Lumension: Whitelisting, Green IT, and GRC

by Steve Ragan - Mar 1 2010, 10:00

RSA Conference 2010 – Lumension is heading to the annual RSA Conference this year, reaching out to IT on many levels, including Application Whitelisting, GRC, and Green IT initiatives.

Lumension is a vendor that focuses on endpoint management and security, and while you don’t see them in the news all that much, they have extensive reach into small to Medium Enterprise and government operations. This year, they are working on three new initiatives at RSA, in addition to their existing offerings.

Compliance and IT Risk Management

Governance is a nightmare for some IT shops. There are so many different levels and methods to go about it that it can be both expensive and draining. Taking advantage of a partnership with Network Frontiers’ UCF (Unified Compliance Framework), Lumension plans to introduce the latest version of their Risk Manager offering. (Risk Manager 4.1)

The new version of Risk Manager adds support for over 420 regulatory requirements, with 26,320 citations mapped to over 2,500 harmonized controls by including Security Breach Notification Laws, Health Information Technology for Economic and Clinical Health Act, and FTC Red Flag Rules.

Another point mentioned in the announcement for the new version is expanded flexibility offered by the LCDK (Lumension Connector Development Kit), which allows data from almost any database system, including network scanners and asset management systems, to be imported.

Power Management Enhancements

Another introduction Lumension plans to make this week at the RSA Conference is the addition of distributed Wake-On-LAN capabilities to their Endpoint Management and Security Suite.

According to Gartner research, organizations actively employing some form of IT power management can expect to save $43,000 dollars per year, compared with an unmanaged 2,500-PC organization. So Lumension is tapping into that by offering a power management solution as a core functionality of their security suite.

The possible benefit to the offering is the reduction of all the complexity that some IT shops face when attempting to implement power policy. But power is only one part of the features offered by Lumension’s suite. While the feature is new, most of the talk is likely to center on most of the other aspects of the suite, which has become one of the core offerings for the company over the years.

Intelligent Whitelisting

Another aspect to Lumension’s Endpoint Management and Security Suite that will get some attention this week was actually launched last Tuesday. They call it Intelligent Whitelisting and said that it will cause a shift in the debate over blacklisting vs. whitelisting.

Lumension’s Intelligent Whitelisting leverages methods used by both whitelisting applications and blacklisting applications, while removing the management complexity and loss of productivity that standalone methods can sometimes cause.

According to a briefing on the enhancement, “The approach extends beyond simply looking for malicious threats; rather, it determines whether change should be allowed to occur in the IT environment by providing the necessary control to define and enforce security policy without disrupting business operations.”

This determination is the result of a rules-based trust engine that defines what types of change should be allowed using three levels: Clean IT, Lock IT, and Trust IT.

Clean IT will deal with Malware once it registers a change, removing it automatically if detected. Lock IT takes a snapshot of the system, and from that a whitelist is created. From this point nothing new is allowed unless trust is proven. Lastly, Trust IT allows IT managers to define the source of new applications, and allow them to be instantly trusted and allowed by Lock IT to be added to the system.

For more information on any of the three newest offerings, Lumension will be manning their booth and taking questions.

Around the Web