Protecting your disk subsystems is as important as protecting your OS and network. If you don't protect these systems, they become vulnerable to theft, security breaches, and program abuses. Soft Winter's seNTry 2020 protects your Windows NT disk subsystems.
I installed seNTry 2020, NT Workstation 4.0 with Service Pack 3 (SP3), and the latest hotfixes on a 200MHz Pentium processor with 32MB of RAM and a 1GB IDE hard disk. I installed the software quickly and easily by choosing an installation directory and clicking OK. After I opened the seNTry 2020 administrative program, I created my first encrypted volume.
Creating the encrypted volume was easy and straightforward. When I clicked File, New, the New dialog box appeared. Screen 1 shows this dialog box. I entered passphrase-protected master key and data (volume) file locations, a password, an encryption algorithm, a drive letter, an inactivity timeout limit, and a volume size.
Make sure you safeguard your passphrase-protected master key file against unwanted access. Consider storing your master key file on a 3.5" disk or a CD-ROM. By doing so, you can secure the master key file in a safe place when you're not using it.
Selecting a password is an important part of using this software. When you choose a password, try to use a combination of upper- and lowercase letters, numbers, and symbols (e.g., question mark, exclamation point).
Selecting encryption algorithms isn't as easy as selecting passwords, unless you're familiar with these algorithms. I chose the default algorithm (Message Digest CipherMDCbased on Secure Hash StandardSHS) because it has the longest password key (1024 bits) and the largest data block (160 bits)--the maximum protection seNTry 2020 provides. I used drive B because I have only one 3.5" drive using that letter. Using drive B lets me easily navigate NT Explorer because I don't have to scroll down to locate the drive in the drive list.
The timeout parameter determines how long (in minutes) the system will remain idle before the software automatically dismounts the drive. This feature provides additional protection because it automatically makes the 470 drive unavailable until a user reenters the password.
After I typed these parameters in the dialog box, I clicked OK, and seNTry 2020 created the volume on the disk. When I tried to mount the disk, I received a prompt to format the volume. The dialog box in Screen 2 lists the formatting options. When you mount a drive, you make the drive available as a drive letter on the system. When you dismount a drive, you render the drive unavailable. I can access a volume that seNTry 2020 has formatted and mounted as easily as I can access any other drive on my system.
After I encrypted the volume, I focused on the system's performance-- encryption algorithms can take a serious toll on the processor. I copied several large text files and .mpg music files onto my encrypted volume and tested the access time. I didn't run formal benchmark tests against the encrypted volume, but I noticed that my workstation (which was running Microsoft Word 98 only) didn't experience significant drops in performance. If you use seNTry 2020 on systems under heavy load, they will experience a noticeable lag at some point. However, increasing the security of information on your system is worth an eventual decrease in system performance.
Features and Functionality
An encryption system is only as good as the algorithms it uses. This soft ware supports seven algorithms: Blowfish, Cast, MDC (which includes Secure Hash Algorithm--SHA, SHA-1, and RACE Integrity Primitives Evaluation Message Digest--RIPEMD), Data Encryption Standard (DES), Triple DES, Square, and Safer. (The Electronic Frontier Foundation--EFF--recently broke a 56-bit DES key, a key often used in NT communications, in only 3 days-- that's not exactly what I call secure encryption. For details on that event, visit EEF's Web site at http://www.eff.org/descracker.)
With seNTry 2020, you can create encrypted volumes using FAT or NTFS. The software supports all NT disk types and features, including C2 security
specifications, fault tolerance, disk mirroring, stripe sets, and NT backups. To increase protection against data corruption, seNTry 2020 can mark an entire volume as read-only.
You can use seNTry 2020 to install drivers and services on your computer. When a user creates an encrypted volume using the software's administrative utility, seNTry 2020 places that volume inside an encrypted file, lets the user assign a drive letter, and formats the volume using FAT or NTFS. The software creates a large file on your disk drive of a size you define and uses this file as a disk volume. The product is similar to compression programs such as the old Stacker software for DOS-based systems. These compression programs also created files that mapped out as drives on the system.
You can use seNTry 2020 across a network. If you install the software on your workstations and network file servers, all your workstations can access the encrypted volumes you create.
The Bottom Line
You can use seNTry 2020 to enhance the security of your system. The software installs quickly and easily, and the day-to-day management of the encrypted disk drives you create is no different from the management of any other disk drive. I wouldn't mind seeing a DEC Alpha version in the near future. If the information you store on your systems requires additional protection, consider seNTry 2020. You'll like the software's functionality and flexibility.
Soft Winter * 800-903-4152 or +49 0 2212 407279
Windows NT Server 4.0 or NT Workstation 4.0 with Service Pack 2 or later, 1MB of hard disk space