Application Control and Whitelisting for Endpoints


Archived Published: 10 March 2011 ID: G00208636

Analyst(s):

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

contact us online

Summary

Application control and whitelisting solutions can put endpoints into a stronger default-deny posture against unknown and potentially malicious software. Solutions come from a variety of market segments and, because they offer a potentially powerful endpoint protection alternative, are gaining mind share and deployment. This assessment will explore the application control landscape and recommend strategies for adoption.

Table of Contents

  • Summary of Findings
  • Analysis
    • What Is Application Control and Whitelisting?
    • Use Cases
      • Protect Production Servers
      • Protect Embedded (or Fixed-Purpose) Devices or PCs
      • Protect Standard User, General Purpose PCs
      • Protect User Administered, General-Purpose PCs
      • Additional Use Cases
    • Application Control and Whitelisting Architecture and Requirements
      • Multiple Platform Support
      • Multiple Application Type Coverage and Browser Control
      • Robust Enforcement Agent
      • Trust Mechanisms
      • Application Inventory and Whitelist Creation
      • Commercial Whitelists and Graylists
      • Privilege Escalation
      • User Space Install Restriction
      • Management
      • Logging and Reporting
    • Market Landscape
    • Market Segments
      • Dedicated Application Control and Whitelisting Solutions
      • Anti-Malware Vendors
      • Vulnerability and PCLM
      • OS and Privilege Escalation/Management Solutions
      • Alternative Endpoint Protection Vendors
      • Content Control
      • Application Virtualization and Management
    • Future Market Direction
  • Comparison
  • Recommendations
    • Take Inventory of the IT Environment and Constituencies
    • Determine the Role for Application Control in the Enterprise Security Architecture
    • Select an Appropriate Approach to Application Control
    • Couple Application Control with a Strategic Migration to a Standard User Deployment
    • Embrace Application Control as a Strategic Endpoint Protection Initiative
    • Take a Tactical Approach and Start with the Easier Use Cases
    • How to Follow the Road Map in Figure 2
  • The Details
  • Conclusion
  • Recommended Reading
© 2011 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Free Research

Discover what 12,000 CIOs and Senior IT leaders already know.

Free Access

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more