July 27, 2005
New Boundary TechnologyProduct:
from $22 per workstation, $395 per server
- Ease of Use:
- Value for Money:
- Overall Rating:
Will help the helpless ensure the best security settings for many server and PC roles. Also helps experienced users rolling out customized settings.
Some of the scripts do very little and when it is a server policy, it could be easier to visit the server and do the job manually.
A welcome aid for mid-sized companies that are finding the growth in their IT investment too much to handle.
Configuring the security settings on Windows servers, desktops and notebooks is an overly complex chore. Ensuring that the users do not reset any of the settings just adds to the headache. Policy Commander automates this task using predetermined policies.
Without wishing to sound unkind, Policy Commander is the Windows security equivalent of the Dummy's Guide To series of books. This is because it requires very little technical skill – it is supplied with around 70 pre-scripted policies ready to be applied to unprepared machines.
The advantage of using the templates is that they have been tried and tested for the roles they serve. For example, with eight basic roles for Windows servers and the possibility that any one server may take on two roles at a time, determining the correct settings requires technical knowledge, and a script would have to be constructed and applied. With Policy Commander, this becomes a plug'n'go task.
Senior IT staff may look down on this simple version of policy management, but Microsoft is rolling out more servers to the lower end of the market where technical expertise is rare.
First, the system needs to be set up, which means all managed computers have to have an agent installed. Only desktop and server OSs from Windows 2000 are supported, and the control system is based on a central Channel Server for policy management and a database server that stores data about the managed systems and the policies. The database can be Microsoft SQL Server or MSDE.
When the computer clients have been configured through the web browser interface, the next task is to keep them in compliance. This is done by polling the agents and any systems that have changed are flagged up. For unattended Policy Commander installations, an email can be sent to record this.
What happens next depends on the leniency of the settings. New Boundary recommends setting the system to take no action to see if users change settings. If they do, and there is a common factor, it could be worth investigating to see why. When happy with the settings, the level can be raised to "enforce" level, which will reset any modified computer.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- Same fate befalls Post Office broadband as hit DT?
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Former Expedia IT employee admits to hacking execs from the inside
- Cyber-insurance: What will you be able to claim for and is it worth it?
- Levelling the playing field against targeted attacks
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime
- IoTSF conference: EU should become de facto regulator