[gptalk] Re: Lumension Sanctuary

  • From: "Michael Pietrzak" <mpietrzak@xxxxxxxxxxxxxxxx>
  • To: <gptalk@xxxxxxxxxxxxx>
  • Date: Sat, 19 Apr 2008 21:16:12 -0700


About six months ago, I started looking at application whitelisting apps. At 
the time (and for the most part still) there are only three real players, 
Lumension (formerly Securewave Sanctuary and Parity from Bit9. The third 
company has since gone out of business I think. They were the only players who 
really offered application control by hashing the entire OS and program files 
and not allowing anything new on the system unless it was approved by an admin.

I tested Sanctuary for about one months time as getting into this type of 
security is very admin heavy and can break alot of stuff if not implemented 
correctly. I won't go on and on but you are free to contact me offline if you'd 
like as I'm sure it would bore the email list tremendously (email me at 
mikepiet at hotmail dot com), but to bottom line it for you, I felt Sanctuary 
did a lot of things really well, for instance device control, but when it came 
time to do things like patching systems and rolling out updates for things like 
anti-virus and things of the sort, I felt it was too cumbersome and not easy to 

I ultimately went with a competing product called Parity from a company called 
Bit9. They made the process of patching systems and approving allowed software 
a much easier process. Their device control piece is not as robust as 
sanctuary's but it does the job of blocking USB keys and keeps staff from 
reading strange CD's. I hope in the next version they emphasize more of the 
device control piece.

Ultimately, Sanctuary, and also Parity, do a great job of keeping spyware and 
unauthorized apps off users computers. I just though  Bit 9's implementation 
was easier to work with when it came time to allowing certain publishers, say 
adobe, upgrade products and it was a heck of alot easier to work with when it 
came time to deploy patches from my Shavlik patch deployment server.

But again, email me offline if you have any other questions.


Has anyone got anythiing good or bad to say about Lumension's
Sanctuary software?
You can unsubscribe from gptalk by sending email to 
gptalk-request@xxxxxxxxxxxxx with 'unsubscribe' in the Subject field OR by 
logging into the freelists.org Web interface. Archives for the list are 
available at http://www.freelists.org/archives/gptalk/

Other related posts: