Think you have a beefy network security policy and all the tools and techniques in place to thwart would-be evildoers? Think again! I'm sure your network security measures might include a cornucopia of weapons including firewalls, virus-detection software, password-change management, and much more.

But if your organization is like most, the move to a more flexible, location-less workforce is imminent. Successful organizations of the future will be distributed, which will help companies save money in a big way. Among other things, a distributed workforce means expanded hiring and retention options, an increase in productivity, and more rapid and flexible decision-making--not to mention a reduction in office space needs.

For employees, the distributed workforce also holds positive outcomes: Schedules will be more flexible, less pollution will be in the air, and time can better be balanced between work and personal life. Sounds great--right? But how does this impact your network?

Always-on Internet connections, such as cable modems and digital subscriber lines (DSL), certainly are at the forefront of the move to the new organizational model. According to research firms, such as GartnerGroup and others, cable modem use in the home will increase to 9 million subscribers by 2004, while DSL usage is expected to expand to reach some 7 million households during the same time.

But just like users of those old analog modems, workers at remote locations using always-on digital or cable connections can leave a wide-open hole for hackers to crawl into your network or to use your systems as a launch point for a wider attack.

Should you panic? Nope. For as many hackers as there are on the planet, there are nearly as many good security solutions that will meet the need. I'm constantly examining new security tools that will be beefy enough while also meeting the needs of less experienced users (and network managers, too).

Most recently, I've been testing a new release from Sybergen Networks called Secure Desktop 2.0. It does a great job of securing always-on user connections as well as those of mobile employees, and staff accessing VPN connections. Sybergen Networks has done a good job of masking networking complexities behind a neat graphical interface. Users and administrators who may not be adept at advanced network port settings can visually set security levels (see screen, above).

If a user or administrator sets up Secure Desktop by using the graphical interface, only certain default settings are put into play. For example, the ultra high security setting allows no inbound or outbound protocol access of any kind. The high setting defaults to a configuration that lets the user access e-mail, DNS, HTTP, Secure HTTP, FTP, and Telenet. However, no ports on the user's computer are accessible by other computers.

Those who choose the medium or low settings can access any service going outbound while several inbound ports are accessible. Some software, such as Internet Relay Chat (IRC) clients, may require that more ports be opened.

For those who do wish to customize security parameters, Secure Desktop's Config panels will let you define a security level and individual settings for that level and more. For example, I used the security schedule options to increase my security setting during certain hours. This may be useful for companies and individuals who want to leave systems on overnight. I could also receive e-mail notification of security alerts by using another Secure Desktop option.

The tabbed Secure Desktop Config interface also contained Advanced Port Settings, Application Network Access Policy, Trusted IP Addresses, and Advanced ICMP options. I found it useful to be able to customize allowable activity for each security level. For example, you might allow certain ports or applications to be accessible at a medium security setting for after-hours gaming while limiting the ports and applications that are accessible for the high setting, which you might use during business hours.

Like McAfee's ConSeal PC Firewall (formerly from Signal 9 Solutions), Sybergen Network's Secure Desktop offers a learning-mode option. This means that if access occurs that is not recognized as allowable, the user is notified of the event and asked to either block or allow it. Events can also be logged. Secure Desktop offers good summary and detailed logging options that are useful to track events or for troubleshooting connectivity-related issues.

If you want to be able to control the security of your distributed workforce from within your corporate network, Sybergen also offers a companion Management Server product. You can centrally set security policies for all of your remote employees, or you can password-protect Secure Desktop so that the network management staff controls the settings.

A single Secure Desktop license costs $29.95 as of this writing, while a 50-user license will run you $999.95. A free trial download is available. No pricing data is available for Management Server as of this writing. If you want to see if your systems are vulnerable, try Sybergen Network's free scan.

Not All Rosy

I found two downsides to Secure Desktop. The first was that it is limited to Windows-based desktops. Therefore, those running Macintosh, Linux, Solaris, or other client platforms will need to seek a similar solution that supports their platform.

Second, the documentation provided with the product and on the company's Web site is sparse. The company should provide greater detail for those who wish to understand security risks, port settings, and other aspects of the product in more detail.

Otherwise, Sybergen Network's Secure Desktop is a good bet to use as part of the security strategy needed to support a distributed organization. But a product like Secure Desktop shouldn't be the only security measure you put into action.

Regardless of whether your users are in a single location or spread from Bora Bora to Walla Walla, they require the same level of security to reduce your network risk. How beefy is your network security?

Maggie Biggs maggie@biggs.com is the director of the InfoWorld Test Center, where she evaluates emerging technologies. She has more than 15 years of wired and wireless IT experience in the financial sector.