Security vendor CoreTrace is updating its Bouncer whitelisting application this week, providing new insight and control into securing applications for enterprise use. The basic concept behind whitelisting is to only enable approved applications and deny access to those that aren't.

With the proliferation of applications and the growing strains on enterprise IT, it's not always possible to have all the necessary applications on a whitelist. That's where CoreTrace's new Bouncer 6.0 release is aiming to help.

Bouncer 6.0 includes a new cloud-based intelligence service that is being integrated to help administrators stay up-to-date on current application security risks and patches. The new Bouncer release will also help to enable enterprise compliance with software licensing by providing visibility into application usage.

Overall, what CoreTrace is aiming to do with its new release is help broaden the definition of what whitelisting applications are able to do as enterprises continue to secure their application usage.

More flexible whitelisting

While CoreTrace's previous Bouncer 5.0 product provided safe application lists, it didn't allow individual users to load applications that weren't on the list. While that may work out well for a strict enterprise security policy it also negatively impacts usability. By enabling users that are trusted to add their own applications, Core Trace is aiming to overcome a key barrier to broader adoption of whitelisting technologies.

"This allows enterprises to have locked down security, but still allow certain users to make changes to their box when they need to," Tony Jennings CEO of CoreTrace told InternetNews.com. "It then also gives the Bouncer admin the ability to rollback if they don't like it."

Thanks to the application visibility provided in Bouncer 6.0, the system can also be used to help ensure that applications are properly patched and up-to-date. Ron Clarkson vice president of product management at CoreTrace told InternetNews.com that Bouncer 6.0 can also be integrated with patch management technology

"One of the things we're doing with 6.0 is we're releasing APIs that will allow our system to work with patch management vendors more closely," Clarkson said.

Linux appliance model

With the Bouncer 6.0 release, CoreTrace is also changing the way it delivers its technology. For previous releases, the company had a physical hardware appliance powered by an embedded Windows operating system. Starting with Bouncer 6.0, the company is moving to a software appliance model powered by Ubuntu Linux.

Clarkson noted that CoreTrace does not have a formal business partnership with Canonical, the lead commercial sponsor of Ubuntu, though he noted that they have had discussions. The reason why the company is moving to the software appliance model is to help enable more deployment use cases for both physical and virtual enterprise networks.

Moving forward, CoreTrace is looking at delivering a cloud-based on-demand version of Bouncer.

"We have a future offering called 'Bouncer on demand' that we're likely to offer by the end of the year," Jennings said. "It will be likely of use to SMB (small to medium-sized business)-type users that don't have the resources to setup a system on their own or are looking for a lower cost, easy-to-deploy solution."

Sean Michael Kerner is a senior editor at InternetNews.com, the news service of Internet.com, the network for technology professionals.