1 Reply Latest reply on Apr 21, 2015 6:19 PM by jdpres

    What is the relationship between Application and Change Control vs Embedded Control

    alexck.lam

      Hi,

       

      I am new to the McAfee product line and would like to know the relationship between Application+Change Control and Embedded Control.

      I have also come across Integrity Control, what is that?

       

      Are they support by ePO?

       

      Thanks,

      alex

        • 1. Re: What is the relationship between Application and Change Control vs Embedded Control
          jdpres

          I also have had the same questions. This is what I have been able to determine so far:

           

          I have access to McAfee Embedded Control and have been able to get documentation for Application Control and Change Control. From what I can gather there seems to be a strong correlation between Embedded Control and Application Control. If you are familiar with either product (EC or AC) they both have the following functionality:

           

          • The ability to solidify, i.e., whitelist executables and scripts. With this obviously comes:
            • The ability to setup updaters
            • The ability to setup certificates
            • All the tools to help manage and debug your solidified filesystem.
          • Read and write protection.

           

          From the documentation Application Control is used to track changes to files on your computer. At first glance I thought the Embedded Control had this same functionality since it listed the "monitor" command in the help output of the sadmin.exe that comes with EC. The monitor command plays a role in configuring what files to track and which to ignore. I tried using the monitor command to add a file to the files to rack list but was never able to get it to make a log when I modified the file. I am not sure if I do not fully understand how file change tracking works or that EC just does not have this functionality. I would be very interested in someone with a better understanding EC commenting on whether it is possible to track file changes or not with EC.

           

          Thanks,

          John