Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Analytics

6/5/2007
01:00 AM
Connect Directly
Google+
Twitter
RSS
E-Mail
50%
50%

Microsoft Unwraps Security Platform

Next-generation Forefront product to bring broad array of security tools under one umbrella

Now that Microsoft's revealed its plans for a next-generation integrated security management platform, the heat is on. (See Microsoft Adds Next-Gen Forefront Roadmap.)

By developing a single, unified management platform -- code-named "Stirling" -- for security from the server to the endpoint and the edge, Microsoft has made what may be its most aggressive security play yet, security experts say of the software giant's announcement at its TechEd 2007 conference yesterday.

Stirling initially will work only with Microsoft's Forefront products, but it eventually will expand to include the integration and interoperability with third-party security vendors' products, says Paul Bryan, a director of security and access product management for Microsoft.

"This is focused on security management, with comprehensive, coordinated protection across individual machines in the enterprise environment, as well as server applications and the network," Bryan says. The management console will let IT managers set policies and configure and deploy security across the network and endpoints. It will encompass next-generation versions of Forefront Client Security, Server Security, and Edge Security and Access, as well as the management console.

Microsoft really had no choice but to take such a bold step given the rate at which researchers and hackers are hammering away at its software, says Rob Enderle, principal analyst with The Enderle Group. "This is a forced march by Microsoft," he says. "They never intended to move into the security industry so aggressively, but they now see the industry as one at cross purposes to their goals in that to succeed, the industry has to drill holes in Microsoft’s products so that it can show value either identifying the holes or mitigating them."

Enderle says Microsoft is "taking security back" by preventing security holes rather than letting the industry continue its focus on breaking its products.

Still, Stirling won't be available for a few months: Microsoft plans for limited beta distribution by year's end. The company yesterday also released the beta 2 release of its Web-based Forefront Server Security Management Console.

Some Microsoft customers, meanwhile, are still uncomfortable with Microsoft's ability to provide users with both their enterprise applications and security protection, including William Bell, director of security for CWIE's security department. Bell says he'll evaluate Forefront Security once it's proven to be an enterprise-class product.

But Bell admits he's on the fence: He worries that security information management (SIM) and unified threat management (UTM) so far have been hampered by multiple vendors going their own way. "I am worried that the diversity of the security industry is holding back convergence efforts such as SIM/UTM," he says. "I think that Microsoft has taken a giant step towards gaining my confidence by announcing the addition of centralized management/reporting/configuration tools. I feel that some companies may steer clear of Microsoft for this specific product based solely on previous bias they have formed. This is obviously a huge mistake, and a bad business decision, that I feel people will make anyways."

Stirling will let the various security tools communicate with one another to protect against threats, says Steve Brown, a Microsoft director of security and access product management.

By unifying its security tools with Stirling, Microsoft is "channeling" IBM, says Enderle Group's Rob Enderle. "IBM traditionally owned security for their offerings and they could integrate that security solution into the other solutions they had to ensure SLAs were maintained and disruption was minimized," he says. "Microsoft is now showcasing a similar strength, by approaching the problems comprehensively and pushing for their integration into Microsoft's overall ecosystem."

The question is whether enterprises will follow the IBM old adage with "no one ever got fired for buying" Microsoft. "The 'play it safe' from an employment perspective buyer will now bounce between Microsoft, CA, Symantec, McAfee, and Trend Micro," says Randy Abrams, director of technical education for Eset, and the former operations manager for Microsoft's Global Infrastructure Alliance for Internet Safety. "All of these players have enterprise management tools and enough name recognition to qualify for safe purchasing under the 'buy IBM' mandate."

This will help Microsoft's cause, for sure. "All of this churn in the AV industry will work to Microsoft's benefit for at least the next two years," Abrams says.

— Kelly Jackson Higgins, Senior Editor, Dark Reading

  • Microsoft Corp. (Nasdaq: MSFT)
  • IBM Corp. (NYSE: IBM)
  • Enderle Group
  • ESET
  • McAfee Inc. (NYSE: MFE)
  • Symantec Corp. (Nasdaq: SYMC)
  • Trend Micro Inc. Kelly Jackson Higgins is the Executive Editor of Dark Reading. She is an award-winning veteran technology and business journalist with more than two decades of experience in reporting and editing for various publications, including Network Computing, Secure Enterprise ... View Full Bio

    Comment  | 
    Print  | 
    More Insights
  • Comments
    Threaded  |  Newest First  |  Oldest First
    How Attackers Could Use Azure Apps to Sneak into Microsoft 365
    Kelly Sheridan, Staff Editor, Dark Reading,  3/24/2020
    Malicious USB Drive Hides Behind Gift Card Lure
    Dark Reading Staff 3/27/2020
    Register for Dark Reading Newsletters
    White Papers
    Video
    Cartoon Contest
    Write a Caption, Win a Starbucks Card! Click Here
    Latest Comment: This comment is waiting for review by our moderators.
    Current Issue
    6 Emerging Cyber Threats That Enterprises Face in 2020
    This Tech Digest gives an in-depth look at six emerging cyber threats that enterprises could face in 2020. Download your copy today!
    Flash Poll
    State of Cybersecurity Incident Response
    State of Cybersecurity Incident Response
    Data breaches and regulations have forced organizations to pay closer attention to the security incident response function. However, security leaders may be overestimating their ability to detect and respond to security incidents. Read this report to find out more.
    Twitter Feed
    Dark Reading - Bug Report
    Bug Report
    Enterprise Vulnerabilities
    From DHS/US-CERT's National Vulnerability Database
    CVE-2020-10940
    PUBLISHED: 2020-03-27
    Local Privilege Escalation can occur in PHOENIX CONTACT PORTICO SERVER through 3.0.7 when installed to run as a service.
    CVE-2020-10939
    PUBLISHED: 2020-03-27
    Insecure, default path permissions in PHOENIX CONTACT PC WORX SRT through 1.14 allow for local privilege escalation.
    CVE-2020-6095
    PUBLISHED: 2020-03-27
    An exploitable denial of service vulnerability exists in the GstRTSPAuth functionality of GStreamer/gst-rtsp-server 1.14.5. A specially crafted RTSP setup request can cause a null pointer deference resulting in denial-of-service. An attacker can send a malicious packet to trigger this vulnerability.
    CVE-2020-10817
    PUBLISHED: 2020-03-27
    The custom-searchable-data-entry-system (aka Custom Searchable Data Entry System) plugin through 1.7.1 for WordPress allows SQL Injection. NOTE: this product is discontinued.
    CVE-2020-10952
    PUBLISHED: 2020-03-27
    GitLab EE/CE 8.11 through 12.9.1 allows blocked users to pull/push docker images.