|Complete Windows security for a stand-alone or networked computer. This is a new release (5.04.xxxx) for The Lock, not an update for version 4.01.xxxx. The Lock will install over an existing version of The Lock for Windows, and can import most settings from that installation.
- Desktop locking features on Windows XP or later
- Enabled NetLock method of image updates
- Added internal self monitoring system
- Added Skin support
- Updated for Windows 7, Windows 10 (Tablet mode not supported)
- Updated for x64 bit versions of Windows
- Added UAC security options for non Windows 7 systems
- Added support for securing all Safe Modes
- Enhanced Automatic Network Update code to allow for easier deployment and management
- Security enhancements and bug fixes
- Setting and Security Configuration can now be done using the Security Assistant
- The Lock is now PL-1 compliant to Chapter 8, NISPOM
- The Lock meets Sarbanes-Oxley Access Control, Intrusion Detection, and PC Auditing requirements
- The Lock meets HIPPA, Access, Authorization, and Security control requirements
- Added minimum password length for Lock passwords
- Added local system password policy control
- Added local system audit policy control
- Added lockout feature so users can be locked out for X minutes after a specified number of invalid logon attempts, or a specified number of security violations
- Logon messages can now be multi-line
- Detect and restrict changes to the systems logon authenticator
- Updated documentation
- Cloned Image utility can now update all Zones images on the SMS system
- SMS now validates users passwords based on their remote Zone
- Zone configuration settings can now be modified directly from the SMS server itself.
- Restrict access to removable USB, Flash, Thumb and ZIP drives
- Updated NETLOCK utility to be able to install The Lock on system with no previous version
- Added support for remote installation on Non Administrator Windows systems.
- Restrict access to Screen Capture with Print Screen Key
- Restrict access to printing
- Added ability to lock the system with Windows L key for Windows (without FUS enabled)
- Updated user information panel to display correctly on screen regardless of screen size and task bar position
- Updated Policy routines for Windows NT setup where Local and Domain users may have the same user name
- Updated Configuration Utility so that Office XP style is not applied to Lists and Tree views.
- Added "Suspend" idle lock context menu option to "GROUP ADMINISTRATORS" group
- Added extra startup security
- Added support to restrict CD Rom access separately from Removable Drive access
- Added code to access correct Netware resources for logged on user in Windows XP
- Added ability to read user list from group membership on remote computer, rather than adding each user specifically
- Added support to restrict access to web sites while using Fire fox browser
- Ability to detect and secure the system against password changes outside of the Windows GUI
- Secured Program Manager
- Added Terminal Services Support
- Full support for Windows Fast User Switching
- Full support for Windows Terminal Server client connections
- Added Advanced Security Control for Windows XP/Vista/7 Home
- Added ability to configure File and Folder security
- Added controls to set Windows Group membership for users
- Added ability to configure Local User Policy security
- Added Parental controls.
- Restrict access to the Internet based on time of day
- Restrict access to Internet browser (Internet Explorer and Netscape)
- Restrict access to web sites. Restrictions can be set a web site addresses, or simply set as words that may not be permitted in the web address on the users system (ex: "www.sitename.com" or "sitename" will both restrict access to "http://www.sitename.com/index.html"
- Log all program usage and web site visits to the Lock's user log.
- Store User Logs on the Security Manager server machine
- Support for all platforms of Windows XP or later, including Home, Business, Ultimate and server.
- Administrator access to the system without requiring the logged in user to log out.
- Multiple user support.
- User Security Groups allows users to have specific security privileges.
- Can configure most Windows Policy security items
- Supports local or network modes for user profile storage.
- Password authentication via:
- local password file
- Windows login password
- Novell Netware 3.12 / 4.1x NDS and Bindery (Requires Novell's Client 32) (Windows XP only)
- Windows Server (2003, 2008)
- Security Manager server running on Windows desktop or server versions
- No need for individual user password configuration when passwords are validated on the network.
- Intuitive setup for both single users and multiple users..
- Network features (The Lock Security Manager Server)-
- Monitor systems on the network running The Lock via the SMS.
- Web based interface for remote monitor control from the Administrators workstation
- Create a network cloned image of a Lock install for easy loading onto another workstation on the network.
