Ivanti Device and Application Control Subscription

Application control provides another layer of protection — on top of patch management, antivirus, anti-spyware, and firewall configuration — to prevent the intrusion of malicious activity on your managed devices. Application control continuously monitors specified processes, files, applications, and registry keys to prevent unauthorized behavior. You control which applications run on devices and how they are allowed to execute. Because it is a rule-based system, instead of a definition-based (i.e., signature-based) system, application control is more effective at protecting systems against zero-day attacks (malicious exploitation of vulnerable code before exposures are discovered, defined, and patches made available). Unlike vulnerability detection and remediation, spyware detection and removal, or antivirus scanning and quarantine; application control protection does not require ongoing file updates, such as patch files, definition/pattern files, or signature database files. Application control protects servers and workstations by placing software agents between applications and the operating system’s kernel. Using predetermined rules based upon the typical behavior of malware attacks, these systems evaluate activities such as network connection requests, attempts to read or write to memory, or attempts to access specific applications. Behavior known to be good is allowed, behavior known to be bad is blocked, and suspicious behavior is flagged for further evaluation.