Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

6/5/2007
01:00 AM
Connect Directly
Twitter
RSS
E-Mail
50%
50%

Microsoft Unwraps Security Platform

Next-generation Forefront product to bring broad array of security tools under one umbrella

Now that Microsoft's revealed its plans for a next-generation integrated security management platform, the heat is on. (See Microsoft Adds Next-Gen Forefront Roadmap.)

By developing a single, unified management platform -- code-named "Stirling" -- for security from the server to the endpoint and the edge, Microsoft has made what may be its most aggressive security play yet, security experts say of the software giant's announcement at its TechEd 2007 conference yesterday.

Stirling initially will work only with Microsoft's Forefront products, but it eventually will expand to include the integration and interoperability with third-party security vendors' products, says Paul Bryan, a director of security and access product management for Microsoft.

"This is focused on security management, with comprehensive, coordinated protection across individual machines in the enterprise environment, as well as server applications and the network," Bryan says. The management console will let IT managers set policies and configure and deploy security across the network and endpoints. It will encompass next-generation versions of Forefront Client Security, Server Security, and Edge Security and Access, as well as the management console.

Microsoft really had no choice but to take such a bold step given the rate at which researchers and hackers are hammering away at its software, says Rob Enderle, principal analyst with The Enderle Group. "This is a forced march by Microsoft," he says. "They never intended to move into the security industry so aggressively, but they now see the industry as one at cross purposes to their goals in that to succeed, the industry has to drill holes in Microsoft’s products so that it can show value either identifying the holes or mitigating them."

Enderle says Microsoft is "taking security back" by preventing security holes rather than letting the industry continue its focus on breaking its products.

Still, Stirling won't be available for a few months: Microsoft plans for limited beta distribution by year's end. The company yesterday also released the beta 2 release of its Web-based Forefront Server Security Management Console.

Some Microsoft customers, meanwhile, are still uncomfortable with Microsoft's ability to provide users with both their enterprise applications and security protection, including William Bell, director of security for CWIE's security department. Bell says he'll evaluate Forefront Security once it's proven to be an enterprise-class product.

But Bell admits he's on the fence: He worries that security information management (SIM) and unified threat management (UTM) so far have been hampered by multiple vendors going their own way. "I am worried that the diversity of the security industry is holding back convergence efforts such as SIM/UTM," he says. "I think that Microsoft has taken a giant step towards gaining my confidence by announcing the addition of centralized management/reporting/configuration tools. I feel that some companies may steer clear of Microsoft for this specific product based solely on previous bias they have formed. This is obviously a huge mistake, and a bad business decision, that I feel people will make anyways."

Stirling will let the various security tools communicate with one another to protect against threats, says Steve Brown, a Microsoft director of security and access product management.

By unifying its security tools with Stirling, Microsoft is "channeling" IBM, says Enderle Group's Rob Enderle. "IBM traditionally owned security for their offerings and they could integrate that security solution into the other solutions they had to ensure SLAs were maintained and disruption was minimized," he says. "Microsoft is now showcasing a similar strength, by approaching the problems comprehensively and pushing for their integration into Microsoft's overall ecosystem."

The question is whether enterprises will follow the IBM old adage with "no one ever got fired for buying" Microsoft. "The 'play it safe' from an employment perspective buyer will now bounce between Microsoft, CA, Symantec, McAfee, and Trend Micro," says Randy Abrams, director of technical education for Eset, and the former operations manager for Microsoft's Global Infrastructure Alliance for Internet Safety. "All of these players have enterprise management tools and enough name recognition to qualify for safe purchasing under the 'buy IBM' mandate."

This will help Microsoft's cause, for sure. "All of this churn in the AV industry will work to Microsoft's benefit for at least the next two years," Abrams says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Microsoft Corp. (Nasdaq: MSFT)
  • IBM Corp. (NYSE: IBM)
  • Enderle Group
  • ESET
  • McAfee Inc. (NYSE: MFE)
  • Symantec Corp. (Nasdaq: SYMC)
  • Trend Micro Inc. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    NSA Appoints Rob Joyce as Cyber Director
    Dark Reading Staff 1/15/2021
    Vulnerability Management Has a Data Problem
    Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win an Amazon Gift Card! Click Here
    Latest Comment: This is not what I meant by "I would like to share some desk space"
    Current Issue
    2020: The Year in Security
    Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
    Flash Poll
    Assessing Cybersecurity Risk in Today's Enterprises
    Assessing Cybersecurity Risk in Today's Enterprises
    COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-27221
    PUBLISHED: 2021-01-21
    In Eclipse OpenJ9 up to version 0.23, there is potential for a stack-based buffer overflow when the virtual machine or JNI natives are converting from UTF-8 characters to platform encoding.
    CVE-2021-1067
    PUBLISHED: 2021-01-20
    NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the implementation of the RPMB command status, in which an attacker can write to the Write Protect Configuration Block, which may lead to denial of service or escalation of privileges.
    CVE-2021-1068
    PUBLISHED: 2021-01-20
    NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVDEC component, in which an attacker can read from or write to a memory location that is outside the intended boundary of the buffer, which may lead to denial of service or escalation of privileges.
    CVE-2021-1069
    PUBLISHED: 2021-01-20
    NVIDIA SHIELD TV, all versions prior to 8.2.2, contains a vulnerability in the NVHost function, which may lead to abnormal reboot due to a null pointer reference, causing data loss.
    CVE-2020-26252
    PUBLISHED: 2021-01-20
    OpenMage is a community-driven alternative to Magento CE. In OpenMage before versions 19.4.10 and 20.0.6, there is a vulnerability which enables remote code execution. In affected versions an administrator with permission to update product data to be able to store an executable file on the server ...