DeviceLock 7 review

Accidental or deliberate data leakage is now a major security headache for businesses. Dave Mitchell takes a look at DeviceLock 7 to see if it plugs those holes that others leave behind.

IT Pro Verdict

DeviceLock provides some of the best controls for ensuring that sensitive data doesn’t get into the wrong hands. The new NetworkLock and ContentLock options are well worth considering as they add extra levels of security for protocols and applications but they are expensive for SMBs. We also think it’s about time DeviceLock simplified management by amalgamating all the different consoles into just one which would make it easier to use.

Dave Mitchell's avatar
By
published
in Reviews

Agent deployment to our Windows 7 clients only took a few minutes as the Enterprise Manager scanned our network and provided a list of discovered systems for selection. A global policy is provided so you can lock down access to specific devices and ports as soon as the agent has been installed.

SMTP controls are good as we allowed some users to send emails, but not add attachments, and stopped others from sending any emails at all.

Moving over to the MMC console allows you to create new policies for selected AD users and groups which contain device and port permissions plus time periods for when they are active. Offline policies can control mobile workers and swing into action when DeviceLock detects they have left the main network.

The NetworkLock component is accessed from the new Protocols section in the MMC console. Policy creation is the same as it is for ports and devices. You select a protocol, determine access levels and apply it to users and groups.

SMTP controls are good as we allowed some users to send emails, but not add attachments, and stopped others from sending any emails at all. This also works over SSL. For FTP we could allow full access, permit either upload or download activities or deny all access.

It initially appears possible to prevent users from using Windows Live Messenger to send instant messages or to prevent them from logging on in the first place. However, we found a problem here as both options are interdependent so they can only be on or off together so all you can do is block access completely. This isn't a critical problem since Messenger would be of limited value without the ability to send instant messanges, but we nevertheless highlighted this to DeviceLock and it advised us it was looking into it.

Dave Mitchell
Dave Mitchell

Dave is an IT consultant and freelance journalist specialising in hands-on reviews of computer networking products covering all market sectors from small businesses to enterprises. Founder of Binary Testing Ltd – the UK’s premier independent network testing laboratory - Dave has over 45 years of experience in the IT industry.

Dave has produced many thousands of in-depth business networking product reviews from his lab which have been reproduced globally. Writing for ITPro and its sister title, PC Pro, he covers all areas of business IT infrastructure, including servers, storage, network security, data protection, cloud, infrastructure and services.

Latest News