I believe the application control is meant for the end user systems where they are prone to malware from the Internet.
Is it recommended on server operating systems as well? What will be the performance impact, running it on critical servers? Is there any guidelines/best practices for running solidcore on servers?
Solved! Go to Solution.
McAfee Application Control is a powerful defense layer that protects your system from unknown security threats by controlling the software execution on the system.
Application Control uses the whitelisting technology (a list of trusted software to execute on the system) to protect your system.
By allowing only the trusted software to run on the system, Application Control:
• Protects the existing authorized software from any unauthorized modification and deletion attempt.
• Prevents any attempt to install unauthorized software.
• Permits software updates only through the trusted channels.
Yes application control is recommended on server. And Application control does not interrupt your business. On the contrary it will avoid business downtime.
See the following for more details about the features http://www.mcafee.com/us/products/application-control.aspx
See the following link for more details about McAfee KnowledgeBase - System requirements for Application Control and Change Control 6.1
I have worked on Solidcore for desktops PC's. But I am worried that it may bring down the performance on the servers. Is it widely deployed on the servers?
Moreover it require additional maintenance if I were to add a few batch jobs on the systems right?
Also do I need to have a separate license to implement the Solidcore on server OS?
It does not impact the performance on Servers because there is only one time scan to create the whitelist. You do need to buy the Server SKUs to implement on Servers.
Can you provide use case for "additional maintenance" query?
If you find all the required policy on the test beds before deploying in production or keep the server in Observation Mode, the required policies should be discovered for you.
The additional maintenance means if I were to keep adding a few tasks (batch jobs, scripts) on the servers, what is the work around? Is it to white-list a particular folder where it runs from?
One more query, what is Server SKU ? I have the endpoint protection suit which works fine on Windows 7 & XP. Can I deploy the same on Windows 2008 r2?
Sorry to bother you again. My vendor offered me the following quote for server OS. Is it the one you are referring to? Is there any documents from McAfee on the license differences for client and server operating systems for application control?
McAfee Application Control for Servers ACSCKE-AB-CA LICENSE: Per Server. DELIVERABLE: Download Only. PRODUCT CONTENT: Application Whitelisting and Memory Protection targeted for servers that need to be locked down and protected. These devices are function specific (mfg. devices, etc.) and in some cases cannot handle the load of traditional AntiVirus.
Yes, that would be the right SKU.Depending on what your Server protection needs are, you may also want to look at Mcafee Datacenter Suites.
There is extensive Datacenter/Server specific testing done with the Server SKUs.