cancel
Showing results for 
Search instead for 
Did you mean: 
avilt
Level 7

Application Control on Servers

Jump to solution

I believe the application control is meant for the end user systems where they are prone to malware from the Internet.

Is it recommended on server operating systems as well? What will be the performance impact, running it on critical servers? Is there any guidelines/best practices for running solidcore on servers?

0 Kudos
1 Solution

Accepted Solutions
neelima
Level 12

Re: Application Control on Servers

Jump to solution

Yes, if the scripts are kept over network. If they are local, you can simply whitelist them when you add the new task.

0 Kudos
11 Replies
willsonlebig
Level 11

Re: Application Control on Servers

Jump to solution

Hello avilt,

Read this:

McAfee Application Control is a powerful defense layer that protects your system from unknown security threats by controlling the software execution on the system.

Application Control uses the whitelisting technology (a list of trusted software to execute on the system) to protect your system.

By allowing only the trusted software to run on the system, Application Control:

• Protects the existing authorized software from any unauthorized modification and deletion attempt.

• Prevents any attempt to install unauthorized software.

• Permits software updates only through the trusted channels.

Yes application control is recommended on server. And Application control does not interrupt your business. On the contrary it will avoid business downtime.

See the following for more details about the features http://www.mcafee.com/us/products/application-control.aspx

See the following link for more details about McAfee KnowledgeBase - System requirements for Application Control and Change Control 6.1

avilt
Level 7

Re: Application Control on Servers

Jump to solution

I have worked on Solidcore for desktops PC's. But I am worried that it may bring down the performance on the servers. Is it widely deployed on the servers?

Moreover it require additional maintenance if I were to add a few batch jobs on the systems right?

Also do I need to have a separate license to implement the Solidcore on server OS?

0 Kudos
neelima
Level 12

Re: Application Control on Servers

Jump to solution

avilt,

It does not impact the performance on Servers because there is only one time scan to create the whitelist. You do need to buy the Server SKUs to implement on Servers.

Can you provide use case for "additional maintenance" query?

If you find all the required policy on the test beds before deploying in production or keep the server in Observation Mode, the required policies should be discovered for you.

avilt
Level 7

Re: Application Control on Servers

Jump to solution

Thank You.

The additional maintenance means if I were to keep adding a few tasks (batch jobs, scripts) on the servers, what is the work around? Is it to white-list a particular folder where it runs from?

0 Kudos
neelima
Level 12

Re: Application Control on Servers

Jump to solution

Yes, if the scripts are kept over network. If they are local, you can simply whitelist them when you add the new task.

0 Kudos
avilt
Level 7

Re: Application Control on Servers

Jump to solution

One more query, what is Server SKU ? I have the endpoint protection suit which works fine on Windows 7 & XP. Can I deploy the same on Windows 2008 r2?

0 Kudos
neelima
Level 12

Re: Application Control on Servers

Jump to solution

You will need to buy the Server Security SKU for that. Endpoint protection suite is applicable only for Desktops/Laptops.

0 Kudos
avilt
Level 7

Re: Application Control on Servers

Jump to solution

Sorry to bother you again. My vendor offered me the following quote for server OS. Is it the one you are referring to? Is there any documents from McAfee on the license differences for client and server operating systems for application control?

McAfee Application Control for Servers ACSCKE-AB-CA LICENSE: Per Server. DELIVERABLE: Download Only. PRODUCT CONTENT: Application Whitelisting and Memory Protection targeted for servers that need to be locked down and protected. These devices are function specific (mfg. devices, etc.) and in some cases cannot handle the load of traditional AntiVirus.

0 Kudos
neelima
Level 12

Re: Application Control on Servers

Jump to solution

Yes, that would be the right SKU.Depending on what your Server protection needs are, you may also want to look at Mcafee Datacenter Suites.

There is extensive Datacenter/Server specific testing done with the Server SKUs.

0 Kudos