Airlock Digital Application Control is used for application control as part of meeting the New South Wales Essential Eight program. It assists in preventing malware, and in the time we have been using it, we have only had one detection where it picked up a malicious file, which demonstrates strong performance.

The connectivity with InTune is exciting because it automatically pre-approves applications from the InTune library, which means I do not have to update the system as frequently. The console is also excellent and very clear to understand.

Airlock Digital Application Control helps with our cybersecurity posture and maturity by allowing us to lock down a user environment with only approved applications. It stops other applications that are not approved from running, without requiring traditional administrator access to install or run them.

Airlock Digital Application Control has room for improvement in detecting and setting a standard environment when updates for programs are released. A better way to detect when we have approved programs but their updated versions also need approval would be helpful. As a very small cyber team, we continually look for efficiencies we can gain.

I have been working with Airlock Digital Application Control for three to four years.

I would rate Airlock Digital Application Control a 10 for stability. We have had no stability issues with it. Any stability issues we have experienced are the result of us blocking the wrong application, which is not the product's fault because it works as advertised.

I would say the scalability of Airlock Digital Application Control is a 10. Scaling from 150 to 180 to 220 users has not presented any issues.

I would rate the technical support from Airlock Digital Application Control a 10. There has not been anything we have asked that they have not been able to solve for us. The recent upgrade process was very easy.

Airlock Digital Application Control is pretty easy to deploy and work with. We do not perform manual deployment of it. It is baked into our mandatory InTune Standard Operating Environment, so deployment is just updating the client to newer versions occasionally.

I see about a 50 to 60 percent return on investment with Airlock Digital Application Control, not just financially but in terms of saving resources and time, especially when comparing it to other application whitelisting solutions that are much more involved.

The pricing of Airlock Digital Application Control is adequately set. We have budgeted for it, and it is one of our more significant line items, but we have the budget for it.

The single SKU licensing model of Airlock Digital Application Control has made budgeting and resource allocation easier because there are not as many components. We can have it as a single line item for however many licenses we have.

I compare Airlock Digital Application Control very highly to other vendors like ThreatLocker, Microsoft, Ivanti, and Carbon Black. We have recently looked at ThreatLocker and Microsoft in comparison to Airlock Digital Application Control. I have not looked at Carbon Black, and we are not looking at other options at the moment.

I hope to use the bidirectional REST API in Airlock Digital Application Control very soon to connect with a SOC SIEM solution to help with our reporting.

Regarding the integration capabilities of Airlock Digital Application Control, from the version we were running to the current version and the features we are looking at using, the integration options are fantastic and seem quite easy to implement where we need them.

Assessing the clarity and speed of the new interface of Airlock Digital Application Control compared to the previous version is challenging because I have mostly interacted with the previous interface and we have only recently upgraded. We might be among the last to upgrade, and I have not used the new interface extensively.

I do not use the policy change history in Airlock Digital Application Control because I believe that is a new feature we have not yet unlocked. We have just completed that upgrade, and we were quite behind on our updates.

I recommend Airlock Digital Application Control to other users because of the quality and the features we have discussed. It is a good product. The reason for my rating of Airlock Digital Application Control is really the updating of the database of applications we want to whitelist. It is more of a personal preference because as a small team, I do not have much time for this task. It is a larger task that we would like to make more efficient somehow without just approving everything. My overall rating for Airlock Digital Application Control is 8.

I use Airlock Digital Application Control for application control, primarily handling servers. The solution manages approximately 1,000 servers with centralized control.

Airlock Digital Application Control offers several best features. The application server itself is very light and operates at fast speeds. When whitelisting something, it applies immediately over the network. The solution handles multiple network subnets including layer four and layer 3.5, and all operate very fast.

Recently, improvements have been made to the whitelisting functionality in Airlock Digital Application Control. When any client finds files blocked, a pop-up appears, and they can request approval directly from there. The console displays incoming requests and shows whether they are whitelisted, approved, not approved, or denied.

If Airlock Digital Application Control implemented AI, it would be very beneficial. The solution is very easy to handle from our end, but AI implementation would make it even better.

If the solution can generate an email and send requests to the call center to create a work order or change request in the upcoming updates.

