Preventive measures

Seat belts save lives, yet a lot of people still refuse to wear them. Airbags may not be as effective, but they have the virtue of not requiring drivers to do anything to make them work.

That is apparently the philosophy behind WatchGuard Technologies Inc.'s AppLock/Web. The security program for Microsoft Corp. Windows NT and 2000 Web servers is about as automatic as you can get. Just click on the Lock button in the System Tray, and AppLock/Web will lock down your operating system, Internet information server and your Web sites.

When you lock down, AppLock/Web will automatically check for any new content on the Web site and extend its protection to those pages and new sites.

Forgoing the strategy of intrusion-detection programs, which search for signs of hackers after they may have done their mischief, AppLock/Web claims to lock out intruders before they can do any harm. Even if hackers access your administrator account, for example, they will be unable to access and change system files, Web scripts or pages. Nothing can be changed without first unlocking AppLock/Web.

It's also worth noting that AppLock/Web has stricter requirements on passwords than Windows 2000 and NT. An AppLock/Web password, for example, must be a minimum of seven characters and it must include at least one uppercase character, one lowercase character, one number and one punctuation mark or special character. And you can't reset the password without booting Windows in safe mode, which means physically accessing the server.

WatchGuard claims, and we have confirmed, that AppLock/ Web makes minimal demands on resources. The program takes up only 6M of disk space, and we detected no significant effect on system performance. But AppLock/Web's ease of use has a downside: inflexibility. You cannot, for example, grant editing privileges to remote administrators. Instead, AppLock/Web must be shut off at the server before anyone can make any changes on the Web sites or in AppLock/Web's configuration. So in order to make any changes in your operating system or Web sites you have to bring down the whole security wall, if only for a short time.

And if you want to change the files protected by AppLock/Web, you're limited to switching on or off the 200- plus file extensions recognized by the program.

In short, if you often need to access and change your Web sites or your server configuration, you'll probably want to find a more flexible solution that doesn't require you to entirely suspend security. Otherwise, AppLock/Web is an effective and easy-to-implement solution.



Score: B+

WatchGuard Technologies Inc.
(206) 521-8340

Price: Applock/Web costs $595 per server.

Remarks: AppLock/Web makes it easy to protect your Microsoft Corp. Windows NTand 2000 Web servers from malicious hackers. The downside is that you haveto temporarily disable the security wall to make any changes to the serveror to Web sites.


  • Management
    shutterstock image By enzozo; photo ID: 319763930

    Where does the TMF Board go from here?

    With a $1 billion cash infusion, relaxed repayment guidelines and a surge in proposals from federal agencies, questions have been raised about whether the board overseeing the Technology Modernization Fund has been scaled to cope with its newfound popularity.

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

Stay Connected