Savant Protection v3.3
April 01, 2010
subscription: $2,995, includes management
- Ease of Use:
- Value for Money:
- Overall Rating:
- Strengths: Very strong solution for locking down endpoints, with a whitelisting approach that simplifies administration and management.
- Weaknesses: Relies on other solutions for AV.
- Verdict: A great approach to defending against zero-hour threats.
Savant Protection v3.3 takes a unique approach to combating malware. This solution was the only one in the batch tested this month that provides application whitelisting capabilities. The decentralized management approach allows the endpoint device to control the execution of applications. It does this by establishing a unique key, or signature, for each application and device. That unique key also prevents applications from being moved to another device and run. By controlling which applications can run on each endpoint device, Savant Protection can control the level of security. Its approach is to provide system lockdown, prevent the use of unauthorized software and eliminate the intrusion and spread of malware.
The Savant Enterprise Management System (SEMS) serves as a centralized console from which any and all systems can be maintained and security information collected. Savant's Management Console enables groups of devices across the enterprise to be configured through an easy-to-use, centralized web-based interface.
The server load does require some time to complete. It's a multi-step process and includes loading an Apache web server, MySQL, ODBC drivers and then the SEMS application. The client can be loaded in two ways. The first is via manual deployment and the second is via a preconfigured package automated using the Savant MSI and Microsoft Installer Transforms (MSTs). We would have preferred a tighter integration with a directory services solution. Besides the lack of AD integration, we were very pleased with the remaining management interface capabilities. Navigation of the user interface resembles a web browsing experience with menus down the left side and data panes to the right.
Savant has extensive logging and alerting capabilities, with decent built-in reports and the ability to create custom reports and published database views for use by external reporting systems. System Intelligence harvests hardware and application information. The inventory capability was a real nice feature and delivered a lot of what the more expensive inventory solutions would provide. Administrators can easily manage device applications and hardware features and disable unwanted software and devices.
Phone and knowledge base support is included, and additional support options are available for a fee.
SC Magazine Articles
- Industry pros react to Cisco, Fortinet advisories after possible Snowden NSA leak
- WikiLeaks postings of Turkish emails included active links to malware
- U.S. government extends offer to protect states from electoral cyberthreats
- Trust exercise: Symantec's new website security expert is reaching out to hacker community
- Cisco shedding 7% of its workforce
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- CEO sacked after aircraft company grounded by whaling attack
- Microsoft warns of new, self-propagating ransomware in the wild
- Wendy's POS breach 'considerably' bigger than first thought
- After NSA leaks, a renewed interest in vulnerability disclosure
- USAA members hit with multiple phishing attacks
- Saving money on security software by improving cyber posture, report
- Two-thirds of IT security pros surveyed expect a breach to hit their company, report
- Epic hack, thousands of salted logins stolen