web

GFI LANguard System Integrity Monitor (SIM) detects whether files have been changed on a Windows 2000/XP system. It identifies exactly which files have been changed, making it easy to restore the system to its original state, although it does not provide any utility for automatic recovery - you have to have secured original copies of these files elsewhere.

The G-Server is the only hardware in this Group Test - all the other products consist of software. It is designed to be installed inline between the DMZ port on your firewall and a public web server. It is completely transparent and requires no changes to any network settings on other network equipment. It has no IP address visible to the outside world, so is undetectable by hackers. Even the MAC addresses of its NICs reflect those of the real web server to make the G-Server even more transparent. Two G-Servers may be configured for high availability.

Entercept is an intrusion prevention system (IPS). In common with traditional host-based intrusion detection systems (HIDS), Entercept resides on the host itself, but it works at a much lower level than a normal HIDS system.

TOS stands for 'trusted operating system.' It can also be used to protect servers that are providing DNS, as well as file servers, database servers, proxy servers and mail servers. TOS can protect any static files, including whole directories, drives, Windows registries and, of course, web pages.

This inventory application uses a technology called Lanprobe to meter software usage and discover devices on a network.

A complete Tripwire system consists of two components: Tripwire for Servers, which is an agent that must be installed on all servers that are to be protected; and Tripwire Manager, which provides central management for any number of Tripwire for Servers agents. Communications between server agents and management workstation are secured using the secure sockets layer (SSL) protocol.

Applock/Web works for web servers based on Microsoft IIS running on Windows NT/2000. It locks down both operating system and web server application. It auto-discovers which files are associated with web server functions (this may include web content and web scripts) and locks them down. It works within the operating system at the kernel level.

Unlike the other products in this Group Test Web Inspector is neither system policy management or email policy management, but in fact an internet compliance tool that uses policy to set its users' boundaries. Suitable as a single installation for the smaller enterprise, this solution easily scales up to a distributed deployment over a large network.

Policy starts with access control, ensuring that users only have the rights assigned by the administrator in line with your corporate policy. Whether you choose to assign the same rights across the network or drill down your policy into user groups, sites, or individual users or workstations, is your choice. Policies can be created to suit your needs and ensure that only the web pages that your company deems necessary are viewed within work hours, allowing for the organization to permit safe surfing on non-business sites at stipulated times.