LANDesk^® Host Intrusion Prevention

Hackers are getting faster and more devious. And the traditional ways of protecting enterprise systems—antivirus software and firewalls—are no longer enough to ensure your systems stay up and that your critical intellectual property doesn’t fall into the wrong hands. Chief Research Officer Mikko Hypponen of F-Secure, a provider of security services, said that some days it receives as many as 40,000 new tainted files to create antivirus signatures for. He continued, “This is not just a battle between manufacturers of security software and some Internet criminals. It is a war between good and evil.” (“Antivirus Companies Fighting Un-Winnable War?,” idm.net.au)

You can wage your own war and wonder when the next zero-day threat will take out all or part of your enterprise. You can wonder what may get past your firewall or antivirus solution. Or, you can choose to reinforce your existing security efforts with protection against targeted attacks right at the host level and give your enterprise an even higher level of protection.

LANDesk^® Host Intrusion Prevention: Added Peace of Mind

LANDesk^® Host Intrusion Prevention helps you thwart malicious attacks with behaviorbased blocking that prevents applications from executing in malicious ways right on an individual host system. What’s more, LANDesk Host Intrusion Prevention runs from the same console your IT staff uses to administer LANDesk^® Security Suite and LANDesk^® Management Suite. You access everything you need for the most complete, layered LANDesk^® security solution available, including:

• Added assurance and the knowledge that you’re equipped to prevent zero-day threats even before the fix is available.
• Increased efficiency and reduced training and infrastructure costs with a single console solution for complete layered security.
• Precise control over what users can and can’t run on your enterprise systems.

Adding Prevention to Protection from a Single Console

It’s critical to keep your systems patched with the latest antivirus definitions and ensure that known viruses never harm critical data or user productivity. But with the frequency of zero-day attacks rapidly increasing—there were more than 20 zero-day exploits in 2007 alone—your enterprise could still be at risk, even with the best antivirus solution available. That’s where LANDesk^® Host Intrusion Prevention comes in. It works in conjunction with LANDesk^® Security Suite and LANDesk^® Antivirus from a single administrative console to give you an added layer of protection—one called prevention.

LANDesk Host Intrusion Prevention goes beyond protecting against existing known viruses or other malicious attacks. It lets you prevent them by monitoring for and stopping suspicious behaviors—the types of behaviors typical of malicious attacks. So, even if an antivirus definition isn’t available yet, you can reinforce your protection against attacks. As a mature technology, LANDesk Host Intrusion Prevention has an impressive track record, having blocked malware exploits for over 10 years, including the likes of Zotob, Storm, Code Red, Nimda and the Blaster virus, even before antivirus signatures were available.

Precise Control Using Application Whitelists

Through two distinct methods, LANDesk^® Host Intrusion Prevention allows your IT staff to determine not only which applications can’t be run on the host system, but which ones can be. You can use standard HIPS security protection to prevent all malicious software behaviors automatically. For an even more customized level of control, apply whitelisting security protection and execute only those applications that have made it to your “whitelist” or approved application list. All other applications are denied execution.

LANDesk Host Intrusion Prevention also lets IT determine which applications are authorized to send email, modify protected registry keys and write into executable files and protected processes. IT is empowered to prevent new, malicious applications—those that might be posing as everyday applications—from slipping through your enterprise defenses. New and emerging threats, such as buffer overflow exploits and zero-day threats can be monitored and contained as well.

[insert table image]