Endpoint Application Control 2.0 SP1 Patch 3 provides the following features and benefits:
Feature or Benefit |
Description |
---|---|
Agent Installation from Windows or the Command Prompt |
Install Endpoint Application Control agents using Windows or the command prompt. See Agent Deployment. |
Agent Self-Protection |
Prevents Endpoint Application Control agents from being stopped or uninstalled by either an end-user or an external third-party application or process. |
Agent Windows Interface and Notification Controls |
Hide the agent Windows system tray icon and Windows notifications using policies. |
AIR Score Part of the Smart Protection Network™ |
Enables administrators to allow or block applications based on a comprehensive security score from Trend Micro. |
Application Usage Part of the Smart Protection Network™ |
Specify applications based on global or regional usage patterns. Allow or block applications using a score generated by the Smart Protection Network team using a "prevalence index". |
Certified Safe Software Service Part of the Smart Protection Network™ |
Provides a comprehensive list of applications considered to be safe by Trend Micro, called Certified Safe Software by Endpoint Application Control. The list includes most popular operating system files and binaries as well as applications for desktops, servers, and mobile devices. |
Control Applications and DLLs |
Allow or block applications and DLLs for users and endpoints. Customize application control for server, end-user, healthcare, point-of-sale, kiosk, hospitality, and financial systems. Match Certified Safe Software, AIR Scores, application usage, endpoint inventories, file paths, certificates, and SHA-1 hash values. |
Dynamic Application Lists |
Match Trend Micro Certified Safe Software and endpoint inventory applications dynamically. |
Key Performance Indicators Dashboard Widget |
Customize a score card on the Endpoint Application Control and Control Manager product dashboards regarding the performance of your application control environment. |
Manually Update Policy from the Agent |
Manually trigger policy updates for agents from the endpoint. |
Process Blocking Also known as kernel-level or driver-level blocking |
Block applications from executing by evaluating if files are allowed prior to execution. |
System Lockdown |
Use lockdown rules to prevent installation of unauthorized applications. See About Rule Types. |
Trusted Sources for Applications |
Trust newly installed software automatically for all users on an endpoint. |
User-Based and Endpoint-Based Policy Management |
Use rules that match users or endpoints to control applications. |
Connected Threat Defense |
Using the Control Manager console, you can create customized actions for objects detected by the Suspicious Object lists to provide custom defense against threats identified by endpoints protected by Trend Micro products specific to your environment. |
Endpoint Application Control 2.0 SP1 Patch 3 integrates with the following Trend Micro products and services:
ActiveUpdate
Control Manager 6.0 SP3
OfficeScan 11 or later
Smart Protection Network™
Smart Protection Suite