Application whitelisting review: CoreTrace Bouncer
CoreTrace Bouncer 5 provides first-rate application control with a few unique featuresFollow @rogeragrimes
CoreTrace's Bouncer 5 is application control and more. Bouncer is the only product in InfoWorld's review that successfully protected against buffer overflows. It also offers write protection of whitelisted files and does a nice job of handling updates to controlled applications.
A great-looking GUI, good reporting, and secure sessions between clients and the management server round out the rich feature set. However, Bouncer doesn't cover all program file types, notably those written in interpreted languages such as Python, PHP, or Java.
Started in early 2008, Bouncer is made up of a Windows XP Embedded management appliance and supports clients running Windows NT 4 SP6a and later and Solaris 7 through 10. The extra features and security considerations put into this product are evident from the start.
Logging into Bouncer's Control Center management console [screen image] requires a two-factor USB access token and either physical access to the management appliance or a Remote Desktop Protocol (RDP) session. Connections between the management console and clients are IPSec protected with PKI certificates. This is all automated in the setup of clients and server, and it does not use the normal Windows implementations.