LiveZilla Live Help Please call me back Assess your risk Click here for the Lumension 2010 eSeminar series
Follow Preventia on Twitter

Lumension® Endpoint Management and Security Suite

Preventia is a Lumension

Lumension's Application Control® (LAC) and Device Control® (LDC) provides endpoint security through the use of a proactive approach that enables only authorized applications to run and only authorized devices to connect to a server, terminal services server, thin client, laptop or desktop.

Facilitating security and systems management, while providing necessary flexibility to the organization to easily enable the use of new/upgraded applications or devices.

 

 
Overview LAC LDC Knowledge Centre
 
data security solutions
information security systems

Lumension® Endpoint Management and Security Suite

 Lumension

Lumension® Endpoint Management and Security Suite (LEMS) controls provide the necessary controls to secure endpoints from unknown software, malicious code, and unauthorised applications as well as to manage and secure inbound and outbound data flow from endpoints.

Lumension's endpoint security solution ensures the confidentiality & integrity of sensitive data by enforcing encryption when copied to removable media. Lumension controls also show the effectiveness or ineffectiveness of an organization's endpoint security policy, by providing detailed audit information that shows successful and unsuccessful attempts to connect a device or execute an application on a protected endpoint.

  

Product Highlights:

  • Enforcing endpoint security policies, preventing malware, viruses, spyware and zero-day threats
  • Controlling & Monitoring the flow of inbound & outbound data
  • Safeguarding the confidentiality, integrity & availability of sensitive data on desktops
  • Protecting against network & desktop security breaches
  • Detailed Audit trail of all device & application execution attempts, by tracking data that is copied to and from removable devices
Please quote me Call me back

Lumension Application Control®

 Lumension

Feature

 

 Function Benefit
Whitelist Assign permissions for authorized applications to users or user groups, and by default those not authorized are not allowed Eliminates unknown or unwanted applications in your network, reducing the risk of malware and spyware and ultimately improving network stability
Standard File Definitions Classified, pre-loaded whitelist of all supported OS files Speeds and simplifies whitelist definition
Automated Application Discovery Process of identifying, categorizing and authorizing applications which produces a record of all executables on client computers, file servers and/or local directories Provides flexible and fast options to create or update whitelists
Automatic Authorization of Software Updates Automatic authorization of Microsoft software updates through integration with Windows Updates: SUS and WSUS Eliminates risk of accidentally restricting user access to frequently updated Microsoft applications
Script / Macro Protection Controls the execution of specific VBScript, Microsoft Office VBA and JavaScript with central authorization or a prompt to local users Extends application policy enforcement to include specific scripts/macros, enabling business without compromising protection
Path Protection Optional file authorization based on location or path rules; Create a trusted owner, such as administrator, to reinforce security Provides flexibility to support executable files for which hash definitions are not useful or applicable (i.e. auto-changing .exe files)
Non-Blocking Mode Execute and log activity for administrator review Enables Lumension Controls to identify current state before defining and enforcing policy
Flexible File Authorization Versatile File Processor (FileTool.exe) enables directory and subdirectory scans to discover new applications and packages while online or offline Provides flexible and fast option to identify new and updated applications for review and ultimately to generate whitelists
Nested Executable File Groups Hierarchical structure of organizing file groups Provides fast administration of file groups and assignment of user permissions
Relaxed Logon Executes logon scripts without authorization and automatically switches system into blocking mode after either a set of time or at the end of the script Eliminates need to administer logon scripts in Lumension Controls without compromising the security of the system
Local Authorization/td> Trusted users can authorize applications locally, while maintaining a log for administrator review Delivers flexibility to the user, without giving up administrative control
Spread Check Disables suspicious executables that are locally authorized on too many computers Contains risk of malicious code spreading through network due to local authorization
Highly Scalable Architecture Three tier architecture with Database, one or more Application servers, and Client Provides flexible and scalable deployment options in large and complex networks
Powerful Log Analysis and Reporting Detailed log analysis with flexible filter, sort and display options and stored query templates as well as central reporting Demonstrates policy compliance and drills down on suspicious behavior for legal or management follow up
Offline Computer Protection Local copy of updated hashes and permissions is kept on each machine Ensures that remote/ disconnected users are constantly protected
Active Directory and eDirectory Support Leverages user and user group definitions in existing Active Directory and eDirectory Reduces setup and maintenance of users and user groups
Multi-Language Support Supports 12 languages on Lumension Controls client machines Improves user experience in international organizations
Custom Reports Custom query templates can be scheduled to automatically generate reports in HTML, XML or CSV formats and delivered via email or network file share Extends application policy enforcement to include specific scripts/macros, enabling business without compromising protection
Please quote me Call me back

Lumension Device Control®

 Lumension

Feature

 

 Function Benefit
Whitelist Assign permissions for authorized devices to user or user group, and by default those not authorized are not allowed Eliminates unknown or unwanted devices in your network, reducing the risk of data leakage
Policy Controlled Encryption for Removable Media and CD/DVD Administrators may centrally encrypt removable media and CD/DVDs or force users to encrypt media and CD/DVDs and the time of use Ensures that sensitive data is not inadvertently exposed to those without authorized access
Uniquely Identify and Authorize Specific Media Authorize DVD/CD-ROM collections, grant access to users or user groups and encrypt removable media with unique ID's Limits DVD/CD-ROM access to company standard discs, to avoid use of unauthorized content and/or encrypts removable media to prevent unauthorized viewing
Flexible Policy with Granular Control Permission settings include read/write, scheduled access, temporary access, online/offline, I/O bus type, HDD/non-HDD devices and much more Eliminates risk of unauthorized devices connecting to the network while providing the flexibility users demand
Plug and Play Devices Detect Plug and Play Devices "on the fly" Ensures user productivity is not disrupted by applying permissions for plug and play devices when detected
Patented Bi-Directional Shadowing Option Shadowing technology records data that is read from and/or written to a removable device Captures the flow of information into and out of your network, reducing risk and containing data leakage
Data Copy Restriction Restrict the daily amount of data copied from an endpoint to a device on a per-user basis Removes risk of large pieces of confidential information leaving the network
Role Based Access Control Assign permissions to a user/user group based on their Active Directory or eDirectory identity Provides granular user permissions that remain with user login regardless of machine
PGP Whole Disk Encryption Administrators may optionally enforce standard FIPS-compliant encryption technology with centralized encryption key management and support for large secondary hard drives provided by PGP Whole Disk Encryption Ensures that data on external devices can be protected with FIPS-validated encryption
File Type Filtering Control the type of files that are moved to and from removable devices Reduces risk of unwanted files (or malware) from entering and sensitive files from leaving the network
Password Lockout Lockout users after three failed password attempts Reduces risk of hackers breaking into lost or stolen devices
Password Recovery Recover access to devices when passwords are forgotten or user leaves company Enables recovery of encrypted data on devices
Multi-Language Support Supports 12 languages on Lumension Controls client machines Improves user experience in international organizations
64-bit Platform Support Utilize and protect powerful 64-bit business infrastructure with Lumension Controls including agent support for 64-bit Windows Server 2003, Windows XP and Windows Vista as well as 64-bit support for SQL Server 2005 Delivers device control capabilities for both 32 and 64-bit platforms.
Please quote me Call me back
data loss prevention