Whitelisting security has always taken a backseat to blacklisting approaches. After all, when there is far more good software running on computers and networks than bad software, it's just easier to block the bad than to approve all the good. But that was then, and this is now.
Last year, the computer security defense world quietly marked a momentous threshold that should have us all looking anew at the value of whitelisting. In 2008 the number of unique malicious programs and variants that were created outstripped all the legitimate software published in the world, straining the accuracy of anti-virus solutions like never before. It's a disturbing fact that suggests whitelisting is now more suitable as a primary security defense than traditional anti-virus scanners, which are really nothing more than blacklisting programs.
[ Read the individual reviews of Bit9 Parity Suite, CoreTrace Bouncer, Lumension Application Control, McAfee Application Control, and SignaCert Enterprise Trust Services. Compare their features. Compare the capabilities of Microsoft AppLocker, the whitelisting feature included in Windows 7 and Windows Server 2008 R2. ]
Now for some good news: Just as whitelisting may be finding a receptive audience, a number of whitelisting solutions are proving to be mature, capable, and manageable enough to provide significant protection while still giving trustworthy users room to breathe. Nor are today's whitelisting programs limited to locking down desktops to prevent malware executions -- they're also useful for software configuration and licensing compliance and regulatory auditing.
With these benefits in mind, InfoWorld tested six enterprise-grade whitelisting programs, otherwise known as application control programs. The reviewed products include Bit9 Parity, CoreTrace Bouncer, Lumension Application Control (formerly SecureWave Sanctuary), McAfee Application Control (formerly Solidcore S3 Control), and SignaCert Enterprise Trust Services. We also tested Microsoft AppLocker, the application whitelisting feature built into Windows 7 and Windows Server 2008 R2. In all cases, testing was done using the product's Windows clients, though one or two of the products also support Linux or Solaris or Mac OS X.
In a rare occurrence for a product comparison of this scope, all the products came out pretty well. The overall conclusion is that any of the reviewed products would help you reduce real and measurable security risk. A few are borderline excellent (scoring in the high 8s on InfoWorld's 10-point scale), and one, Bit9's Parity, is not only the clear frontrunner (with a score of 9.4) but a likely candidate for InfoWorld's Technology of the Year Award. Oh, to have such choices.
Read more about security central in InfoWorld's Security Central Channel.
| Test Center Scorecard | ||||||
|---|---|---|---|---|---|---|
 |  |  |  |  |  | |
| 30% | 15% | 25% | 10% | 20% | ||
| Bit9 Parity Suite 5.01 | 10 | 8 | 9 | 9 | 10 |
9.4
Excellent
|
| 30% | 15% | 25% | 10% | 20% | ||
| CoreTrace Bouncer 5 | 9 | 9 | 9 | 8 | 9 |
8.9
Very Good
|
| 30% | 15% | 25% | 10% | 20% | ||
| Lumension Application Control | 8 | 9 | 8 | 9 | 9 |
8.5
Very Good
|
| 30% | 15% | 25% | 10% | 20% | ||
| McAfee Application Control 5.0 | 9 | 9 | 9 | 8 | 8 |
8.7
Very Good
|
| 30% | 15% | 25% | 10% | 20% | ||
| SignaCert Enterprise Trust Services 3.0 | 8 | 9 | 8 | 8 | 8 |
8.2
Very Good
|
Get the independent advice and expertise you need to support a virtual workforce.
The increase in Linux popularity has increased the frequency and sophistication of malware attacks. Read this 2 page white paper now to learn how you can protect your Linux environment with real-time protection that is certified by all major Linux vendors.
Download now »
Ensuring acceptable application delivery will become even more difficult over the next few years. As a result, IT organizations need to ensure that the approach that they take to resolving the current application delivery challenges can scale to support the emerging challenges. This handbook elaborates on the key tasks associated with planning, optimization, management and control and provides decision criteria to help IT organizations choose appropriate solutions.
Download now »
A common misconception is that mid-range storage requirements are dramatically different than that of a larger enterprise. Mid-range storage users may require less capacity, but they have similar functionality and management requirements. This ESG paper examines mid-range storage needs and reviews a new solution that adjusts size while retaining value, performance and functionality.
Download now »
Sign up to receive InfoWorld Resource Alerts
This white paper provides guidance on how to develop a strategic approach to managing and monitoring logs, a key function required for compliance with many regulatory mandates and a critical defense against security threats.
Download now! »
Learn about the processes and technologies that support security information management (SIM) operations, as well as the business case for SIM. The series examines different options for implementing SIM and gives you evaluation criteria for selecting the best option for your organization.
Download now! »
Learn the strategies, actions, and capabilities that Best-in-Class organizations employ and technologies they choose to obtain superior performance against various security performance metrics. This report provides guidelines for identifying which security solutions to consume as a MSS and defines best practices for choosing and managing MSSPs.
Download now! »
136 Recommendations
