What does Policy Commander do?
Policy Commander automates the monitoring and enforcement of security policies on Windows computers. Using a browser-based console, Policy Commander provides both a graphical summary view of compliance across the entire enterprise, and a detailed-level view of security policies and computers. Policy Commander enables organizations to enforce policies automatically or manually. In addition, Policy Commander sends out alerts to notify the appropriate personnel when a computer is no longer in compliance with a policy.

What security policies are included with Policy Commander?
Policy Commander contains a library of approximately 70 security policies, which range from the very simple (e.g., disable automatic Windows update) to the complex security policies defined in the Microsoft Windows Server 2003 Security Guide. Because IT security is a vital component of regulatory compliance, New Boundary Technologies' library of policies can be used to comply with a variety of regulatory mandates, including Sarbanes-Oxley, HIPAA, and the Graham-Leach-Bliley Act. New Boundary Technologies is continually adding new security policies to the library.

What is meant by "next-generation configuration management"?
Next-generation configuration management refers to how New Boundary Technologies' solutions manage configuration settings on desktops, laptops and servers. Compared to the methodology used by other vendors, next-generation configuration management is a quantum leap in simplifying and streamlining system configuration management. The 'old school' method attempts to collect every setting from every managed computer and store them in a massive database (as many as 40,000 settings per computer). Periodic scans are needed to determine configuration changes and update the database. Intervals between scans have to be long because a huge amount of data may be collected with each scan. Administrators are then presented with complex reports that attempt to make sense of the millions of configuration settings in the database. The 'old school' method is extremely complex to the point of information overload, uses considerable network bandwidth, is generally not in real-time, offers little or no remediation and therefore has no good mechanism for resolving configuration drift.

With next-generation configuration management, computers know their own configuration state and can take action based on that knowledge. This allows Policy Commander to send policies only to the systems to which they apply based on their configuration. It allows for real-time monitoring of policies without generating network traffic. More important, next-generation configuration management detects problems in near real-time and automatically remediates them. The remediation step limits data transfer to only settings that were changed in order to restore compliance, so network bandwidth use is totally minimized. In addition, reports are simple and intuitive, communicating only the information that is relevant to resolving an issue. With next-generation configuration management, dynamic monitoring and enforcement of security policies eliminates security configuration drift.
How does Policy Commander support regulatory mandates such as Sarbanes-Oxley, HIPAA, and the Gramm-Leach-Bliley Act:
Policy Commander provides a powerful security configuration foundation for organizations required to comply with regulatory measures like Sarbanes-Oxley and HIPAA. Our configuration and compliance solutions have helped administrators meet the IT control requirements for a variety of regulatory mandates. Policy Commander expands on our competencies by providing the following:

How is Policy Commander licensed?
Policy Commander is licensed per managed computer for both workstations and servers.
Is Policy Commander an agent-based or agent-less application?
Policy Commander is an agent-based solution that requires the New Boundary Technologies client be installed on each managed workstation and server. Because agentless solutions require the use of remote procedure calls (RPC), remote registry access, file sharing, or some combination of these, they are inherently insecure because they rely on these insecure mechanisms. Managing a secure environment requires an agent-based solution. By leveraging the New Boundary Technologies client, Policy Commander can securely configure any managed computer regardless of its physical location, hardware or software firewalls in place, demilitarized zones, etc. In addition, because it is agent-based, Policy Commander can monitor and enforce security policies even when the system is not connected to the network.

What does Policy Commander do that I can not already do with MS Group Policy?
Policy Commander allows administrators to target specific computers or groups of computers based on their role, operating system and security level, while Group Policy is much less granular in its targeting capabilities. Group Policy requires the managed server and workstation to be authenticated to the network while Policy Commander can continuously monitor and enforce policies even when systems are offline. Group Policy does not manage complex security policies, such as those requiring conditional assessments.
In addition, Policy Commander also:

What software (and what versions of software) do I need to run Policy Commander?
The Policy Commander installation can be divided into component installations:

What operating systems does Policy Commander support?
Policy Commander supports Windows 2000, Windows Server 2003, and Windows XP.