Strengths: Detailed notebook/PC protection.
Weaknesses: Takes a lot of work to get the initial policy working.
Verdict: Protects your notebooks and PCs from potentially harmful wireless networks. Its detailed tools ensure that your wireless security policy is adhered to even when people are out of office.
Wireless notebooks should be just as well protected as corporate wireless networks. SkyRecon’s StormShield achieves that.
But first you need to install a SQL database, the server and, finally, the management console. After that, you’ve got a scalable and robust management system, and central management and reporting, too.
StormShield can distribute its client remotely to any Windows 2000 or XP machines you have on the network. From there, it’s a matter of defining a policy controlling access. Here, StormShield provides some of the most detailed controls that we’ve seen.
Of particular interest are the WiFi controls. First, you can block enable or disable all WiFi connections. If you want finer control, then you can allow infrastructure mode connections, but block ad-hoc networks – a potential problem for notebooks, which often broadcast their presence to other notebooks.
Fine control of this is possible, so you can even decide on the type of wireless networks you are going to allow – for example, you can stop a notebook connecting to unprotected networks, only allowing it access to those protected by WPA or WPA2.
Remember that doing this will prevent access to hotspots, so if your users need access to them, you’ll have to do a bit more work. Fortunately, you can use the Device Firewall to select Access Points and add the SSIDs of the common hotspot providers. This will probably need quite a bit of fine tuning to get it right, though.
On top of the wireless controls, you can specify exactly the kind of access you want to give to the notebook. This goes from firewall rules, where you can define policies much like on your edge devices, to applications, where you can even choose the kinds of files that they’re allowed to open – for example, you could stop Outlook sending any .doc files.
You can even block USB keys, preventing harmful files from even getting onto the notebook.
It’s such a powerful application that there’s not enough space here to cover everything it does. But there’s quite a burden of management when you first configure your policies and some effort will be needed to make sure your rules don’t get in the way of real work.
Once you’ve got it working smoothly, however, StormShield provides excellent and detailed protection for your PCs and notebooks.