test

NetIQ's WebMarshal now supports all versions of Windows server. The installation is simple, but you need an SQL server on the network. While this means that you have to factor this cost into the purchase, it means you can distribute the WebMarshal install for better performance and scalability. You can also run the database on the same PC, as we did for our test.

Pearl Software's Echo 6 works in a slightly different way to the other products on test. Rather than blocking web traffic at the gateway, Echo uses a client/server approach. The server dictates the policy, while clients installed on each PC control internet access locally. While the server is very quick and easy to install, there's quite a lot of leg work involved in distributing the client to all of your network's computers.

SurfControl's Web Filter is, perhaps, the best known web filtering product on the market. We reviewed the Windows version of the product, but there are also versions available for Cisco CE, Check Point, Microsoft ISA and several third-party appliances, including Blue Coat and Finjan, both in this test. The standard Windows version is flexible – but you will need one copy of the filter per network.

Active Folders is an email search engine that looks for multiple attributes. It automates the manual task of finding unwanted attachments or abusive emails, or can be used to bring together all communications on a specific subject.

This is a security and routing application for email systems. It protects them from spam, malware and DoS attacks, but its main feature is the ability to direct messaging traffic based on content, rather than the destination address.

Policy Server appeared with the release of Acrobat 7 earlier this year. It builds substantially on the encryption and password security of past editions of Acrobat and provides control over how Acrobat PDF format documents are accessed.

ECM started as a Windows inventory management tool, but has moved with the times. This release turns it into a systems policy management and compliance system for Windows, Solaris and Red Hat.

Targeting policies for email and web use, NETconsent is an on-screen employee policy development environment.

Configuring the security settings on Windows servers, desktops and notebooks is an overly complex chore. Ensuring that the users do not reset any of the settings just adds to the headache. Policy Commander automates this task using predetermined policies.

Technology can only go so far in imposing policies, and there are times when text-based policies must be used. Legal requirements, health and safety, and personal conduct issues require employees to read and digest information.

The UniGuard-V34 modem and Port Authority 44 (PA44) offer secure out-of-band control of networking hardware and servers.

In the Unix world, anyone who knows the root password has access to the root account. This gives them complete control, as there is no way to delegate specific privileges. The systems admin has to decide to control everything, or allow other users root access to perform specific tasks allocated to them. One way leads to overwork, the other to security compromise.

This suite of programs is designed to control access to the internet and keep the enemy at bay. It integrates with many third-party defense applications to offer a war room in a browser from which the state of the defenses can be examined, as well as dictating how the various units work together to shield the internal network.

Distributing information in Microsoft Office documents can reveal more than was intended.

Guidance Software's EnCase product is the undisputed heavyweight of the forensic software market, and version 5.0 introduces a slew of new features that will keep its opposition firmly on the ropes.

WiebeTech's forensic kits tackle two very specific points of pain for forensic investigators: conducting field acquisition and transporting data safely (to prevent damage and ensure the chain of evidence is unchallengeable).

This tool is designed to help search file systems during forensic examinations. It collects information and meta data associated with files, and offers strong searching and indexing capabilities, although limited to Windows file systems.

NetWitness is a network forensics and analysis package available in both software and appliance (really just a preconfigured server) formats.

This product is the big brother of its family, including all the forensic capabilities of other versions with the additional ability to conduct investigations over the network and compare live systems to known-good baselines to establish whether a machine has been compromised or tampered with.

Stellar Phoenix is a product aimed at data recovery, rather than strict forensics, although of course recovery is an important part of incident response. Confronted with a disk with damaged or missing data, the software will attempt to recover information and reconstruct partial data.