Introduction to Application Control Solution (ACS)
Application-level security attack, such as file system corruption, registry corruption, spyware, and keylogging, pose a serious threat to mission critical business operations. Arellia Application Control Solution™ software helps you manage this risk by allowing you to control the software applications in your environment.
With Application Control Solution you can
- Create policies to automatically inventory software packages or systems and add authorized applications to a whitelist.
- Create policies to whitelist trusted file owners or digital certificates.
- Elevate privileges for applications that standard users use
- Implement the principle of least privilege to enhance the protection of data and functionality from malicious behavior. See Restrict an application's process rights.
Note
The principle of least privilege requires that each subject in a system is granted the most restrictive set of privileges (or lowest clearance) that is needed for the performance of authorized tasks. The application of this principle limits the damage that can result from accident, error, or unauthorized use.
- Apply security ratings to withstand future attacks by reducing the number of applications that are available to exploitation. See Manual security rating.
- Isolate an application to protect against file system and registry corruption or misuse. You can achieve this goal by integrating with Altiris® Software Virtualization SolutionTM software. See Run an application in a Symantec Workspace Virtualization (SWV) layer.
- Protect against data theft. You can automate the encryption of documents because Application Control Solution has seamless integration with Windows Encrypted File System. For information, search Microsoft for EFS Encryption. Using Application Control Solution, you can automatically encrypt documents on a notebook and prevent theft. See Automate document encryption.
- Control an application's ability to read or write to specific network locations. See Prevent read and write to file types or network locations.
- Prevent potentially malicious applications, such as keyloggers, from installing Windows API hooks. See Prevent malicious applications from running.
- Protect against viruses and spyware. See Quarantine files.
Getting started scenarios
For sample scenarios that highlight the functionality and use of this solution, see Getting started.