Bit9 Parity Suite v6.0.2
Strengths: Drift reporting and dashboarding
Weaknesses: Not a lot of out-of-the-box templates for policy or reports
Verdict: A great complement to existing firewall and anti-virus endpoint solutions. The drift reporting capability is worth the investment alone
Bit9 Parity is a policy-driven whitelisting solution for managing the applications and devices that can run on Windows computers.
Parity provides the ability to track the propagation of software in an environment, generate audit trails of portable storage activity and control the software and devices used on computers, including blocking modern malware, targeted attacks, installation of unauthorised software and execution of files from unauthorised devices.
Parity Server Software installs on Windows Server 2003 Standard or later. Administrators need to have Internet Information Services and .NET installed on the server and have SQL Server on the server or remote prior to loading the application. SQL Server 2005/2005 Express and SQL Server 2005/2008 are supported. The install was wizard-driven and straightforward. Once installed, the server console is accessed via any web browser.
Parity uses an agent-based approach for client management. Client stations download the agent from the server. Computers are not imported, they are discovered once the client is loaded. Although computers are not discovered via Active Directory (AD), they can be mapped to Parity policies via AD policies. Once installed, administrators can gather a file inventory from the endpoints.
Bit9 Parity provides an in-the-cloud, software-reputation service that assigns a trust rating to all software to identify computers at risk with embedded malware. It also provides policy-based controls that ensure only trusted software, portable storage devices and configuration changes are made to the endpoint.
The package includes application control and whitelisting, device control, file integrity monitoring, registry protection, memory protection, operating system integrity protection, trust-based software reputation and cloud-based policies. Administrators approve new applications or patches using the methods that best suit them.
Parity features several automatic approval methods (trusted directories, approved publishers, trusted users and enabled updaters) that make it simple to approve new software without having to do it file by file.
The user interface is easy to navigate. The home page is dashboard-driven and users have a lot of flexibility to customise portlets. Administrators can display any of the Parity summary information or even link a portlet to an outside URL for additional data. Reporting was light, but again, clients can add what they want. There was one feature that we found particularly useful: a baseline drift report.
Standard support is available at 20 per cent of the purchase price, while 24/7 support costs 25 per cent of the purchase price. The documentation is well done and easy to follow.