I have used Airlock Digital Application Control for the last year primarily for application Whitelisting

The stability of Airlock Digital Application Control receives a rating of 10.

Scalability with Airlock Digital Application Control also receives a rating of 10.

The technical support of Airlock Digital Application Control receives a rating of 10 because only a few cases were opened and they were handled perfectly. Support has not been required often, and it can be handled very well. The technical team was present during implementation and provided all necessary support and guidance.

Previously, another application was used for more than 10 years. Recently, that product was not undergoing any development, so this year the switch was made to Airlock Digital Application Control. A proof of concept was completed more than a year ago, and the solution was found to be very light, very fast, and much better than the previous one.

Airlock Digital Application Control was compared with other vendors including Trend Micro, Ivanti, CrowdStrike, and Sophos. Ivanti was used for the last 10 years and was based on Windows, making it heavy and not lightweight. Airlock Digital Application Control is Linux-based and very lightweight.

Installation of Airlock Digital Application Control takes less than one day. The application is deployed, tested on a few endpoints, and then deployed group by group to avoid creating problems across all machines simultaneously. This group-by-group approach was perfect with no complaints generated.

Airlock Digital Application Control has been deployed on-premises, and it was downloaded from the support portal. Installation is very easy.

Four admins have control of Airlock Digital Application Control. Approximately one thousand servers are used by many people in application administration roles across different divisions. Four application admins handle the solution, and one admin deployed it.

The infrastructure team handles the setup, while the licensing part is handled by another department.

Airlock Digital Application Control's policy change history feature is used with multiple policy groups. The latest version allows policy application on a host-based level, where even a single endpoint can have policy applied.

Airlock Digital Policy Creation Wizard is very helpful for determining which files the admins are using. The company policy prevents unauthorized installations because the information security team is very cautious about implementing new installations and EXE executions. These installations can be controlled through the portal.

Granular policy control of Airlock Digital Application Control provides strong satisfaction.

Airlock Digital Application Control can be highly recommended, and the overall rating is 10.

I use Airlock Digital Application Control as part of my role in the security team managing endpoint controls and broader defensive measures. I have been working with the product as part of strengthening our application control strategy, mainly around policy design, fine-tuning, and making sure it fits business requirements without causing too much disruption.

I appreciate several aspects of Airlock Digital Application Control. What I appreciate most is that it enforces discipline in the environment. It aligns well with least privilege principles because only approved software runs. That alone removes a large category of risk that traditional reactive tools still have to chase. The organization I am working with currently uses a variety of software and applications, and thus it becomes even more necessary to have a robust mechanism to safeguard our assets. Airlock works very well in this regard.

I feel that with respect to Airlock Digital Application Control, the upgrade process is very straightforward and simple. There is no downtime required. If they roll out a new version, it is easy to upgrade to the latest version without any reboot. There is no downtime required to upgrade Airlock Digital Application Control to the latest version. This is something I really appreciate.

Another aspect I can think about is clear audit visibility. In Airlock Digital Application Control console, you are able to get a log of everything. Even if I log into the console, there is an audit that a user, Mahesh, has logged in. If someone has added some hash or any kind of whitelisting has been done, everything is recorded. I have clear audit visibility.

The most valuable part is the centralized policy management. I can have a centralized policy in place to support a list of servers. For example, I have a policy in place to protect all my workstations. Then I have a separate policy to protect my UNIX workstations. Similarly, a separate policy for Windows Server. I have centralized policy management, and it becomes very easy with respect to Airlock Digital Application Control in this regard.

The proper governance and control that Airlock Digital Application Control provides helps to improve auditability and governance over our policies. I am working with a government organization. Here we have multiple teams using their own kind of software and applications. The problem is that without proper governance, there is a chance of data leakage or any threat entering into the network, as they all use their own kind of software and USB keys. With Airlock Digital Application Control, we have proper governance in place because by default, everything is blocked. We follow the policy of zero trust. Anything which is not known is completely blocked. We ensure that only the approved software is currently allowed. We also ensure that the baselining is in place. When we use different operating systems, like Windows workstations or any kind of Windows versions or Linux versions, we ensure that the operating system is baselined, which helps to stop a lot of unwanted noise. With this, we manage the entire infrastructure.

