Faronics Anti-Executable Enterprise 3.5 Protects Against Unauthorized Applications (
Page 1 of 3 )
Application
whitelisting—a security practice in which administrators identify which
applications are allowed to run on a system and deny all others—is all the rage
these days. In situations where users can’t be trusted, strict whitelisting
makes plenty of sense as a part of a more comprehensive endpoint security
policy. However, without enough provision for flexibility and centralized
management, whitelisting products can render
workstations too rigid for mainstream use.
I experienced the benefits and drawbacks of application whitelisting firsthand
in my tests of Faronics Anti-Executable Enterprise 3.5, a whitelisting product that’s available in Standard and Enterprise
flavors. The Enterprise version is basically the Standard version
that’s managed centrally using
the Faronics Core management console. To cut to the chase, I found Faronics
Anti-Executable to be a solid stand-alone
product for strict lockdown scenarios, but I was disappointed with its central
management capabilities and its provisions for flexibility in the face of
software updates and mainstream use.
During my testing, there was a three-day
period of Patch Tuesday, an Adobe update and a Java update. Just on my little
testbed of 10 workstations, it took considerable
effort to allow the patches to be installed, to
allow the updated app to run and to update
the whitelist to continue to allow it to run. In an environment of 5,000-plus machines, this
added burden could outweigh the positives provided by control.
On the other hand, in areas where configurations don’t need to be updated constantly
and where security is the paramount concern, Faronics Anti-Executable
Enterprise does a great job. This is also a much more appropriate use of
application whitelisting technology in general.
For example, the average business user would not tolerate the
intrusiveness and disruption, but on a kiosk or
shared workstation, this would be perfect. Malware can’t run,
keyloggers can’t be installed and all warnings could be silent while non-whitelisted
apps are terminated. Other use cases include workstations in a classroom, POS—really anywhere you want to limit the user to a few
specific tasks and block everything else.
Faronics Anti-Executable Enterprise 3.5 is priced starting at $40 per
client, with volume discounts that can push the price down to $9.99 per client.
Enterprise Applications News & Reviews 
