Depending on the application in use on the legacy Windows NT 4.0 system, virtualization could be a good choice for replacement. Using VMWare, you could schedule systematic snapshots, which could allow for a quick recovery in the event of compromise. An added benefit here would also be that you’re no longer dependant on the aging hardware which may also be no longer supported by the hardware vendor. However, without isolation, either through the VM product or otherwise, your legacy systems could still be used as attack platforms for attacking the rest of your network.
If your legacy system contains only static data, then one extremely low-cost and secure solution would be to roll the Windows NT 4.0 system into a non-networked VM that is accessed locally using the freely available VMWare Player software. If networking is disabled then any network security problems associated with Windows NT 4.0 are all but eliminated.
Continuing to run unsupported legacy operating systems such as Windows NT 4.0 can be a serious risk to organizational security and compliance. Since they receive no security patches, these systems are vulnerable to many potential exploits and worms. However, in this article we looked at several low-cost ways to mitigate the risk though replacement, isolation, and virtualization.