ARN

Application whitelisting review: SignaCert Enterprise Trust Services

SignaCert is great for monitoring compliance with application and configuration policies, but it lacks built-in blocking
Page:

SignaCert was one of the first whitelisting products available, and it now boasts more than 1 billion predefined file signatures as part of its Global Trust Repository service. It also offers file authenticity ratings, wide platform support, extensibility through XML, and excellent documentation. SignaCert's significant weakness is that it does not natively block file executions -- the only product in InfoWorld's review that does not include this ability as a standard feature.

Instead of blocking unauthorized applications, SignaCert focuses on identifying deviations from trusted, predefined baselines of files and security configuration settings, specializing in midsize to large environments.

SignaCert Enterprise Trust Services is composed of the SignaCert Enterprise Trust Server appliance, a huge predefined file hash database (cloud service and local), and a client that works across more operating systems (including Windows, Linux, Mac OS X, and Solaris) than any of the reviewed competitors. SignaCert even claims to work across network device platforms, such as firewalls and routers, but I didn't test that functionality. It's also the only product to monitor security configuration settings, as well as registry and file objects.

SignaCert's nonpersistent Java client is the most customizable client in this review. You can tailor its behavior based on a variety of configuration settings (to cap CPU utilization, for example). You can even build your own client to support whatever you want as long as it confirms to SignaCert's XML formatting. SignaCert easily has the best documentation of any product in this review, including hundreds of pages on both client and server components.

SignaCert comes with a vast database of predefined file hashes collected directly from the vendors. This used to be a unique feature for SignaCert, but Bit9 Parity and Lumension Application Control have followed suit. SignaCert claims to cover a wider array of platforms with its predefined file signatures than these competitors, but I did not verify this claim.

SignaCert lets you collect your own baselines using a process it calls harvesting. Unlike the baseline generation tools of many competitors, SignaCert's harvesting can easily report all file types, including the attributes of multiple hashes, location, publisher values, and even file permissions and ownership.

Page:

Come socialise with us! Facebook | LinkedIn

More about: etwork, Linux, Lumension
References show all

Comments

Post new comment

The content of this field is kept private and will not be shown publicly.
Users posting comments agree to the ARN comments policy.
Login or register to link comments to your user profile, or you may also post a comment without being logged in.
Related Coverage
Related Whitepapers
Latest Stories
Community Comments
Tags: SignaCert, security, application whitelisting
ARN Directory | Distributors relevant to this article
COMPUTERLINKS
rhs_login_lockGet exclusive access to ARN's news, research and invitation only events.
ARN Distributor Directory
Find distributors by name | vendor | location
Channel Deals
/deals/synnex/426_lenovo-february-and-march-hot-deal-4
Synnex

Lenovo February and March Hot Deal 4

More details »
ARN Vendor Directory
Find vendors by name | category

iAsset is a channel management ecosystem that automates all major aspects of the entire sales,marketing and service process, including data tracking, integrated learning, knowledge management and product lifecycle management.