Application whitelisting review: SignaCert Enterprise Trust Services
- 04 November, 2009 22:13
- Comments
SignaCert was one of the first whitelisting products available, and it now boasts more than 1 billion predefined file signatures as part of its Global Trust Repository service. It also offers file authenticity ratings, wide platform support, extensibility through XML, and excellent documentation. SignaCert's significant weakness is that it does not natively block file executions -- the only product in InfoWorld's review that does not include this ability as a standard feature.
Instead of blocking unauthorized applications, SignaCert focuses on identifying deviations from trusted, predefined baselines of files and security configuration settings, specializing in midsize to large environments.
SignaCert Enterprise Trust Services is composed of the SignaCert Enterprise Trust Server appliance, a huge predefined file hash database (cloud service and local), and a client that works across more operating systems (including Windows, Linux, Mac OS X, and Solaris) than any of the reviewed competitors. SignaCert even claims to work across network device platforms, such as firewalls and routers, but I didn't test that functionality. It's also the only product to monitor security configuration settings, as well as registry and file objects.
SignaCert's nonpersistent Java client is the most customizable client in this review. You can tailor its behavior based on a variety of configuration settings (to cap CPU utilization, for example). You can even build your own client to support whatever you want as long as it confirms to SignaCert's XML formatting. SignaCert easily has the best documentation of any product in this review, including hundreds of pages on both client and server components.
SignaCert comes with a vast database of predefined file hashes collected directly from the vendors. This used to be a unique feature for SignaCert, but Bit9 Parity and Lumension Application Control have followed suit. SignaCert claims to cover a wider array of platforms with its predefined file signatures than these competitors, but I did not verify this claim.
SignaCert lets you collect your own baselines using a process it calls harvesting. Unlike the baseline generation tools of many competitors, SignaCert's harvesting can easily report all file types, including the attributes of multiple hashes, location, publisher values, and even file permissions and ownership.
- Bookmark this page
- Share this article
- Got more on this story? Email TechWorld
- Follow TechWorld on twitter
- Avaya Deploys the Avaya Desktop Video Device with the Avaya Flare® Experience
- Why Two Thirds of Enterprise Architecture Projects Fail
- The Pathways ICT Leadership Development Program Brochure and Curriculum 2012
- Advanced Malware Exposed - How advanced malware, zero-day and targeted APT attacks are evading today's network defences
- Oracle Exadata Database Machine Warehouse Architectural Comparisons
-
Coalition NBN better or worse?
-
CSIRO develops hands-free technology for mining repairs
-
Broadband Forum to improve IPTV performance with new spec
-
Amazon Web Services moves backups to cloud with new appliance
-
Callforfree.net.au offers free calls to 70 countries
-
Windows 7 for Seniors for Dummies®
-
Office 2007 All-In-One Desk Reference for Dummies
-
Excel 2007 All-In-One Desk Reference for Dummies
-
Windows 7 for Dummies® Dvd+book Bundle
-
Microsoft Office
-
Computers for Seniors for Dummies, 2nd Edition
-
Office 2007 for Dummies
-
Teach Yourself Visually Windows 7
-
Windows 7 for Dummies®
Comments
Post new comment