About Application Control

Ivanti Application Control enables you to prevent the execution of malicious code and unwanted software by using a security approach called application whitelisting. This approach allows only authorized applications to run on endpoints such as laptops, desktops, servers, and other IT resources.

A whitelist is a list of executable files (stored in the form of hash values) that are authorized to run on an endpoint. A whitelist is created when an application scan is performed on the endpoint during Easy Auditor or Easy Lockdown.

Ivanti Application Control also provides a centralized blacklist, a list of executable files that are forbidden to run. There are also trust mechanisms which automatically authorize applications to run, based on specific criteria.

Administrators create policies that define how whitelists, blacklists and trust mechanisms are applied across the enterprise. These policies can be assigned to individual endpoints, groups, and users.

When application control is enforced, an executable can only run on an endpoint if it is on that endpoint's whitelist or if it is permitted by one of the trust mechanisms. While it is running, its processes can be protected from external attack with a Memory Injection policy.

To minimize disruption to end user productivity, it is best to have an evaluation period prior to enforcing application control. During this period, administrators can monitor and analyze application usage, and create appropriate policies.