Feature lists, every product has one, but does it really answer the important questions?
We suggest you download a free trial
and directly experience
the flexibility and integration support that helps you quickly implement your protection
system. If you still want to read a list, we have included one below!
- Password protects individual files, entire directories or even directories and all
subdirectories with a single password protection entry!
- ASP.NET password protection can be accomplished with a web administration system
without editing your ASP.NET Files
- All users, groups and password protected areas are stored in database backend
- Other settings and configuration data is stored in XML files
- No special installation requirements, works great in shared hosting environments.
If your web host supports ASP.NET in most cases you can copy .netPROTECT's files
to your IIS web site and start using the solution!
- Works with medium trust ASP.NET applications
- Native database support for SQL Server via SQL Client, Access via Native OLEDB,
Oracle and MySQL.
- All text values used by the system can be customized with individual language files
for simple internationalization.
- A file streaming control is included to enable you to protect file content other
than ASP.NET scripts seamlessly.
- Web based admin for signup form creation and customization
- New: Works in shared hosting environments even under custom medium
- New: Supports IIS7 and when using IIS 7 protects all files served
through IIS including images, documents etc. it is not limited to asp.net content!
- New: Migrate existing ASP.NET 2.0 web sites using the membership
/ provider model to .netPROTECT with the included migration helper!
- Password recovery. User can request a new password which will be automatically generated
and emailed to them.
- Users can change their own password through a password change form.
- No passwords are stored in plain text for enhanced security all passwords are hashed
with a cryptographically secure 1 way algorithm.
- Password selection rules for length, number of digits, number of symbols and number
of mixed case characters is supported. Configurable through a web administration
with no coding required.
- Prevent recent password use. An admin configurable count enables previous passwords
to be tracked for enhanced security. An user will not be able to change their password
to the same value used over the past x password changes if this feature is enabled.
- Force password change every x period of time or on a specific date for all users
in the future.
- Expire passwords on an individual user basis
- Admin defined message or redirect for the password expired condition
- When a given users password expires they are given an option to change their password
and after successfully completing this change will be automatically redirected to
the resource they originally requested.
- New: Administrator configurable "remember me" option for the login
- Completely web based interface
- Wizards for customizing login form, logout form, and password form with no coding
- Ability to add custom fields and to select the types of controls used to collect
date for these fields in the signup form without programming. Search functionality
and email token and template functionality seamlessly work with custom fields.
- Extensive search and navigation control for easy user, group and protected area
- Users can be listed alphabetically or searched on any criteria
- Master administrators can delegate individual group or protected area administration
to lower level users
- Complete web based reporting, auditing and statistics (see below for details)
- Familiar interface emulates desktop application look and feel
- Seamless support for web sites with multiple independent applications in IIS
- Web administration of language customization and internationalization including
control of culture and language selection. Add support for your own local language
quickly and easily.
Account Abuse Prevention Features:
- Control concurrent logins (multiple logins using the same username at the same time).
Deny concurrent login attempts, set quotas on a per site, per user or per group
basis. Automatically disable users past a specific threshold.
- Set limits on the Hits, logins per time, and concurrent users
- Block future failed login attempts (dictionary attacks)
- log / track abuse attempts
- Disable accounts automatically at set thresholds
- After x attempts prevent logins for x period with administrator defined periods
- Set independent messages / redirects for blocked login or disabled account
- Global control of total number of users authenticated in the site with specific
error message or redirect
- Maximum number of concurrent users with the same username
- Maximum number unique logins per period
- Maximum number concurrent logins per period
- Maximum x hits from unique or concurrent users
- New: Maximum number of kb (data transfer) per user, per group or
per access restriction!
Filters and Automatic Logins:
- Filters prevent or restrict access to a given site or protected area based on set
criteria including the users IP, user agent, or other headers. Administrators can
control the restrictions in place and error message(s) or redirect(s) used.
- Autologins allow for set groups to be automatically authenticated against the system.
A common scenario is to setup an autologin for a set of IP's within ones intranet.
In such a case users are automatically authenticated with a defined autologin user
account of your choice.
- Autologins can each be assigned an user context so full logging, auditing and reporting
remains possible even on those who autologin.
- Global and user level redirects with token support enables automatic user redirect
after login to custom locations per user.
- "Remember me" option for users to be automatically logged in based on cookie value
for duration that can be configured in the web administration.
Email Sending Functionality:
- In addition to automated emailing for password change request a comprehensive SMTP
mail engine is included with .netPROTECT
- Perform searches on subsets of of users using any data stored on those users including
any custom fields defined.
- Email to any individual user any message text
- Email to any group or selection of users any message text
- Example usage, search for all users who expire in less than 10 days and offer a
special incentive to renew or email all users who have expired passwords and send
them a link to the password update page.
- Template supported to replace tokens with user details such as %USERNAME% so messages
can be easily personalized even when being sent to all users. Templates are also
supported for custom fields and support automated replacement.
- Ability for accounts to self activate based on email notification auto generated
URL and other activation scenerios.
File Handling Support:
- Protects all ASP.NET content without special handling; by directory or file without
needing to modify the content being protected.
- Large file streaming support with built in auto-resume which enables you to resume
downloading large files if interrupted (requires download manger on the client side).
Improve download user experience via HTTP.
- Automatic MIME type detection and assignment so streamed binary can be saved as
the correct file type or viewed with the appropriate reader / application.
- Ability to protect all file types (independent of ASP.NET) through the built in
streaming system using a simple file rename.
Reporting and Auditing Features:
- Complete audit trail possible including all requests through the system
- Track each page requested, user details, time, logins / logouts and more
- Ability to view all live users in the system and drill down into concurrent user
- Reporting and charts for logins over time, total requests
- Report top visited pages, top users etc.
Payment Features (with the .netPAYMENT add-on):
- Seamlessly integrated with .netPROTECT
- Enables real-time payment processing and account activation after payment
- Complete recurring billing support with custom subscription including prorated billings
for partial periods
- Advanced email notification support for cards near expiration and subscriptions
close to lapsing as well as notification on failures to charge.
- Multi-threaded billing agent can process multiple transactions at the same time
- Advanced billing reporting including dollar amounts with unique "future" billing
date support which allows for revenue forecasting based on future scheduled billings.