OSB240: What's New in Ivanti Application Control
•
0 likes•438 views
This document discusses new features in the latest version of Ivanti Application Control. Key updates include enhanced Windows 10 and Server 2016 support, the ability to whitelist Universal Windows Platform apps by publisher, extended ransomware and malware protections, expanded user self-service capabilities, and enhanced auditing features. Future plans are outlined as well, such as advanced web application control and whitelisting capabilities for macOS.
Recommended
More Related Content
What's hot
What's hot (20)
Similar to OSB240: What's New in Ivanti Application Control
Similar to OSB240: What's New in Ivanti Application Control (20)
More from Ivanti
More from Ivanti (20)
Recently uploaded
Recently uploaded (20)
OSB240: What's New in Ivanti Application Control
- 1. OSB240 - What's New in Ivanti Application Control? Simon Townsend – Chief Technologist
- 2. “Configuring IT systems in compliance with CIS benchmarks has been shown to eliminate 80–95% *Center for Internet Security Endpoint Security Critical Security Controls Done Right of known security vulnerabilities.”* Top 5 CSC Controls 1 Inventory of authorized and unauthorized devices 2 Inventory of authorized and unauthorized software 3 Secure configurations for hardware and software 4 Continuous vulnerability assessment and remediation 5 Controlled use of administrative privileges
- 3. P a t c h O p e r a t i n g S ys t e m s of Windows intrusion threats 1 Organizations can prevent up to P a t c h Ap p l i c a t i o n s 2 3 M i n i m i z e Ad m i n P r i v i l e g e s 4 by implementing four key disciplines Ap p l i c a t i o n W h i t e l i s t i n g As recommended by…
- 4. Our defense-in-depth solutions PATCH & VULNERABILITY MANAGEMENT APPLICATION CONTROL & PRIVILEGE MANAGEMENT ENDPOINT SECURITY SECURE PROGRAM MANAGEMENT PATCH AND SECURE THE OPERATING SYSTEMS AND THIRD-PARTY APPS THAT PATCHING CAN SECURE AND MANAGE. PREVENT ALL OTHER APPS FROM RUNNING WHILE PRACTICING THE PRINCIPLES OF LEAST PRIVILEGE. ADD ADVANCED ANTI- MALWARE AND NEXT- GENERATION AV CAPABILITIES, DEVICE CONTROL, AND GLOBAL POLICY FOR ALL DEVICES. MARRY SECURITY CAPABILITIES WITH WORKFLOWS AND ASSET MANAGEMENT PROCESSES TO COMPLETE A SECURE LIFECYCLE. • IVANTI PATCH FOR ENDPOINTS • IVANTI PATCH FOR SERVERS • IVANTI PATCH FOR SCCM • IVANTI APPLICATION CONTROL FOR ENDPOINTS • IVANTI APPLICATION CONTROL FOR SERVERS • IVANTI APPLICATION CONTROL FOR SCCM • IVANTI ENDPOINT SECURITY • IVANTI SERVER SECURITY • IVANTI SERVICE MANAGER • IVANTI ASSET MANAGER
- 5. Application Manager is now Application Control!
- 6. Already Delivered… • Zero Day Malware and Ransomware Protection • Removal of User Admin Rights with no Productivity Loss • Coverage of Win 32, Universal and SaaS apps • Restriction of Local Admins on laptops and desktops • Extensive Auditing of App and Privilege Activity • User Self-Service Access and Elevation • On-Demand Policy Changes over the phone • Shared Conditions engine with EM • Windows 10 • Application Firewalls
- 7. Application Control for Windows Servers Windows Server lockdown for the datacenter Web servers, SQL servers, app servers, etc… Secure elevation of admin tools, consoles, and services Fully audited self-elevation and on-demand elevation Centralized auditing of all privilege elevation requests Complete control of console-based and remote server management Licensed by user
- 8. Application Manager 10.1 • Enhanced Windows 10 and Server 2016 Support • New mini filter driver supports WS 2016 and reduces reboots • Build number condition • UWP (aka Windows Store) apps can be whitelisted by Publisher • Extended Ransomware and Malware Protection • Extended Signature Checks for application vendor certificates • Trusted Ownership check on PowerShell (ps1) and Java (jar) files • Expanded User Self-Service • Self-Elevation of more file types • Policy Change Request settings managed per rule • Further Lockdown of Local Administrators • Protection for AM config files, and selected processes • Enhanced Auditing • File Owner and Deciding Rule
- 9. AM 10.1: Block UWP/Store Apps by Publisher • Block/Allow Windows Store apps by Publisher rather than by individual app
- 10. AM 10.1: Extended Cert Check • For rules that match the vendor name, the app signature certificate can optionally be verified at run time • Ensures apps are not created using an untrusted certificate with a fake vendor name
- 11. AM 10.1: PowerShell & JavaScript Trusted Ownership • Extended PowerShell and JavaScript protection • Adhere to Trusted Ownership™ rules • Automatically blocks malware and ransomware
- 12. AM 10.1: Self-Elevation Types • Allows users to get admin privileges in order to run certain apps • Self-Elevation now supports all file types • Admins can specify which apps can be elevated with which extensions
- 13. AM 10.1: Process & Configuration Protection
- 14. AM 10.1: Enhanced Audit Events • File Owner information is now included in the event logs • Helpful for building a Trusted Owner whitelist
- 15. Ivanti Confidential Future product plans are subject to change in both content and timing. Application Manager 10.1 FR3 • Advanced Web app control • Restrict elements of a Web app inside the browser • IE and Chrome Support • Remove/Hide elements of browser based application • Apply rules based on users context (location, time of day, etc.) • Whitelisting of URL’s • Backlog: • App whitelisting on macOS • Protection of File, Folder and Registry keys • Office Macro restriction • Safe Mode support
- 16. Q + A Thank you