There are a few areas of Airlock Digital Application Control that I would like to see improved or enhanced in the future. The first thing is that the new version release schedule is quite repetitive, deploying a new agent within a couple of months. This makes it difficult for us to keep in touch because we have a controlled environment, and everything must be done via change management. We cannot upgrade the server or stay up to date with the latest version all the time. Airlock Digital Application Control should release updates but also provide ample time for organizations to adapt to the latest version.

The second area for improvement I think about is regarding the workflows. The workflows require careful tuning during initial rollout, especially in dynamic environments like what we have.

My impression of the granular policy control offered by Airlock Digital Application Control is that it can still be improved. Granular policy control is much better for control and application. For metadata rules to work, all endpoints must be on a particular version or higher. Unfortunately, in our environment, we do not have all machines using the same client version, which becomes a problem. If you go to Airlock Digital Application Control, they have an answer that the best thing you can do is use the granular policy if you have all agents and endpoints on the same version. That is something we need to work upon. Granular policy is much better to control and apply, and this is my experience.

I've been using it for the past one and a half years.

When it comes to stability, I have experienced some issues with Airlock Digital Application Control in the initial versions. In the initial versions, there were issues with memory leaks. I am talking about the versions 4.8 to 5.1. Those versions had a known issue of memory leaks, which caused performance issues. However, after they rolled out 5.2.2, these issues were completely resolved, and since then, Airlock Digital Application Control is working quite well.

I find Airlock Digital Application Control very scalable. I have not seen any issues with the scalability because we have more than 20,000 endpoints, and it is working excellently. We have not faced any issues.

The technical support and customer service teams of Airlock Digital Application Control are quite good. If you ask me to rate them between zero to five, five being the best, I would give them a rating of four. The reason being that the moment you log a case with them, they reach out to you within a short period. They are always happy to come on a call. When you speak and share the problem you are facing, you can troubleshoot things much faster than via chat or email. They are always available on call, which really helps. That is why my rating is four for the support team.

Before Airlock Digital Application Control, I worked on ThreatLocker for some time. Before this organization, I was working as a security analyst in one of the banks. I had the chance, as part of the job rotation, to work with the SOC for a few months. There, I had a chance to work on ThreatLocker. However, I did not get as much exposure to ThreatLocker as I am currently getting with Airlock Digital Application Control.

I was indeed involved in the initial setup of Airlock Digital Application Control.

My experience with the initial setup of Airlock Digital Application Control was quite positive. With respect to the rollout, I would say there were not many challenges because we properly planned the entire deployment. We had apprised all stakeholders about what this product is going to do and what issues to expect once installed across all servers and endpoints. Since we took the right steps, the rollout was quite simple.

Once it was rolled out, the application team and the users faced issues, so we had to train them initially on what can be done and what needs to be done from their end. The first few months were a bit difficult for us due to many calls, tickets, and inquiries. However, once users understood the functionality and how Airlock Digital Application Control can work, things streamlined after a few months, and then everything became easy for us.

Utilizing Airlock Digital Application Control does help to prevent malware within our systems to some degree. We have something called defense-in-depth. The good thing is that because Airlock Digital Application Control works on the principle of least privilege and it works on the principle of zero trust, any new hash or software is by default blocked. This definitely helps. Since we have defense-in-depth, in case something or a threat does enter into a network, we can control it. If Airlock Digital Application Control is not able to detect it, we have different measures in place to control the malware and protect our organization.

Airlock Digital Application Control brings many main benefits to the table that help improve the way the organization functions. One thing I have noticed is that because Airlock Digital Application Control blocks everything, we must keep all the different teams together and make them understand usability. When things are blocked, if they upgrade an application, it gets blocked by Airlock Digital Application Control. We have to tell them this is very important because anything unknown will be blocked. There is an option called OTP. Using OTP, you can block, enable, and allow Airlock Digital Application Control to work. This has been a pain point for us because if a user has the ability to enable OTP and bypasses it, that negates the use of Airlock Digital Application Control. Recently, as part of the improvement measure, we have disabled the feature of OTP for users, so they cannot enable OTP at all. If they want to test an application, definitely Airlock Digital Application Control is going to block it. We have integrated Airlock Digital Application Control with our ticketing tool, ServiceNow. When a user wants to enable OTP, they must submit a request that will by default go to the manager for approval. The request comes to us, and via automation, once the request is approved, the OTP is enabled from the console, allowing that particular machine to test and run the application without issue. This is something we have worked upon.

