlated from 347 million unique files and 4+ billion good file records (Trend Micro smart Protection Network)
  • Integrates with Trend Micro Complete User Protection to complement antivirus, host intrusion prevention, data loss prevention, mobile security, and more

 

Simplified Management Speeds Protection

  • Increases convenience of implementing granular control with a customizable dashboard and management console
  •  Uses intelligent and dynamic policies that still allow users to install valid applications based on reputation-based variables like the prevalence, regional usage, and maturity of the application
  •  Provides greater insight into threat outbreaks with user-based visibility, policy management, and log aggregation. enables reporting across multiple layers of Trend Micro security solutions through Control Manager
  •  Easily deployed using existing OfficeScan endpoint security or other third-party deployment tools
  • Categorizes the applications and provides regular updates to simplify administration using Trend Micro’s Certified safe software service 

 

In-depth Whitelisting and Blacklisting Blocks Unknown and Unwanted Applications

  • Uses application name, path, regular expression, or certificate for basic application whitelisting and blacklisting
  • Contains broad coverage of pre-categorized applications that can be easily selected from Trend Micro’s application catalog (with regular updates)
  • Ensures that patches/updates associated with whitelisted applications can be installed, as well as allowing your update programs to install new patches/updates, with trusted sources of change
  • Features roll-your-own application whitelisting and blacklisting for in-house and unlisted applications
  • Delivers unparalleled breadth of applications and good file data 

 

Compliance With Internal IT Policies Helps Reduce Legal and Financial Liabilities 

  • Limits application usage to a specific list of applications supported by data loss prevention (DLP) products for specific users or endpoints
  • Collects and limits application usage for software licensing compliance
  • Features system lockdown to harden end-user systems by preventing new applications from being executed 

 

Key benefits

  • Protects against users or machines executing malicious software 
  • Further simplifies deployment when used with Officescan 
  • Provides advanced features for centralized enforcement of corporate policies with Control Manager 
  • Utilizes extensive categorized application catalog (analyzed and correlated threat data from billions of les in the Trend Micro smart Protection Network) 
  • Employs dynamic policies to allow users to install valid applications based on many reputation-based variables such as prevalence, regional usage, and maturity 
  • Progressively filters out threats using the most efficient technique for maximum detection without false positives.
  • Blends signature-less techniques including high-fidelity machine learning, behavioral analysis, variant protection, census check, application control, exploit prevention, and good-file check with other techniques like file reputation, web reputation, and command and control (C&C) blocking.
  • Trend Micro is the first to infuse high-fidelity machine learning which uniquely analyzes files not only before execution but also during runtime for more accurate detection.
  • Noise cancellation techniques like census and whitelist checking at each layer reduce false positives.
  • Instantly shares information on suspicious network activity and files with other security layers to stop subsequent attacks.
  • Advanced ransomware protection monitors for suspicious file encryption activities at the endpoint, terminates malicious activities, and even recovers lost files if necessary.

Platform Architecture

Trend Micro endpoint application Control can scale up to 20,000 endpoints per server and more with a cluster of servers or multiple servers managed by Control Manager. As an on-premises software application, endpoint application Control integrates with other Trend Micro threat protection solutions to enhance overall malware protection. Two components are required:

  • Server installs on supported Windows platforms and is managed through a web-browser
  • Agent installs on supported Windows platforms

System Requirements

Minimum recommended server requirements

  • Microsoft Windows server 2008 and 2008 R2 (x86/x64)
  • Microsoft Windows server 2012 and 2012 R2 (x86/x64)
  • (Optional) IIS v7.0 or higher with these modules: CGI, ISAPI, ISAPI extensions

  • Processor
  •     1.7 GHz Intel Core i3 (2 CPU cores) or better 

  • Memory
  •     6 GB RAM recommended

  • Disk Space
  •     45 GB of free disk space 

Minimum recommended server requirements

  • Windows (x86/x64) XP Editions
  • Windows (x86/x64) Vista Editions
  • Windows (x86/x64) 7 Editions
  • Windows (x86/x64) 8, 8.1 Editions
  • Windows 8 and 8.1 (x86/x64) Editions
  • Windows (x86/x64) 10 Editions
  • Microsoft Windows (x86/x64) Server 2003, 2003 R2
  • Microsoft Windows (x86/x64) Server 2008, 2008 R2
  • Microsoft Windows Server 2012, 2012 R2
  • Windows Embedded Enterprise, POSReady 2009, POSReady 7, XPe, Standard 2009, Standard 7

  • Processor 

    300 MHz Intel Pentium or equivalent 

  • Memory

    512 MB RAM

  • Disk Space:

    350 MB