allyn@milton.u.washington.edu (Allyn Weaks) (09/06/90)
I'm helping to set up a Mac lab for the physics department, and we need some net.advice for security. The current plan calls for 10 Mac IIci 4/40s connected to a Laserwriter. Software will be minimal - System, physics programs, desk accessories useful for physics, and not much else, to discourage use for other projects (only 10 macs for a thousand students doesn't leave much room for people to do their history term papers.) The reason we need some security is that one of the uses will involve setting up Interactive Physics files in advance for the students to experiment with, take measurements on, etc. We need to be able to guarantee that everyone starts with the same files, and can't accidentally or intentionally change them for the next student who comes along. It would also be nice to keep them from copying the commercial software. On the other hand, we don't want the machines to be completely hostile - students should be able to run their own software, even games, from the hard disk as long as they aren't keeping a legit user from the machines. We also want to restrict use of the laser printer to physics only, since that costs actual cash. Is there anything around that will only let you print from designated programs, or will automagically download a little permanent postscript program along with LaserPrep? (The little program would cause every page to have "Physics' or an equation of the week written in 30% grey across every page...) It would have to be something that would re-install itself automatically if the printer gets reset. And yes, I realize that non-naive users will figure out how to beat the system, but I think I'll have to worry about that if/when it becomes a problem. Possibilties seem to include: 1) Write lock the hard drive (won't do, because we'll have print spooling enabled, and other things would break.) 2) Buy some sort of security package that ensures that when you reboot the machine it comes up in a pristine state, or allows you to write-lock on a folder by folder basis. A look in the Mac Buyer's Guide turns up a pile of things that may or may not do what we need. Deoyone have any experience with any of the following packages and/or companies? Access Management Environment (Casady & Greene) Advanced Security (Advanced Gravis Computer Tech.) Bullet Proof (Spectra Micro Developement) Camouflage (UsrEZ Software) DeClass (OITC Inc) DiskLock (Fifth Generation) Empower (Magna) FileGuard Extended Edition (ASD Software) Folder Locker (Software Brewing Co.) Fort Konx (Transfinte Systems) Nightwatch (Kent Marsh) SecureInit (Direct Software) Is there anything that I should know about that isn't on my list? Many thanks. I'll sumarize any replies in a week or so. Allyn Weaks allyn@milton.u.washington.edu
kovar@hsphsun2.harvard.edu (David C. Kovar) (09/12/90)
My sincere appologies if my previous article on this makes it out
to the real world. I'm trying to cancel it, but .... It was meant to
be a reply, not a follow up, and I goofed in a big way. Again, I'm
very sorry, I didn't mean to use the news for advertising.
-David
--
-David C. Kovar
Consultant ARPA: kovar@popvax.harvard.edu
Eclectic Associates BITNET: corwin@harvarda.bitnet
Ma Bell: 617-643-3373 MacNET: DKovar
"It is easier to get forgiveness than permission."