Sanctuary's Architecture Guide 4.2.2 1
Contents
Introducing Sanctuary ................................................................................................. 3
The whitelist approach ....................................................................................................................... 3
Concepts .................................................................................................................................... 3
Advantages/disadvantages of using a white list ................................................................................... 4
Whitelist and blacklist examples ...................................................................................................... 4
A complete portfolio of security solutions ................................................................................................ 5
Sanctuary Application Control Suite................................................................................................... 5
Sanctuary Device Control ................................................................................................................ 6
Sanctuary for Embedded Devices ...................................................................................................... 6
About this Guide ............................................................................................................................... 6
Typefaces ......................................................................................................................................... 6
Symbol explanation ........................................................................................................................... 6
Keyboard conventions ........................................................................................................................ 7
For more information ......................................................................................................................... 7
To contact us .................................................................................................................................... 7
Chapter 1: Sanctuary components .................................................................................. 9
The SecureWave Sanctuary Database ..................................................................................................... 10
The SecureWave Application Server ....................................................................................................... 10
How permissions are defined, managed, and stored ............................................................................ 11
Sanctuary Client Driver ....................................................................................................................... 12
Installed components ................................................................................................................... 13
Protocol and ports ....................................................................................................................... 14
Operation overview ...................................................................................................................... 15
Key usage .................................................................................................................................. 16
If the SecureWave Application Server is not reachable .......................................................................... 16
Using a proxy to establish client-SecureWave Application Server communications ................................... 17
Configuring your DHCP server and proxy ......................................................................................... 18
Sanctuary Management Console ........................................................................................................... 20
Administration Tools ......................................................................................................................... 21
Network communications ................................................................................................................... 22
Sanctuary Client Driver communications ........................................................................................... 22
SecureWave Application Server communications ................................................................................. 22
Chapter 2: How Sanctuary works .................................................................................. 23
Sanctuary Application Control Suite ....................................................................................................... 23
Before you activate Sanctuary Application Control Suite ........................................................................ 23
When a computer signs on to the network ........................................................................................ 23
When a user asks to run an application ............................................................................................ 24
If the application is on the approved list .......................................................................................... 24
If application access is denied ........................................................................................................ 24
What happens if a computer is taken off the network .......................................................................... 24
Sanctuary Device Control .................................................................................................................... 25
Before you activate Sanctuary Device Control ..................................................................................... 25
When a computer signs on to the network ........................................................................................ 25
When a user asks to access a device ................................................................................................. 26
If the device is on the approved list ................................................................................................. 26
If device access is denied .............................................................................................................. 26
If a computer is taken off the network ............................................................................................. 27