Sentinel Products Designed for Education

Ranger Primary: Passive Security

Passive Security Explained

Passive Security refers to Ranger's policies and how they work compared to Ranger's active security. Ranger's policies work with Windows policies to enforce restrictions or change the look or functionality of Windows environment. Some policies are non-intrusive, from simply removing an item from a list other policies may disable a feature. In most cases the user is unaware of the policy enforcement unless they try to access a location or run a restricted program, in which case Windows will display a warning message and deny the users action.

Compatible with Windows Policies?

Ranger policies work in conjunction with Windows policies. The implementation of Ranger policies is optional. If you are using Windows policies, Ranger policies can work along side these. If two policies match, the Ranger policy will be applied. Policies can be set to ON - enable or set the policy, OFF - disable or negate the policy setting or NOT SET - which means Ranger will not intervene with the policy setting. Therefore if you want to use a Windows policy, then if Ranger's policy is not set, the policy will be left unchanged by Ranger and Windows will apply the policy.

Keeping it simple

To simplify the administration of policies, we have reviewed the whole list of Windows policies available and refined them down, leaving the policies that are sensible and most commonly used within education environment. It is possible to add from a list of additional ADM policy booklets to extend the range of policies, if the policy is not shown in the Ranger policy booklet.

The Ranger security groups created during product installation are pre configured with a number of suitable policies. By using these groups and inherit our recommended policy settings, network managers can quickly define the look and feel of their network.

User Interface

Ranger provides support for both Windows 9X and NT policies. All policies are configured within a single interface, Ranger Administrator. The policies are laid out in a simple tree view structure and configurable using a simple three state check box. The policies are written in plain english making it easy to understand what the policy controls and the effect the settings will make.

Fail closed

Ranger policies are applied during user logon. The process works by merging in order all groups policies, then their logon group policies, any user policies and lastly any specific computer policies. After a successful logon you are guaranteed that the policies defined in Ranger Administrator are applied and are controlling and restricting the network users. If the logon process should fail for any reason the user will automatically be logged out, removing any possibility of a user being logged on without the Ranger policies being applied.