Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


McAfee Integration with Bit9 Underscores Growing Support for Application Whitelisting



 By: Brian Prince
2008-10-23
Article Rating:starstarstarstarstar / 3


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
Anti-malware vendors are increasingly embracing application whitelistinga security trend underscored by Bit9's integration with McAfee ePolicy Orchestrator. McAfee customers will be able to manage Bit9's whitelisting technology through ePO as a result of the integration, as well as access Bit9's database of software.

McAfee and Bit9 products tied the technological knot recently, providing another example of anti-malware vendors embracing whitelisting.

Now certified by McAfee, Bit9's whitelisting technology can be managed by McAfee ePO (ePolicy Orchestrator). Bit9 Parity for McAfee ePO allows McAfee customers to use application whitelisting to control unauthorized software and devices that run on their laptops, PCs, servers and kiosks.

By adding Bit9 Parity for McAfee ePO, security pros using ePO can whitelist approved software and devices and allow them to execute. Meanwhile, unlicensed, unauthorized and malicious programs will be blocked. Users will also have access to Bit9's Global Software Registry, a database of intelligence on software.

Resource Library:

Click here to read about Microsoft's out-of-cycle patch for a vulnerability hackers are already attacking.

Given the growing amount of malware threatening IT operations, whitelisting has become an attractive layer of defense. Earlier in 2008, Symantec CEO John Thompson spoke in favor of whitelisting at the RSA Conference in San Francisco. In addition, other vendors such as Kaspersky Lab have hopped aboard the whitelisting train as well.

"I do see endpoint security vendors building in elements of whitelisting," said Eric Ogren, principal analyst of the Ogren Group. "Lumension has it, Symantec has some and there is always Bit9, CoreTrace and AppSense. They don't always promote it because they print money with signature annuities, but the major vendors are sprinkling in [whitelisting] and behavior because that's the only way to keep up with the volume of attacks for agent software."

To read about McAfee's new NAC Module for Network Security Platform, click here.

While whitelisting is clearly more effective than blacklisting given the never-ending proliferation of malware, it is still reactive, noted Gartner analyst John Pescatore.

"We still need advances in application control, sandboxingessentially behavior limitation of unknown executables that will never be on either the whitelist or blacklist," Pescatore said. "Bit9 does some of this, SoftSphere Technologies and many other host-based intrusion prevention products do as well. But since it breaks the signature-dependent model, the AV vendors are always slow to move in that direction."





  Reader Comments: McAfee Integration With Bit9 Underscores Growing Support for Application Whitelisting
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Brian Prince
 


