[Image] [Image] NTSAfe [About Conclave Security] Windows NT Configuration Auditor [Download NTSAfe] You have been invited to evaluate a prototype of a new product from Internet [Docs and Guided Tour] Dynamics. Your feedback will help Internet Dynamics determine the direction [Feedback] NTSAfe should take as we [Image][Image] continue development and plan for general release. NTSAfe is based on technology developed for use with the Conclave integrated security suite. It provides the tools a System Administrator needs to audit and reconfigure the security settings of any Windows NT machine. After you have reviewed the information on this page and had a chance to exercise the downloadable NTSAfe prototype we would greatly appreciate your feedback. Feel free to be as direct as you can and tell us if you see value in such a product, things you like or dislike, and any suggestions for improvement. Send all comments to ntsafe@interdyn.com. The One Page Summary Background Contrary to some popular representations, the Microsoft Windows NT Operating System (OS) provides an 'industrial strength' security infrastructure. However, the default as-installed configuration is relaxed, and the tools and procedures required to enhance the security configuration are not universally well known within the administrative community. Collecting these procedures, providing tools to execute them and automating the inspection and modification of the OS configuration would provide significant value to administrators and help improve the perception and usability of security within Windows NT. Product Overview NTSAfe is intended to provide an application and the tools required to audit and reconfigure security-related settings on Windows NT machines. It provides multiple interfaces to those tools including a command-line scripting language and a data-driven Graphic User Interface (GUI) for automating the execution of any number of collections of configuration audit items. Features * Audits (and, in future, modifies) security configuration * Command line, script and data-driven GUI interfaces * Support of multiple pre-packaged and user-created security configuration databases (policies) * Full logging of all audit results * Checks for and downloads service packs and hot fixes * Command line access to NT Security configuration related functions: * File date/version check with integrated update download * File attribute check/update (recursive) * File/Directory access permission check/update (recursive) * Share access permission check/update * User privilege check/update * User password policy check/update * User group membership check/update * Group membership check/update * Group existence check/add/remove/rename * Registry key/value check/update/ * Registry access permission check/update * INI file check/update * Service properties check/update (enable, disable, startup…) Benefits * Can be used to improve out-of-box NT installation security * Rich tool for Security Administrators to write and audit security policies * Automated verification of system security settings * Provides databases of 'hardening' procedures * Full audit history provided through logs * Databases, scripts or batch files using NTSAfe commands may be run automatically as scheduled jobs