Within the Walls of the Citadel
WinShield and NetOff protect your network from the inside.
Ancient cities protected themselves from enemies by erecting
massive walls around the city perimeter. This barrier was quite thick and nearly
impossible for armies to penetrate. I’m reminded of these prodigious structures
because they afforded cities something that we need for our networks today—impregnable
security. When network administrators build walls around their cities, there
are two problems that need to be addressed (there are actually more but we’ll
look at two here): unattended stations that have been left logged on, and users
changing their own system settings. To help you build an impregnable wall around
your network that will protect against these problems, Citadel Technology has
developed WinShield and NetOff.
As soon as you buy a new piece of software, what’s the first
thing you do with it? I usually install it and start playing around, changing
colors and settings, and clicking every button I can find. Your users do the
same thing with their desktop machines, most often to their (and, alas, your)
detriment. To prevent potential damage, install WinShield.
WinShield is a comprehensive program designed to stop users
from changing settings on their machines. Here are just a few of its options:
- Stop users from editing their Registry.
- Prevent users from accessing music CDs on their systems.
- Hide specific drives from users.
- Prevent sharing, addition, and deletion of printers.
- Deny network access entirely or just deny access outside
of the local network.
At this point, you might be wondering, “What makes WinShield
different from, say, the built-in System Policy Editor that comes with Windows
NT for free?” The truth is, the tools complement each other—WinShield is capable
of things that the Policy Editor isn’t, and vice versa. For example, WinShield
is capable of hiding specific drives from users (show the C and E drives, but
make D invisible). The built-in tool for NT is capable of hiding specific tabs
on the display properties dialog box, whereas WinShield hides the entire properties
box. So, the tools work together quite well.
WinShield is available in a client/server version, which
allows you to install and configure each machine separately without having to
resort to a software distribution tool.
|WinShield makes a worthwhile companion
to the Systems Policy Editor.
A common problem on many networks is the unattended, logged
on workstation. Naturally, an unattended, logged on network allows unauthorized
employees to access files, email, and sensitive materials from that workstation.
Your users mean well, but perhaps one of them was shanghaied into a meeting
on the way to the watercooler. Regardless of the reason, the effect is the same.
NetOff is capable of activating a password protected screen
saver on the user’s system, to protect your network from well-meaning users.
NetOff can monitor for inactivity on the machines and take actions such as shutting
down all applications and leaving the user logged on, logging the user off of
the network entirely, or even shutting down the machine. NetOff is a client/server
product, meaning that it’s configured and administered from a single machine
and installed over the network on the client machines. Every time the client
logs on to the network, the user will pick up any changes to the NetOff configuration,
which are applied immediately (a feature that makes NetOff ready for any size
The only drawback I could find (and believe me, I looked)
is that NetOff is installed and loaded on the client machines via a logon script.
That’s good, but the logon script that the setup program created for me had
the wrong path to the software, so the first time I tried to run it, nothing
happened. I had to modify the batch file to fit my needs, but that was easy
|NetOff can keep users from
leaving sensitive information within prying distance.
Protect Your Network
WinShield, designed to lock down users’ systems so that they
can’t make changes to the system themselves, is useful for small to medium networks
when used in conjunction with the System Policy Editor. NetOff also delivers
with flying colors, and is suitable even for larger enterprise use.
Overall, when you’re building a wall around your city, you
want the wall to be as strong and thick as possible to keep out those who would
do you harm. Using the software from Citadel can help you to do just that.
Joseph L. Jorden, MCSE, MCT, CCNA, CCDA is Chief Technical Officer for Dugger & Associates (www.Dugger-IT.com). He was one of the first 100
people to achieve the MCSE+I and one of the first 2,000 to become an MCSE under Windows 2000. Joseph frequently contributes to books from Sybex and various periodicals.