PowerBroker is a solution from BeyondTrust for privilege management and application control on physical and virtual Windows desktops and servers. By leveraging Active Directory and Group Policy, PowerBroker tries to eliminate administrator privileges, allowing users to run as standard users and give granular control over the applications a user can/can't launch on his desktop.
BeyondTrust suggests that for a secure and compliant Windows environment, end users must not be granted local administrator or even power user privileges. Certain applications require elevated privileges in order to run and many users often need the ability to manage certain elements of the system; installing printers, changing network settings, or installing approved software.
Granting users additional privileges is not the optimal solution. So, what PowerBroker does is to assign only the required privileges to specific applications, rather than giving those privileges to the user. This enables businesses to adopt the best practice of “least privilege” to improve their security and malware resistance without impacting the user's productivity to perform different tasks. Removing administrator rights from users mitigated nearly 80% of the Microsoft vulnerabilities disclosed in 2011, according to the Microsoft vulnerability database. PowerBroker's whitelisting and blacklisting technology allows you to specify which applications are permitted to run (or which are not) using a GUI.
PowerBroker facilitates silent discovery of applications that require elevated privileges and automatic generation of a set of rules to ensure those applications are granted the appropriate rights. A cut-and-paste operation allows one to deploy these rules, and then safely remove administrative rights from users without any visible change. There is also PowerBroker DLP, a DLP solution for physical, virtual, and mobile devices. It leverages artificial intelligence to simplify DLP deployment.
With PowerBroker for Windows, organizations control the execution of applications, software installs, ActiveX controls, and system tasks that require elevated or administrative privileges. Policies in PowerBroker are applied by creating rules in the familiar Group Policy Editor. Users, groups, and individual devices are targeted using Group Policy. Thus, by setting PowerBroker policies, end-users without administrative privileges are able to run the applications that admins choose. Users can request for a free trial from http://ld2.in/4eb.