x}ks8q8c=mGJɶkcY^K7SJE1EjIʎf7n|AI~L&3%lݍFw?IturF3k}jxޢ>? ?Xf0TEK \Ϥ^-Am۟@Ou 5rj9:ruz=>;|9|@D%cjAM&#{Fm_&2z5ܯ3 fE1;&I=Mk9JGD~=K;="?+BW⻶eMaoN w"Ntod9 Q)*X^P~D;ǎq {f ;U'iS[w@Sա*v25v+!6^;r9ȹ׳o[h=7d#7t#205NRZ [XdTZ Ӂk)u8r z08ryj5jfO,{n_w$z(֝z$]+~bA2xưaqHo*! lpa+p'Ç uȭB¿{k׳߂ݸy1̳ߌ`E-"'l,R ?q7uLa5LjXErؗ#Yͼ`F3l˸;4 XSKC(DžJ|╇o[쫅S;Qk~{UMSvuq#GAmkh[J"ZA;hNo:y\u>7//Ƀ-N|'[L'0QT&*rp]sܶ:]r޹!gϭfY; i Ofɟk*Ꟈz O{:$z>5401\]Z-Jj=2Ogޗ&)I|[8E}I y[-t[W9K }!z#w#EX*,>JAͼ94o o$NE ;- uvPy۬1MXrƒ tK3뾖;nZK=0[-RFpƺ\ Дaלذ 1"% hJ@M XRU>hI"E[fŢKdoF" 23~B(:pHqbNbO}૆Ź!jYY6'*taeIUi [ӢKsQ}iuOfЄ)WC EhYf7-vI%QM}{Qc1x,Vr*ǿX@8ʍ??6m!SGñA SM:gv` 0h vz1>PӚMjqOCGs>H2胎6ml8-" ,70}HG:QI4wX0x=cOg6%_¤>< v&ztmP`5$GC-ߟL=s#08wɽ5y0+wK@b!LTM}PCn@ }S(r`OA}&`sDoe93(_x?ɜ+) Lt =JIAL}Nt"AђF *4 gsX"K"''s`[X;;.VKŤ\*y"Jm':.ݑWK"ڹLX*QY,p[/ ͙JRd0U Q򍜈="`&Qea*0pRx5Vn-`oʱ& 2,XCtH{2l4` [N@t0OiH\U}N`9y~Lh?w O}O Sf335g{00q}c] k9tݴyFˁ2$rTDL˄r6=gէSۢf|a* ,q;riׁfX8Õtznré&9I9;m9wT۪v39n(!+hWY 2cdRU 9:[ȭM7)\IYbTড়rH1g0d{Oq=7Rt'ZC+>q^i.;[@Oe]Zr{{#Uv/KƠT:?ouR@,Ho` m_EڠueLGiK-# IPצ(X +ezdxy62&CŸä 7Qy]{gO!>7l`(`V571)Kۊ0q4EēXjgܱ% 6%P$wS~0;[1P.m^Xީ;}6&ݩ?vl2>s G,Sp1hBJeHw:vgJoX*,b3)4&61Sbzq 0b=IߛO9pJ]{>Z:]. aGjHKWk8&MI8` ;DzۣSh2F,áeHu߲ӧ㎃WKH.Z`"!f6,ƴ'i?怚H|A2,exY΁=mQ]v)'9Yw$ FiLRKm9hzh_Gsk@b8"T2paLH7] eaðyU_z?2k#Xh;pYb~& >Bkd&B [O;$!WTnLb ֚΄Ou#_g>Ѐap:pHE&A|Zkh y| *j1-[ (h [zpEabItHM!rB3]]=1挮~x!VBLqQT*8+0ϸo燼N$p/q}m/?1Ykο(}zK]G>W.̇G>MqZcv"O`^+o@|Y;e>^Ik01Sle`Sxt b=X7\U4Uud XY 0X>A,Ca&:`LE McgԿC\teۏTWUWL jf h> '3Dž5e ֟Ԃ!b_@TrX-=kxE0Tkqfv1FcwŎΒ g54ō'&Z3cšk+4C 㔁z3MdhHh^._Qm(}g<4>~ovgf텛++)K4Wqo@ȋW!G:cˤW6n&01"4eP?G]մR 1F)|63kl3gfuqWKUfÕЙz7uO`uL] ;L4;30\}lĝAkF D;lC &BJAy^IVbWa;9lf#<,hn͵] 7f>qDvT| `5{~G0.lq)%\.Ui {2u9pdZ;iJ3郦MGnR X%7:^ivM$cﱖe:Tg FBR%%f퓨萫YA#'.ɢ6A)™M`8Okhs%sp:'S6PFzʇ!I#yF0×w'G@lB=2)ŒtH]6mfa2J4D 풮q:bௌT)wUU 4*ijAROCsw@Fl_zĢ tDwe2qy4(b0Di@ &yXu}aE䦳T.jZb[)UʹB!m4G\0R,Wbxp?l]Z.+ad9#T`| @-a'd1s<6ɷ06njKSXr|MN?K{e, ,"zR=.=2 杨V(Yŵ .y48&oן_81@dE1 7k{$s?l4)F:~ݕDw{?ܶzGUO:o[_ ?Kt[V00fE/:ޏWKӯ{Zj\c0MC~ZWg17OWgRa\dLR(1I]0t̮^׍醿ð ]6{a孀7ۓtzN[i7n>ėtO;~\R1^Z`&1AGԸl}:b<*aٸ O=n48Z&IE2D cj<72l&zA5qܜ5o8`pB|0c-ɅH'bl faEq4f2xy_aݪ,d"0!&WtrZE9ǀzB*q^_6Dǎ:KerP^S(+RJ)"4FYO |Κg <@9NgpD~m\/Eb}CGqbx'~@0E;\|1{~R=_GoQM21J}ɈӍ1A/p9GQf0x.&4N%yWy#+xEJrkܩV3]vY?yxXDD1uUG i\}]&'M_ |2$?[н>5?y{l o&<)sǣA3g伅*v[)=hKtܗ{qO n<]1n逧^glL'#I"ɫ:w7}\8%++xs|/'C1@7YM d3DoӼ4hApl3O7C]j~d_s1T7?_gpKw z 7>+-R!EkEwWUK O7ʢE'%:mחF}޿V5BĬhw4hTɁo !Ok O=pԴ٩y|yg>,d9a}40[ɱ=Ι2F'`-ݺܭ)“g$`GDA|ug涣A jm3Z0\k9f>V2OBc+YT^?1;o+N{kE v™)[ &/5;S&5ş!1 %CKдg=.00AQ/rK[⹏^}:lQۏo%~!Ӊ*Ͷ9-C`6CJZP}DS'b1m:#zDz3AJTf9Pe~ۯ?#0u9u=KS$QN`I-oOmƨ# ݙwO*a쐲" @ٜzhfd%Գ̚Z,)/̇5dLf.kD%q Gƛ&` #^WH/;!+1r9:.ֻш2Yp8xG`,OaXc6㤟D9ҷq)ԄS-D~tut*dPǃ ? mCm@-` rF[#6|p4uYDx>1Lأw%1Z{syW.aAH~wZ9 wrRJX,|?ɒ+v>oWHJCym"Ք[PMcn4jY;֪tiVS.W"jrgԈ ؀a}j;FYboOSSjH od$9gFI4W%[!*Z߾LRܖi*/4\EJ&+0cpJfوl±]G8:a \;uf5gq$#zb$lI,_grHSo.I{%-g\9d[ LX0I ŵz,$ԂXԟl6@HqKCҭ~O%w(ua PJCxyzS/g>V6`KBN@`[EHEX[$akDdgd!njcpg/C[7SXNװ-|LXW`|?$<H_UQ2X;fV':!5lO/^C~z|?>Ytm a) #' RQdn:C/e"<"G\}oϝ$$4e=k)KD?hy2ЌTѪg/P x1o|Vޘ",r!zͷj!sDO9D8 "}Q$ٕ_fHCwf긺 s#]TF7yyWa8"to6Q GHĽerNϺ=#Q~n~qEN10t!ږ9a2xÝUD@\ W`q,*)jTY{[|?OtԗyWBtGn)p= 8p&FH.Kp#Z=jSSw7=5p6?U_rW|kofN@'HoHeɵf5^ NeMym$5?h۾c+@m-ն-0V'EQZOA7*G'=]6c5ˍsflz؆_? ZRˬk$I3Ʊ+}[i8IFT0̭,Idf˃?ySD\/cb!>i'ܻF:?0_ӷ/K{~i[ xT_ݷ8<V̫ذd=ITF [s-{8R[~x~1D1;ŒD7,\;6 #^tEw'y{Ld0M8eD)`6; ?(oCu&/#[yωX= ? KH)PG%]!D~&S t'8q/d(&>y|? [D:!pS/]x?*ǝ@ ڳ{~!0FawǶ=ӪV˸pIX(&-&%8BYWPX8!L(Ջذj~rmz> 5V8EH-96AI]I a!/(!/D.-qaI{-b&$t: auEMm& kav*bl\M'p.