- Automatic update of The Lock on a workstation via a Novell Netware and Windows NT login scripts
- Added support for multiple Zones. The Security Manager server can now administrate different installs of The Lock, each with a different Cloned image. This feature can be used to have different installs of The Lock security for different departments of a business, classes of a school, or members of a family. Each cloned install can have settings independent of other installs of The Lock running on the same network.
- Configuration import and export utility for easy transport of configuration from one system to another
- Configure Windows Policy items.
- Disable Accessing My Computer, Network Neighborhood
and Recycle Bin
- Disable context menus on the Desktop and Task bar
- Disable Desktop Drag and Drop
- Disable using the System Tray
- Disable changing or moving Desktop Icons
- Hide the Desktop
- Hide the Task bar
- Disable Display Control Panel tabs
- Start Menu
- Disable accessing the Start Menu
- Disable changing the Start Menu
- Disable Control Panel menu option
- Disable Run, Find and Favorites menu options
- Disable Windows Explorer
- Disable Internet Explorer
- Disable Control Panel
- Disable Windows Help
- Disable Folder options
- Disable Explorer File menu
- Disable Registry Editor
- Disable Task Manager
- Disable Explorer item Properties
- Disable viewing Hidden and System files in Explorer
- Disable System Control Panel tabs
- Disable MS-Prompt
- Disable MS-DOS Mode
- Disable Exit Windows Dialog
- Disable browsing Entire Network in Explorer
- Disable Network Control Panel tabs
- Disable Sharing controls
- Disable DELETE key
- Disable CTRL-ALT-DEL
- Disable ALT-TAB
- Disable Print Screen Key (for all windows, or for
specific windows only)
- Disable changing Lock password
- Disable Password Control Panel tabs
- Printer Policy
- Disable Printing
- Disable Printer Control Panel tabs
- Disable Printer Sharing controls
- Disable Add New Printer
- Disable Remove Printer
- Enable Lock Sessions (more than one user can log into
the system without having to log the previous user out
- Keep a log of all programs a user accesses while logged
- Keep a log of all URL's a user visits while logged
- Disable changing the Home and Search page in Internet
- Disable file download in Internet Explorer
- Disable Internet Explorer
- Enable or Disable Internet access for the user
- Enable or Disable Internet access based on the time
- Disable accessing web sites based on key text in the
web sites address.
- Allow access to specific websites, even if a setting
on the Disabled sites would restrict access.
- Configure custom user settings
- Configure custom Start Menu items
- Configure custom Desktop items
- Configure custom Personal folders
- Set password restrictions:
- Expire password every X number of days
- Passwords must contain letters and at least 2 numbers
- Configure Logon settings
- Specify the time of day and day of the week a user may
access the system
- Specify the total length of time per day a user may access
- When time expires, the system will either lock in Administrator
mode, or could be configured to log the current user out
of their Windows session
- Automatically run a program each time the user logs in
or out of the system
- Configure File and Folder security
- On-the-fly folder and file security on all versions of
Windows, including XP/Vista/7/2003/2008. Get Windows NTFS security
without the hassles of NTFS folder and file security configuration.
Supports Fat32 and NTFS partition types.
- Configure Drives, Files and Folders as Read Only
- Configure Drives, Files and Folders as No Access
- Configure Drives, Files and Folders as Full Control
- Accepts shell folder paths as identifiers. For example,
<PERSONAL> is expanded to the path for the current
users Personal Folder (My Documents folder). The same is
true for <DESKTOP>, <STARTMENU>, and <FAVORITES>
- Disables access to removable drives (USB, Flash, etc.)
on-the-fly, as the drives are added to the computer
- Hide any drives on the system
- Configure Program Security
- Specify which Programs and Windows of programs are restricted.
For example, restrict accessing Microsoft Word completely,
or restrict accessing the Macro settings window in Microsoft
Word, while allowing access to the rest of the program
- Specify a list containing the only programs a user is
allowed to use. Any other programs that are started will
automatically be closed
- Configure a Secure Program Manager that allows the user
to only run specified programs while they are logged onto
- Options allow window restrictions to be overwritten by
an Administrator for the duration of the users Windows Session
- Configure Workstation access
- Specify a list of computers that the user may log into.
If the computer they are trying to use is not in the list,
they will not be permitted to log in
- Specify a list of computers that the user may NOT log
into. If the computer they are trying to use is in the list,
they will NOT be permitted to log in
Windows XP, Windows Vista, Windows 7, Windows Server
2003, Windows Server 2008. x86 and x64 bit versions.