In terms of integration and automation with Airlock Digital Application Control, what we are doing here is in the case of automation. We rely on different infra teams, like the UNIX team and the Windows team for the upgrade of the agents. What has helped is that from the console, we can perform the entire upgrade of the endpoints. We do not have to rely on the UNIX team or the Windows team because that adds to the delay based on their availability. With this automation feature from the console, after having the change approved, I have the complete control to automate and select the list of servers or machines where I want to upgrade the agents, and this is how it goes about. Automation is really helping us with this.

Based on my experience with Airlock Digital Application Control, I would share a piece of advice with organizations considering it. The first thing I would say for any organization wanting to implement application control whitelisting is to understand the business requirements first and whether this product will meet their needs. Secondly, they must follow a proper governance mode and thorough change management process because you cannot just update or roll out on the fly. If you are going to deploy this particular product in your environment, have the plans in place, take all teams into confidence, and then definitely things will work fine. I would give Airlock Digital Application Control a rating of eight out of ten based on my overall experience.

The DevOps team uses the REST API for Airlock Digital Application Control, but I am not part of that team, so I am not directly administering or controlling or using the REST APIs tool.

The pre-sales team handles the pricing for Airlock Digital Application Control; I am the technical person who looks after the configuration and administration according to the requirements of the client.

We are using the policy change history in Airlock Digital Application Control.

According to the governance, procedures, policies, and SOPs defined within the client environment, which are quite strict, Airlock Digital Application Control provides user-level privileges. Using the policy management tool provided by Airlock Digital Application Control is very beneficial and completely aligns with the compliance and governance expectations of the client.

The endpoint security feature of Airlock Digital Application Control is very beneficial, as are some of the products that have been integrated with Airlock Digital Application Control, making it a very supportive feature.

Some of the vulnerabilities that are meant for CVEs specific to Airlock Digital Application Control need to be addressed in newer versions. This is the improvement that I would suggest, because zero-day exploits are being administered by threat actors on a daily basis, and from a cybersecurity point of view, I need it to be more resilient to vulnerabilities.

During my total career of 13 years, I have used Airlock Digital Application Control with one of my clients who had deployed this solution, and I had been working on that product for more than a year.

I have not faced any lagging, crashing, or downtime with Airlock Digital Application Control for a while, so we are satisfied with it, and every user management is satisfactory.

We have not performed any scalability adjustments for Airlock Digital Application Control because the initial product that we deployed is serving the number of users well. I think there is a license available so we can purchase it and upgrade to the amount of users that is needed, though for now we do not need to upgrade and have not felt the need to do that.

We engage with the customer support portal for Airlock Digital Application Control on and off to get troubleshooting guides or to have issues resolved where we are stuck, and they are very helpful.

Technically, a device always has some operational issues, and this is not specific to Airlock Digital Application Control but applies to any device, such as Cisco, Huawei, Juniper, or any big names in the market, as they always have issues or require troubleshooting. What I found is that their support team is quite technical, and their approach in understanding and resolving the issue is very direct and robust.

Initial deployment of Airlock Digital Application Control is very user-friendly.

The deployment of Airlock Digital Application Control took about a week because I had to configure each policy and each connectivity to our network step-wise. The integration was easy, but the assignment of the policies due to the load of the users was a cumbersome task. Once the users were added, then it was good to go.

I had support from my senior staff for the deployment of Airlock Digital Application Control. As the L2 person, I had to get help from the L3 for some configurations, and meanwhile, the L1 staff also assisted me during the integration and the issues that were faced, and we troubleshot until it was resolved.

The graphical user interface provided by Airlock Digital Application Control is very user-friendly, and configuration management is easy, so this is what I like about it the most.

Some of our clients are using the Cisco ISE product and some of them are using the PAM solution, so there are different options they are using according to their own choice, but I would prefer Airlock Digital Application Control to be a good product and a useful one.

I would rate this review a 9 out of 10.