BOUNCER by CoreTrace:  Features

• BOUNCER by CoreTrace
  • Product Overview
• Benefits of BOUNCER
  • Overview of Benefits
  • Malware Threats
  • User-Privilege Threats
  • Configuration Lockdown
• Features of BOUNCER
  • Overview of Features
  • Trusted Change
• Regulatory Compliance
  • Overview of Compliance
  • HIPAA
  • The Sarbanes-Oxley Act
  • PCI DSS
  • NERC
  • NIST sp800-53
• Industry Solutions
  • Overview of Solutions
  • Engineering and Utilities (SCADA)
  • Hosted VoIP Providers
  • Government
• Roles & Responsibilities
  • Overview of Use by Role
  • IT Administrators
  • IT Managers
  • Executives

• See Also:
  • Application Whitelisting News
  • Live & Recorded Events
  • BOUNCER Presentation
  • Resource Center
• Related Resources:
  • BOUNCER Online Demo
  • Application Whitelisting: New Paradigm
  • Tenets of Endpoint Control (Ogren Group)
  • Combatting Buffer Overflows & Rootkits
  • BOUNCER ROI Analysis

Approach and Deployment

The BOUNCER approach to application whitelisting reflects the three fundamental precepts of endpoint security:

1. Control what you know.
2. Control at the lowest possible level.
3. Control transparently.

A BOUNCER deployment uses a multi-tiered, yet simple architecture that consists of 3 components:

• The BOUNCER Client:
  A lightweight software agent that resides on each individual endpoint at the lowest level of the operating system.
• The BOUNCER Manager:
  A hardened device that sits seamlessly between the endpoint and the secure console.
• The BOUNCER Console:
  The secure, simple interface that ties it all together, providing a single point of contact for all the endpoints protected by BOUNCER.

Infrastructure Features

• NEW Trusted Change:
  Grant users trusted ways in which they can upgrade their systems or install new, approved applications.
• Scalable Architecture:
  BOUNCER grows with your enterprise, with additional consoles, managers and clients that are easy to deploy.
• End-to-End Encryption:
  All communications are fully encrypted from the console to the endpoint.
• End-to-End Authentication:
  Embedded digital certificates authenticate all applications and components.
• Snapshot System Status:
  BOUNCER tracks all managed components, giving you get real-time availability reports.
• Client Failover:
  Clients are designed to communicate with a rollover manager if communications to the licensing manager fails.
• Network Security:
  The system operates without interference with other installed security products such as firewalls, intrusion detection systems, and private VPN clients.
• Minimal Network Impact:
  Limited traffic between components ensures network bandwidth is available for company needs.

Installation and Setup Features

• Plug-and-Play Secure Installation:
  System components locate and authenticate each other for simple installation and setup.
• Flexible Software License Management:
  Install, uninstall, and upgrade software using the embedded license management system.
• Minimal Client Impact:
  Reboot of remote clients is not required during installation and, once operational, the client has minimal performance impact.
• Secure Online Support:
  Download authenticated software from CoreTrace and rollout software upgrades and updates to all components.
• Self-Contained:
  All software required to license, install, and configure the clients can be pre-loaded on the manager.

System Administration Features

• Single Point of Entry:
  Manager and client configurations can be changed only from a console.
• Two-Factor Administrator Authentication:
  Electronic tokens in conjunction with an extended passphrase control access to the system.
• Two-Level Administration:
  The system supports regular (limited-privilege) and master (full-privilege) levels of system administration.
• Centralized or Decentralized:
  The security group can be managed from a single console or multiple consoles.
• Complete Accountability:
  The system logs all administrative actions to maintain accountability over configuration.
• Emergency Administration:
  The system supports an optional fail-safe (single privilege) level of system administration for disaster recovery.

Policy Administration Features

• Factory Policies:
  CoreTrace-provided factory policies provide protection against the common threats.
• Automatically Generated File Policies:
  Automatically create unique file policies for platforms as configured, complete with file digests.
• Custom Policies:
  Administrators can modify default policies or build new policies to meet specific needs.
• Security Subgroups:
  A large security group can be subdivided into smaller, more manageable administrative subgroups.
• User Transparency:
  Changes to policy are dynamically implemented without a reboot or noticeable change on the user platform.
• Rapid Policy Deployment:
  Changes to standard policies can be applied to thousands of clients across the enterprise in seconds.
• Disconnected Operation:
  Policies continue to protect the user platform when it is ‘on the road‘ or in home use and not in communication with a manager.

• Contact
• Site Map
• Legal
• Privacy Policy