Here's how it works: When a user attempts to launch a non-centrally authorised executable file type, a dialogue box will appear that offers the option to deny or accept the launch. If it comes from a trusted and known source, the choice, obviously, would be to authorise. If a dialogue box appears after merely opening an email or an attachment, the choice would be to deny. No longer can worms and viruses turn innocent users into unwitting accomplices. No longer do you have to worry about every download or installation. Sanctuary offers the oversight you need - and the flexibility your users want.

Sanctuary calculates a cryptographic hash for each executable file. This 20-byte signature is generated using the well-known SHA-1 algorithm and serves to identify a particular file. This signature is calculated on the binary content of the executables itself instead of weak attributes such as file name or path, ensuring that only known and allowed will be executed. The signature is calculated at each and every launch of any executable code with no performance impact, delivering 100% reliability. Even if only one bit of the original file is modified it will not be allowed to execute on the host without the express approval of the user.

Sanctuary can be implemented in two easy steps:

1) You collect and centrally authorise files by generating a signature for each one of them in order to populate Sanctuary's database. Sanctuary provides the tools to quickly build your inventory of allowed executable files based on authorised Operating Systems and applications.

2) Grant access to all users.

Immunity to new threats -  The Whitelist Approach
Sanctuary positive approach makes the organization immune to new threats, both internal as well as external. Sanctuary Standard Edition is the only solution on the market that solves, once and for all, all issues related to unlicensed applications, viruses and Trojans. The organisation only has to focus on what it wants its users to run without having to worry about what will come next - there is no next.

Strong application Identification
Sanctuary Standard Edition uses a fingerprint (SHA-1) based application identification ensures the organisation that end users can only execute authorized (centrally or by user) applications.

Standard File Definitions (SFDs)
SFDs make you save time and effort in the maintenance of what executable files user/user groups can launch. Predefined Microsoft OS and most common applications lists can be used to pre-populate the database, reducing the initial effort to implement Sanctuary.

Application Management
Managing applications using different workstations is a time consuming and error prone task. With Sanctuary Standard Edition, you simply collect and centrally authorise all files and then grant access to all users.

Common Three-tier architecture
Sanctuary Standard Edition three-tier architecture is designed for large networks and requires minimal deployment on the client side. Our kernel drivers come with built-in TCP clients and servers and do not require any other additional component (MDAC, ODBC, etc.).

Workgroup and Local User Support
Any and all components may be installed on computers that are part of a network (local user or domain).