$XD Ň>޸ K&5\A9^Pl&qn/ \95͂E tMc%5W(j~zz_ZbiE.c 2AS}*5fL:P;qU6'a<::BMDEwTBhfxOkp)؜>3-iM13bcCyml+=umc;bmj+LxE^8Ow| 􄼥޼vgO%YձH7lݹ[pjy"iE8acّ3@`m 4,\ <\πTnA4`C"pR%264Z߱VPJj\={(9ۣ훞= `zEh#usg楒V,T)̛gItxd kHх% cY(цr}TK;TI`o3owbWϖ0-^`wUqji\-c:e=1d#A`ݥDm+i!'Z,Yd2s/0ڱJ R ݛ/SRmF νz_`yZ~\`{q˰̎,Yqc[RJBYIc0 ":;M[f:';~  D"Na8{G*%_[G׿9ʇ1f=D@ }Tbt4dWObD )n3FwCˠOc+ӘP4b̈C c Ą[)bUfwܠ~z*ڟOe^f} B ZU{N dM,[|Uo|%wR[lyѦ+OzoV0*wA>po4xSPʕU+%=&Өa3l@"r? I:N9~^PobM#b2zސqw5D>doX{+$ʽOg-<-RWld""@ՈP_޼m6?"?4Zy۽lz͛.zxX2`g Lp@##}``ctc~ 'lI<R+Y»"(S[]ă02]wq8=qWiNl +fɻS:rtT(ʁ2|{` f> cWm[7Υi,FZ<& .ycI 8^yN4YKdHFgutl2 =܇>RXX_1[> MꪂOJBveX &zDbo/Ͳ-{8~9BOz%ruW0`A-'i92dg4t\K= ,C? &O=lFLrח_y4MIN7^sEN[<^m[8j?N9}9\9o]5oZW\`&hT/楾,g:KFYn2;eFq('WPksYx9% e*w8;՚S:|7 t{r:X)` ѯ\js@1@C|m^6O{sCx_m\;^fB7P~(@y'9 hp(?@ |OPi}E+Wh/oꭳr_+i]eC[?v3ʿ@2>vvvm΂mgз igЧ 3o3 Oѫ >C ((- r߫ʐ+@;dN~kx:  7_/z/)>Crs~~3w Y{ f wɹN2!(odYNOoT8'\$_JeYW@a uuQ~@yJ2,c3\. f{%;[?[O;gu CFWT=k ϼdmNt^k8VҮ /h}0^ZE/ޤuM"[~|^YپGhO WY-Jaġ$Л'Aͷ&DV)pF F^a%1zIN)7a4 EL=C9}54]MWnƜď{#}ö0Fr@*5VZ*{_ /  = +HMjJUNmaX,.g /(@#غM{%}C7<8fȳRL u+k %p (luy93"r"wŃq`a\m8I(q0wKx4.k,`Wa5c,KB|6bZi֠}փD# Z#Xnƀ_h_n=,N7"fPܝS70ܩLy: 0'>8Ï }Cqzvtsʱ Eaqg:?"d`Y1 P,]Ʉ]''14d⟐|e'O2#0G MĮ+fAjrf_͓)lgG4WB&* Up6¥'מЄ2곻e`9ao5RFXk;MA5c)^guM=>Ld |A«U/="2cX ==EcЁ_454:X-5,FLALH\=mz^DltΖb'/x)KPRJVr.Q ?`n4Tx/ē_^8Xl=$~5|t,C7'cc!-^Π&b/;ysԷeEQ&PL–c)JqYХIG*9"Ź oPmB0^y>ಁe"Z=`s s"Tt r!,M-Gw U|ٱs Ԏo=)O?7nG[nI 5E`0ҀI2L/Tvy*K*>% /)iJu!A]=_v{[>/'R`Şi#}@ ](ۉnfTt %`GYU`kr5-E6<܈x?ƃna@JY˳3LN5%*lr=Vc:pz2 i ѨpCTUDǮ ^kǺgym/D]E>*Ѝ5ϱ|3'5ȱ ya1 g{d{~kC'> :| g)C2^#s!oYX&7ęV /O CׅѰ0 L{,lyEG%RRNCa 0F #:`2 19.G xI1%h3l䓈mAb?ڵ-caG?ԝY)2w\6k+[Ȁ7H>Y{D,5R;tP9ϓz0 s͙!c׆!a+c~,Km))f Ax=`#hxl <nh1)d'kI 'R&la,r3 Ej Z.3R0/xqBa0SSQ2$Y":Ƹ0X+Vt*Nﺽ/ͥV/PwzyݺrC*gꙺU]ώ7_a}BeFBl4*ŷևъe&nғ7OWgRXFYS$DY3 AHcggɊxY޿`(XE Ch_`b[[SˬZY$I#;ov[b$- U.ɡRvSF'e9PU>\JBS+$X/WfDNƇ΢ wm&l2)v}ml-c6C-{+