Product Reviews

Within the Walls of the Citadel

WinShield and NetOff protect your network from the inside.

• By Joseph L. Jorden
• 04/01/2000

Ancient cities protected themselves from enemies by erecting massive walls around the city perimeter. This barrier was quite thick and nearly impossible for armies to penetrate. I’m reminded of these prodigious structures because they afforded cities something that we need for our networks today—impregnable security. When network administrators build walls around their cities, there are two problems that need to be addressed (there are actually more but we’ll look at two here): unattended stations that have been left logged on, and users changing their own system settings. To help you build an impregnable wall around your network that will protect against these problems, Citadel Technology has developed WinShield and NetOff.

WinShield

As soon as you buy a new piece of software, what’s the first thing you do with it? I usually install it and start playing around, changing colors and settings, and clicking every button I can find. Your users do the same thing with their desktop machines, most often to their (and, alas, your) detriment. To prevent potential damage, install WinShield.

WinShield is a comprehensive program designed to stop users from changing settings on their machines. Here are just a few of its options:

• Stop users from editing their Registry.
• Prevent users from accessing music CDs on their systems.
• Hide specific drives from users.
• Prevent sharing, addition, and deletion of printers.
• Deny network access entirely or just deny access outside of the local network.

At this point, you might be wondering, “What makes WinShield different from, say, the built-in System Policy Editor that comes with Windows NT for free?” The truth is, the tools complement each other—WinShield is capable of things that the Policy Editor isn’t, and vice versa. For example, WinShield is capable of hiding specific drives from users (show the C and E drives, but make D invisible). The built-in tool for NT is capable of hiding specific tabs on the display properties dialog box, whereas WinShield hides the entire properties box. So, the tools work together quite well.

WinShield is available in a client/server version, which allows you to install and configure each machine separately without having to resort to a software distribution tool.

WinShield makes a worthwhile companion to the Systems Policy Editor.

NetOff

A common problem on many networks is the unattended, logged on workstation. Naturally, an unattended, logged on network allows unauthorized employees to access files, email, and sensitive materials from that workstation. Your users mean well, but perhaps one of them was shanghaied into a meeting on the way to the watercooler. Regardless of the reason, the effect is the same.

NetOff is capable of activating a password protected screen saver on the user’s system, to protect your network from well-meaning users. NetOff can monitor for inactivity on the machines and take actions such as shutting down all applications and leaving the user logged on, logging the user off of the network entirely, or even shutting down the machine. NetOff is a client/server product, meaning that it’s configured and administered from a single machine and installed over the network on the client machines. Every time the client logs on to the network, the user will pick up any changes to the NetOff configuration, which are applied immediately (a feature that makes NetOff ready for any size network).

The only drawback I could find (and believe me, I looked) is that NetOff is installed and loaded on the client machines via a logon script. That’s good, but the logon script that the setup program created for me had the wrong path to the software, so the first time I tried to run it, nothing happened. I had to modify the batch file to fit my needs, but that was easy to do.

NetOff can keep users from leaving sensitive information within prying distance.

Protect Your Network

WinShield, designed to lock down users’ systems so that they can’t make changes to the system themselves, is useful for small to medium networks when used in conjunction with the System Policy Editor. NetOff also delivers with flying colors, and is suitable even for larger enterprise use.

Overall, when you’re building a wall around your city, you want the wall to be as strong and thick as possible to keep out those who would do you harm. Using the software from Citadel can help you to do just that.