- Cool Yule Tools: 2008 Holiday Gift Guide
- 10 kitchen gadgets for the geek gourmet
- Google admits to violating iPhone development terms
- Smartphone smackdown: Storm vs. iPhone
- Google layoffs: 10,000 jobs being cut
Two management vendors are readying extensions for Microsoft's group policy technology designed to help corporations lock down their desktops and improve operations for securing servers and PCs.
FullArmor this week is releasing its IntelliPolicy for Clients 1.5, which includes controls that let customers limit local administrative rights that end users have on their own desktops. Those rights are seen as a security risk in the face of malware and worms because they provide the ability to control anything on the desktop, including changing registry settings and installing software.
In early June, DesktopStandard plans to release GPOVault, a repository where group policy objects can be edited and tested before being deployed. Users also can delegate rights to edit certain policies to specific administrators.
Both tools plug directly into the Group Policy Management Console provided with Active Directory.
Microsoft's group policy technology, which is supported on Windows 2000, XP and Windows Server 2003, works in conjunction with Active Directory and allows administrators to manage, customize and lock down desktop and server settings based on a set of policies maintained in the directory. The policies, for example, can prevent users from changing settings and can disable services such as USB ports to prevent use of removable storage devices.
"Group policy is very significant, and more than 80% of Windows 2000 users are using it," says William Hurley, senior analyst at Enterprise Strategy Group. "The goal is to use policy-based management to normalize and standardize the environment and create a more secure network from a management perspective. It's an awfully powerful tool."
FullArmor says it hopes to boost that power with IntelliPolicy for Clients 1.5, which lets IT staff activate local administrative rights on desktops on an application-by-application basis. In addition, the tool lets administrators proactively block those rights for certain applications such as Microsoft Outlook, especially on the desktops of users that need local administrative rights activated, such as IT staff.
|
IntelliPolicy for Clients also has features for locking down settings in Outlook and for automatically changing local administrator passwords across a network at defined intervals. The software is priced at $7 per user.
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 The Leader in Network Knowledge© 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment