The main idea behind this piece of technology is controlling who or what makes calls to the operating system kernel. This protects file and registry from attackers and is particularly effective when software patches are unavailable.
New to this version is a greater emphasis on network protection and the applications that run on it. STAT Neutralizer now protects web servers, email clients such as Outlook, networked disks and messaging applications. It also touts a 'learning' mode that records how an application works and writes rules to prevent malicious behavior from taking place.
Installation was very quick and simple - once all parts were in place. Setting up requires both the installation CD-ROM and an email from Harris with two files attached - server.key and server.crt certificate file - before it can run.
Once that was complete we fired up the browser-based console. The interface was very clear and well laid out. One of the first tasks to undertake was installing the agents on the test servers in our network. The Neutralizer server scans the network for other machines to install the agent software on. This was very easy to complete, and the installation took place silently with no indication on the test servers.
With that stage completed, the next task was to set up the rules the server would use to protect the network. We had the management server installed on quite a fast machine so we could set up complex rules without any noticeable performance deficit.
The rules allow the administrator to allow, deny or terminate a process. About 20 rules are pre-configured when installed, which cover the main sources of security problems. These rules can be applied to more than one group so they can be propagated to different groups of servers, depending on their function.
The event logs that are gathered by the server give out basic information about attacks. It would have been nice to see some more information about the cause of attack and some remedies. However that must not detract from the fact that the application did its job of stopping that attack.
If you run a pure Windows network, this product is definitely one to consider, not least because of the price. If you are running Linux or Unix you may want to think about other products in this Group Test.