The security issues surrounding the connection of a server to the Internet, or any insecure network, are becoming more challenging every day. Server Hardening and Security Policy Enforcement have become essential to the security process within any network environment. Securing Windows servers, for example, so that they are better protected from attack and penetration by unauthorized parties involves multiple steps, a fair amount of time, as well as an extensive knowledge base of security issues and ever evolving exploits surrounding a wide variety of applications and configurations. To that end, the cost of time and resources to accomplish a server lock-down is high.

S-Lok was designed and developed as an all inclusive tool for administrators to affect a complete server hardening within minutes. It requires no special training and no more expertise than basic Windows server administration and installation. Supplying a variety of Security Profiles with the toolset ensures allows powerful security to be implemented quickly and effectively for both new operating system installations as well as existing application servers (some may require that S-doc provide a custom Profile to accommodate unique configurations). Therefore, S-doc application servers, Exchange (email) servers, IIS (Web) servers, DNS servers, SQL servers and many others can be “locked-down” beyond the standards of NIST, Microsoft Common Criteria, NSA and DoD in just minutes.

Equally important to the appropriate security profile setup of a server that must be protected is the issue of continued enforcement of the locked-down state. The S-Lok toolset includes, as part of its installation process, a service component that automatically monitors the Security Profile at regular time intervals. The system not only reports to a log if and when any change, erroneous or otherwise, has been made, it forces the system to immediately resume its original “secure” profile. This eliminates the risk of continued exposure through overt or covert policy change by either authorized server administrators or unauthorized attackers.

The process of building a secure network environment is only limited by the available tools, technology and knowledge resources that an administrator may have. S-Lok provides a simple to use, comprehensive toolset to ensure that administrators can leverage the industry best practices in server security, without years of information security training and expensive ongoing technical resources. As the cost of cybercrime continues to rise those responsible for the security of confidential and private information must be armed with the proper tools to mitigate risk. S-Lok has automated a process that potentially takes up to 5 hours, and made it a 5 minute solution, in addition to removing the threat of unaudited changes to imperative security policies.