Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

6/5/2007
01:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Microsoft Unwraps Security Platform

Next-generation Forefront product to bring broad array of security tools under one umbrella

Now that Microsoft's revealed its plans for a next-generation integrated security management platform, the heat is on. (See Microsoft Adds Next-Gen Forefront Roadmap.)

By developing a single, unified management platform -- code-named "Stirling" -- for security from the server to the endpoint and the edge, Microsoft has made what may be its most aggressive security play yet, security experts say of the software giant's announcement at its TechEd 2007 conference yesterday.

Stirling initially will work only with Microsoft's Forefront products, but it eventually will expand to include the integration and interoperability with third-party security vendors' products, says Paul Bryan, a director of security and access product management for Microsoft.

"This is focused on security management, with comprehensive, coordinated protection across individual machines in the enterprise environment, as well as server applications and the network," Bryan says. The management console will let IT managers set policies and configure and deploy security across the network and endpoints. It will encompass next-generation versions of Forefront Client Security, Server Security, and Edge Security and Access, as well as the management console.

Microsoft really had no choice but to take such a bold step given the rate at which researchers and hackers are hammering away at its software, says Rob Enderle, principal analyst with The Enderle Group. "This is a forced march by Microsoft," he says. "They never intended to move into the security industry so aggressively, but they now see the industry as one at cross purposes to their goals in that to succeed, the industry has to drill holes in Microsoft’s products so that it can show value either identifying the holes or mitigating them."

Enderle says Microsoft is "taking security back" by preventing security holes rather than letting the industry continue its focus on breaking its products.

Still, Stirling won't be available for a few months: Microsoft plans for limited beta distribution by year's end. The company yesterday also released the beta 2 release of its Web-based Forefront Server Security Management Console.

Some Microsoft customers, meanwhile, are still uncomfortable with Microsoft's ability to provide users with both their enterprise applications and security protection, including William Bell, director of security for CWIE's security department. Bell says he'll evaluate Forefront Security once it's proven to be an enterprise-class product.

But Bell admits he's on the fence: He worries that security information management (SIM) and unified threat management (UTM) so far have been hampered by multiple vendors going their own way. "I am worried that the diversity of the security industry is holding back convergence efforts such as SIM/UTM," he says. "I think that Microsoft has taken a giant step towards gaining my confidence by announcing the addition of centralized management/reporting/configuration tools. I feel that some companies may steer clear of Microsoft for this specific product based solely on previous bias they have formed. This is obviously a huge mistake, and a bad business decision, that I feel people will make anyways."

Stirling will let the various security tools communicate with one another to protect against threats, says Steve Brown, a Microsoft director of security and access product management.

By unifying its security tools with Stirling, Microsoft is "channeling" IBM, says Enderle Group's Rob Enderle. "IBM traditionally owned security for their offerings and they could integrate that security solution into the other solutions they had to ensure SLAs were maintained and disruption was minimized," he says. "Microsoft is now showcasing a similar strength, by approaching the problems comprehensively and pushing for their integration into Microsoft's overall ecosystem."

The question is whether enterprises will follow the IBM old adage with "no one ever got fired for buying" Microsoft. "The 'play it safe' from an employment perspective buyer will now bounce between Microsoft, CA, Symantec, McAfee, and Trend Micro," says Randy Abrams, director of technical education for Eset, and the former operations manager for Microsoft's Global Infrastructure Alliance for Internet Safety. "All of these players have enterprise management tools and enough name recognition to qualify for safe purchasing under the 'buy IBM' mandate."

This will help Microsoft's cause, for sure. "All of this churn in the AV industry will work to Microsoft's benefit for at least the next two years," Abrams says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Microsoft Corp. (Nasdaq: MSFT)
  • IBM Corp. (NYSE: IBM)
  • Enderle Group
  • ESET
  • McAfee Inc. (NYSE: MFE)
  • Symantec Corp. (Nasdaq: SYMC)
  • Trend Micro Inc. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Newest First  |  Oldest First  |  Threaded View
    Cybersecurity Industry: It's Time to Stop the Victim Blame Game
    Jessica Smith, Senior Vice President, The Crypsis Group,  2/25/2020
    Google Adds More Security Features Via Chronicle Division
    Robert Lemos, Contributing Writer,  2/25/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon
    Current Issue
    6 Emerging Cyber Threats That Enterprises Face in 2020
    This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
    Flash Poll
    How Enterprises Are Developing and Maintaining Secure Applications
    How Enterprises Are Developing and Maintaining Secure Applications
    The concept of application security is well known, but application security testing and remediation processes remain unbalanced. Most organizations are confident in their approach to AppSec, although others seem to have no approach at all. Read this report to find out more.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-9431
    PUBLISHED: 2020-02-27
    In Wireshark 3.2.0 to 3.2.1, 3.0.0 to 3.0.8, and 2.6.0 to 2.6.14, the LTE RRC dissector could leak memory. This was addressed in epan/dissectors/packet-lte-rrc.c by adjusting certain append operations.
    CVE-2020-9432
    PUBLISHED: 2020-02-27
    openssl_x509_check_host in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
    CVE-2020-9433
    PUBLISHED: 2020-02-27
    openssl_x509_check_email in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
    CVE-2020-9434
    PUBLISHED: 2020-02-27
    openssl_x509_check_ip_asc in lua-openssl 0.7.7-1 mishandles X.509 certificate validation because it uses lua_pushboolean for certain non-boolean return values.
    CVE-2020-6383
    PUBLISHED: 2020-02-27
    Type confusion in V8 in Google Chrome prior to 80.0.3987.116 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.