McAfee Application Control

McAfee Application Control Overview:

McAfee Application Control ensures only trusted applications run on servers and endpoints. It reduces risks from unauthorized software, boosts endpoint control, extends the viability of fixed-function systems without impacting performance, and lowers operating costs.

Description:

McAfee Application Control gives enterprises an effective way to block unauthorized applications on servers and endpoints. Unlike simple whitelisting, Application Control uses a dynamic trust model, which eliminates the need for tedious manual updates to approved lists. As enterprises face an avalanche of unknown software from the web, this centrally managed solution adds a timely control to your systems security strategy, attuned to the operational needs of enterprises.

Business Efficiency in a Controlled Environment

McAfee Application Control augments blacklisting, real-time reputation awareness, and behavioral approaches, helping IT to consistently enable the known good, block the known bad, and properly handle the new and unknown.

Our dynamic whitelisting trust model reduces costs by eliminating costly manual support associated with other whitelisting technologies.

Complete protection from unwanted applications—Application Control extends coverage to Java, ActiveX controls, scripts, batch files, and specialty code for greater control over application components.

Viable security for fixed-function and legacy systems—Application Control uniquely extends a layer of protection to fixed-function devices, such as kiosks and point-of-sale (POS) terminals, and to legacy Microsoft Windows NT and 2000 systems.

Flexible, affordable, and secure—Application Control dynamically manages whitelists, making it easy to support multiple configurations for different business needs: POS terminals, back-office servers, and multiple desktop images for different user profiles.

Scalable, centralized management—Application Control leverages your investment in the McAfee ePolicy Orchestrator (ePO) platform. McAfee ePO provides remote deployment, which means you can easily manage and report on large enterprise rollouts from a central location.

Benefits and Features:

Solutions:

Increase Control over Fixed-Function Systems

In regulated industries such as banking, retail, manufacturing, and critical infrastructure, devices such as point-of-sale (POS) terminals, customer service terminals, and legacy Microsoft Windows NT and 2000 systems perform critical functions and often store sensitive data.

McAfee Application Control is ideal for extending a layer of protection to systems that are fixed function in terms of CPU or memory resources. Its low overhead footprint does not impact system performance, requires very low initial and ongoing operational overhead, and is equally effective in standalone mode without network access.

Figure 1. McAfee Application Control extends a layer of protection to fixedfunction devices such as kiosks, POS terminals, and legacy platforms to reduce customer risk exponentially.

Dynamic Whitelisting via a Trust Model

Leveraging a trusted source model, McAfee Application Control eliminates the need for IT administrators to manually maintain lists of approved applications. Only authorized software is allowed to run, and it cannot be tampered with.

Figure 2. Secure update flow

Small Overhead Footprint

McAfee Application Control is a low overhead software solution.

• Easy setup and low initial and ongoing operational overhead
• Minimal impact on CPU cycles and uses less than 10 MB of RAM
• No file system scanning that could impact system performance
• Designed to work in disconnected and in "offline" mode

Figure 3. How dynamic whitelisting works:

0. Full automatic discovery of all executing software on the system
1. Pre-computation of an extremely lightweight runtime system
2. Fully automatic code admission control during system maintenance

McAfee ePO software consolidates and centralizes management for all McAfee products

By using a single, integrated management platform, companies greatly reduce the number of IT managers needed to manage endpoint security with multiple consoles. With the ePO platform, IT can:

• Access centralized event monitoring, reports, dashboard, and workflow through a single, webbased management platform
• Deploy, manage, and update agents and policies from one management system

Integration and Compatibility with McAfee Solutions

McAfee Application Control integrates seamlessly with McAfee Change Control to deliver stronger enforcement and compliance to system IT controls. Change Control provides change prevention and real-time integrity monitoring to minimize drift from corporate systems standards for compliance.

McAfee Total Protection for Endpoint customers will also benefit from enhanced control of endpoints and servers. Application Control complements the behavioral and signature-based protection delivered by McAfee Host Intrusion Prevention by eliminating unauthorized software to the enterprise environment.

McAfee Application Control has been designed to operate in a variety of network topologies and firewall configurations.

System Requirements:

Supported Operating Systems (OS)

These are minimum system requirements. Actual requirements will vary depending on the nature of your environment.

• Windows NT*
• Windows 2000/2003/2008
• Windows 7
• Windows XP/Vista
• Windows XPE
• Windows XP/Vista (64-bit)
• Windows 2003/2008 (64-bit)
• Windows CE 6.0
• Red Hat EnterpriseLinux 3/4/5
• CentOS 4/5
• SUSE Enterprise Linux 9/10
• Oracle Enterprise Linux 5
• Solaris 8/9/10

*These platforms are not supported by McAfee ePolicy Orchestrator (ePO) or work in standalone mode.

Documentation:

Download the McAfee Application Control Datasheet (PDF).