August 01, 2003
WatchGuard Technologies, Inc.Product:
- Ease of Use:
- Value for Money:
- Overall Rating:
Places the emphasis on prevention, rather than cure.
Works only with IIS on NT/2000, and there is no alerting functionality.
Applock/Web offers a good solution to locking down both the web server and the operating system.
Applock/Web works for web servers based on Microsoft IIS running on Windows NT/2000. It locks down both operating system and web server application. It auto-discovers which files are associated with web server functions (this may include web content and web scripts) and locks them down. It works within the operating system at the kernel level.
Installation is very easy, and the AutoDiscovery feature automatically searches for over 200 different file extensions commonly used to support IIS web servers. You can add to this list of file extensions and manually configure which files and folders need to be protected, but the default setting will be suitable for most situations.
It is easy to make authorized changes. Applock/Web uses password authentication and public-key-encrypted communications to enable an authorized administrator to make necessary changes. Then the server is locked down again immediately. Strong passwords are enforced to prevent easily crackable passwords.
AppLock/Web protects user accounts, date and time, the Microsoft IIS metabase, and the stack buffer against overflows and other common attack methods. Even someone with web server administrator privileges cannot make changes to protected files or the registry without the lockdown password.
Although it works at the kernel level, AppLock/Web does not modify the NT/2000 kernel. AppLock/ Web is installed as a device driver, which extends the capabilities of the Microsoft kernel. Because Applock/Web uses programming methods commonly used by encryption and anti-virus programs, there is no need for any special kernel certification. It uses well-known and published entry points that require no proprietary knowledge of or access to the inner workings of the operating system.
Logging is provided for later analysis or forensics. When access to a protected file is denied by Applock/Web, a record is kept in the Windows System Event Log. This log may be used later to identify intrusion attempts and provide evidence of hacking attacks.
Central management of multiple instances of Applock/Web is easy with WatchGuard's ServerLock Manager application. ServerLock Manager uses a combination of kernel-based PKI, a 239-bit eliptical curve cryptosystem (ECC) from Certicom, and triple-DES encryption to protect instructions and communications from the management console.
SC Webcasts UK
Information Security Manager
Infosec People - Hammersmith, West London
Information Security Risk Manager, £45-55k + bens
Infosec People - West Midlands, England, Coventry
SOC Analyst, Aldershot, £55-63k + benefits
Infosec People - England, Aldershot, Hampshire
Security Architect, Cardiff - to £70k Basic
Infosec People - Cardiff, Wales
Interim CISO (Chief Information Security Officer) - Cyber Security Director
CYBER EXECS - London (Central), London (Greater)
Sign up to our newsletters
SC Magazine UK Articles
- Gooligan ad fraud malware infects 1.3M Android users, installs over 2M unwanted apps
- Met Police grab suspect with phone unlocked to get hold of data
- Cyber-security must reflect risk not just regulation
- Data centres are on the move - where will they end up?
- The information security implications of M&A deals
- SC Awards Europe 2016 winners announcements!
- ISIS radicalises 'lone wolves' through strong social media presence
- Updated: How will Brexit affect the cyber-security industry in UK and Europe?
- 9.2 million medical records for sale on darkweb
- Microsoft Office 365 hit with massive Cerber ransomware attack, report
- Over 400,000 phishing sites have been detected each month in 2016
- TalkTalk customers urged to get routers swapped over hacker fears
- Report: Mirai 'is just the tip of the iceberg'
- Avalanche takedown involved searches in 40 countries
- India Supreme Court calls on tech giants to curb sexual assault, cyber-crime