I am looking for recommendations based on experience for Port/Device lock software that would securely lock down all workstation ports, either as a stand-alone service or capable of being administered from a server. The OS is Windows 2000 for clients and 2000 & 2003 for the Server. It does not have to be freeware or dirt cheap, as the company is footing the bill.
I am evaluating products including Safend and VolumeShield and have not looked at FileLock or DeviceWall yet. What I've found is that some seem overly complicated and hard to install, requiring things like .NET and IIS to run. Seems like the more complicated things get, the more potential headaches they create. Effectiveness, ease of use and reliability (like, what happens if the server crashes) are considerations.
In order to comply with a client requirement, I need to lock all ports (USB, serial, parallel, CD/DVD, Firewire, etc.) to prevent potential theft of data. However, we also need a way of allowing some users access for backing up and of course, allow printers, mice and keyboards to work.