We’re excited to announce the release of Anti-Executable 5.0, our application control solution. It’s revolutionary improvements make application control provisioning, management, and reporting easier than ever. Now it’s even easier to use and provides more flexibility for customization. Here’s how.
- Central Control. The Central Control List contains a list of files and publishers that can be used to create and enforce Anti-Executable policies. When Anti-Executable Enterprise is launched for the first time, it invites you to populate your Central Control List with files and publishers, so that you can start building your policies. To help you get started, we’ve included a few popular software manufacturers in the Central Control List. These entries don’t contain Allow or Block parameters, as those are configured via policies.
- Policy Control. Policies are how administrators can create and enforce specific configurations tailored to meet the requirements of different user groups. A policy contains configuration of file, folder, publisher control attributes, alerts, temporary execution mode details, and general settings. You can group your computers by department, for example, and apply different policies to those groups of computers. This feature is complemented greatly by Faronics Core’s ability to create custom workstation groups (Page 81 of the Faronics Core manual).
- Publisher Control. Publishers can be controlled on a granular level with four different levels: Certificate, Product Name, Program File, and File Version. With just a few clicks you can setup complex publisher control rules that can eliminate program version fragmentation by restricting execution to a specific version of a file.
- New Reports. There are 3 new reports available: Additions to Local Control List, Addition to Central Control List – Files, and Addition to Central Control List – Publishers.
- User Interface Improvements. Improvements were made to in-column search and filtering when navigating control lists, provisioning of Anti-Executable users based on local and domain accounts, and the Alert dialog.
- IdentiFile Upgrade. IdentiFile is a web-based database that can help you learn more about a specific program file. When Anti-Executable blocks the execution of a particular program, you can look up file and publisher details in IdentiFile. The new version of IdentiFIle has had a major facelift and added the ability to submit files that are missing from the database. (Update: IdentiFile feature is no longer available in Anti-Executable)
Other Important Changes. In making Anti-Executable easier to use, some features were deprecated.
- Blocking of Publishers. The ability to block a specific publisher was removed since Anti-Executable works on a default deny principle. Only programs explicitly allowed will execute, which means unauthorized programs are blocked. With the added flexibility of granular publisher control, an administrator can allow only a specific version of a particular file within a program entry of a publisher certificate. This eliminates program version fragmentation.
- Dedicated Whitelist or Blacklist. Having a dedicated whitelist or blacklist can be confusing to a user as the same executable can be allowed to run on one computer, but blocked on another. This is why an execution control list has been created and the local control list is augmented by policies that specify whether a program is blocked or allowed to run. The blocking action always takes precedence.
We’d love to hear your thoughts on Anti-Executable 5.0! If you have any questions or feedback, please share your comments.
Register now for our Anti-Executable 5.0 webinar, scheduled for Tuesday, May 8th at 10am PST.