Faronics is pleased to announce the release of Anti-Executable 5.0 This is a major release that adds four new features and squashes one nasty bug.
The new features are:
Central Control List
The Central Control List represents a collection of all files and publishers that can be used to create and enforce Anti-Executable policies. The entries in the Central Control List do not contain Allow or Block parameters and such actions are configured via Anti-Executable Policies.
Policies are used as the vehicle for enforcing specific configurations of Anti-Executable. A policy contains configuration of file, folder, publisher control attributes, alerts, temporary execution mode details, and general settings.
Granular control of Publishers
Publishers can be controlled on four different levels: Certificate, Product Name, Program File and File Version.
Three New Reports
Three new reports are available: Additions to Local Control List, Addition to Central Control List - Files, and Addition to Central Control List - Publishers.
User Interface Improvements
The following user interface improvements are available: In-column search and filtering when navigating control lists, Provisioning of Anti-Executable users based on local and domain accounts, and Alert dialog.
A number of these changes have required that we remove, or signifcantly change some of the existing features in the product:
Blocking of Publishers
Anti-Executable no longer provides an ability to block a specific Publisher. Since Anti-Executable works on default deny principle, only programs that are explicitly allowed to run will execute, leaving any unauthorized program as blocked. With the added flexibility of publisher control on publisher, program, file and version levels, an administrator can allow only a specific version of a particular file within a program entry of a publisher certificate. This will eliminate program version fragmentation and only allow a specific version of a product to run.
Dedicated Whitelist or Blacklist
Having a dedicated whitelist of blacklist can be confusing to a user as the same executable can be allowed to run on one computer, but blocked on another. This is why an execution control list has been created and the local control list is augmented by policies that specify whether a program is blocked or allowed to run. Blocking action always takes precedence.
Detailed release notes can be found at: