LANDesk® Security Suite


Home	Contact Us	Call Us - 800.613.1426

HOME ABOUT US News Careers News Archives HELP DESK Methodology HEAT Consulting IT Service Management Training Testimonials Referral Program DESKTOP AND NETWORKING LANDesk Consulting Networking and Integration Break/Fix Testimonials Referral Program PRODUCTS PARTNERS CONTACT


123 Flash Menu Placeholder.

	SOLUTIONS & SERVICES


	Systems-Life Cycle Management
	IT Process Automation
	Service Desk
	Server and Asset Management


	RELATED DOCUMENTS


	Security Management Product Brochure
	Power Management Brief
	Executive Dashboard Brief


	USEFUL LINKS


	Free Product Trials
	Multimedia Overview
	Request Additional Information

LANDesk® Host Intrusion Prevention System - Key Features

Integrated Endpoint Security

NEW LANDesk Personal Firewall —Limits access to authorized networks or IP addresses to ensure increased system protection and dramatically reduce the potential for effective system attacks
NEW Location-aware policies—Preserve productivity and reduce the chance of data loss and infection with dynamic policies that adjust security settings—including application control, anti-malware configuration, and removable storage restrictions—based on the environment a selected machine is in
Application and device control—Uses a single, integrated agent that monitors, protects, and controls application and device usage on the endpoint

Application Control

Whitelisting and blacklisting—Allows only authorized programs to run and stops unauthorized or prohibited applications—including on systems unconnected from the network—even if users rename the file
Seamless integration—Assures that application control features work in tandem with new personal firewall features
Group and user-level restrictions—Offer greater control of who can access specific applications

Single-Console Control

Allows IT administrators to use a single management console to install, configure and manage host-based intrusion prevention features for all enterprise systems.
Lets IT quickly and easily perpetuate learned behaviors blocked on an individual host to host systems enterprisewide.

File System and Registry Protection

Recognizes malicious writes and modifications to the registry to prevent malware from running when a host system is rebooted.
Allows IT to lock down the registry unless and/or until writes are approved by the IT administrator.
Helps IT limit data theft. For example, IT can set *.DOC to be only accessible for WinWord.exe (and other backup programs). Users can then work on these documents only with Word and no other program (for example, a Trojan) can read them.
Allows IT administrators to prevent certain malware classes from performing malicious functions in the file system by specifying which operations on which files are forbidden to which processes.
- Processes can be “all” or certain named processes.
- Operation can be “none” or certain predefined operations—read, write, execute, create.
- File can be “All” or predefined file names, including wildcards. For example: “FILE.ABC”, “*.EXE,” etc.
- According to the above rules and the requesting processes certifications, the result is “allow” or “deny” operation.

System Startup Control

Gives IT administrators a process to make a whitelist of applications allowed to run at host startup in addition to a blacklist of those that can’t be run.
Gives IT administrators precise control over the applications that can run on enterprise systems and how those applications are allowed to execute.
Provides added protection against malicious attacks by preventing disguised, new and/or unknown malicious applications from slipping through enterprise defenses.
Provides flexible configurations for different user profiles to easily enable different whitelists for different users and groups.

Application Access and Rootkit Control

Allows IT to determine whether or not applications that are running can execute other applications on a host in order to detect and prevent stealth rootkits from infiltrating enterprise systems.
Kernel-level network filtering lets IT define an application’s executable files and what is and isn’t acceptable network behavior.
- IT can filter network and block applications that attempt to connect to SMTP mail servers unless specifically authorized to send e-mail.
Gives IT control over which applications can read, write or modify protected files or registry parts.
- By locking down what changes in the registry, prevents malware from launching in memory and/or making changes to the registry.
Creates a log of malicious, uncertified rootkits—a log that can be perpetuated throughout the enterprise.

Process and File Certification

Empowers IT administrators to certify that certain applications or files are allowed to bypass some or all protections built in to LANDesk® Host Intrusion Prevention System.
- Users can be given the right to modify protected files.
Prevents non-certified processes from injecting into certified processes and illegally obtaining certified authorization attributes

HOME	ABOUT US	HELP DESK	DESKTOP AND NETWORKING	PRODUCTS	PARTNERS	CONTACT