Savant Protection v3.3
April 01, 2010
subscription: $2,995, includes management
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very strong solution for locking down endpoints, with a whitelisting approach that simplifies administration and management.
- Weaknesses: Relies on other solutions for AV.
- Verdict: A great approach to defending against zero-hour threats.
Savant Protection v3.3 takes a unique approach to combating malware. This solution was the only one in the batch tested this month that provides application whitelisting capabilities. The decentralized management approach allows the endpoint device to control the execution of applications. It does this by establishing a unique key, or signature, for each application and device. That unique key also prevents applications from being moved to another device and run. By controlling which applications can run on each endpoint device, Savant Protection can control the level of security. Its approach is to provide system lockdown, prevent the use of unauthorized software and eliminate the intrusion and spread of malware.
The Savant Enterprise Management System (SEMS) serves as a centralized console from which any and all systems can be maintained and security information collected. Savant's Management Console enables groups of devices across the enterprise to be configured through an easy-to-use, centralized web-based interface.
The server load does require some time to complete. It's a multi-step process and includes loading an Apache web server, MySQL, ODBC drivers and then the SEMS application. The client can be loaded in two ways. The first is via manual deployment and the second is via a preconfigured package automated using the Savant MSI and Microsoft Installer Transforms (MSTs). We would have preferred a tighter integration with a directory services solution. Besides the lack of AD integration, we were very pleased with the remaining management interface capabilities. Navigation of the user interface resembles a web browsing experience with menus down the left side and data panes to the right.
Savant has extensive logging and alerting capabilities, with decent built-in reports and the ability to create custom reports and published database views for use by external reporting systems. System Intelligence harvests hardware and application information. The inventory capability was a real nice feature and delivered a lot of what the more expensive inventory solutions would provide. Administrators can easily manage device applications and hardware features and disable unwanted software and devices.
Phone and knowledge base support is included, and additional support options are available for a fee.
Sign up to our newsletters
SC Magazine Articles
- APT operation 'Double Tap' exploits serious Windows OLE bug
- 'DoubleDirect' MitM attack affects iOS, Android and OS X users
- Android malware 'NotCompatible' evolves, spawns resilient botnet
- The Internet of Things (IoT) will fail if security has no context
- Regin: nation-state possibly behind the stealthy modular spying malware
- Operators disable firewall features to increase network performance, survey finds
- DDoS attacks cost organizations $40,000 per hour, survey finds
- Waste no time patching Windows Schannel, OLE bugs, experts warn
- Study: 68 percent of healthcare breaches caused by loss or theft of devices, files
- Spin.com redirects to Rig Exploit Kit, infects users with malware, Symantec observes
- Study: 'High priority' issues hamper endpoint security solution implementation
- Researchers identify POS malware targeting ticket machines, electronic kiosks
- Pirated Joomla, WordPress, Drupal themes and plugins contain CryptoPHP backdoor
- DDoS attacks grew in size, threats became more complex, Q3 reports say
- Man gets 18 months in prison for accessing Subway POS devices, loading up gift cards