Network Security & Hardware - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Network Security & Hardware


Microsoft to Revamp Windows Security



 By: Dennis Fisher
2003-11-24
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Network Security & Hardware story.


Rate This Article:
Poor Best
The software giant is planning a number of changes that will make the Windows client and server platforms more secure.

Microsoft Corp. is preparing a series of major changes to the security capabilities in the Windows client and server platforms, and they will further lock down the companys flagship operating systems.

In separate service packs due over the next six months, the Redmond, Wash., software developer plans to add several security features to Windows XP and Windows Server 2003, according to company officials here at Comdex last week. Microsoft also plans to harden the client by turning off more services by default.

The biggest change will be in the server product, which will get a feature that can prevent unsecured machines from connecting to corporate networks.

The changes result from discussions that Microsoft executives have been having with customers about ways to improve the security of the companys products.

The modifications wont stop with Windows, according to officials. Microsoft plans to add new security features to other products, including SQL Server, in the coming months, they said.

Resource Library:

Service Pack 1 for Windows Server 2003, which is due to enter beta testing in the early part of next year, will include a function to check every device attempting to connect to the network.

The server will query the security configuration of the device and try to confirm that anti-virus software is running and that current patches are installed. If discrepancies are found, the software will notify the user and offer instructions on correcting the problems.

Administrators will have the ability to define companywide policies on what security is required on client devices.

All this is intended to prevent cyber-attacks and other breaches and is an extension of the overall change in the way Microsoft officials and engineers think about security—a process that began almost two years ago when the company launched its Trustworthy Computing initiative. In addition to working to write more secure code, the company is working on other ways to make its software more difficult to attack.

"This is a beginning—something that will ultimately engender a new generation of secure software," said Jonathan Perera, senior director in the Security Business Unit at Microsoft. "We have to take a wide range of approaches. The most important thing Microsoft can do is improve the base-line security of our software. Were thinking that through at the design stage at a far greater level."

The quarantine feature in Windows Server 2003 reflects a trend in the security industry at large. Several companies sell stand-alone solutions that perform this function, and Cisco Systems Inc. last week announced it will include similar functionality in some of its routers next year.

Windows XP will also get security upgrades, courtesy of Service Pack 2, which should be in beta by the end of the year, according to Microsoft officials.

Most of the changes will concern ICF (Internet Connection Firewall), which is a part of XP. The firewall will be enabled by default in the new service pack, and Microsoft plans to make ICF more like a corporate firewall than a personal one.

Administrators will have the ability to manage all ICFs in their organization from a central location. Customers will also have the option of running ICF in tandem with other firewalls, something that wasnt possible before.

Microsoft customers say that the company seems to be headed in the right direction with most of these changes and updates but that there is still plenty of room for improvement.

"The proposed solution of using a denied log-on to the network is a little late in the [graphical identification and authentication] process. If this occurs after the user provides credentials and logs in, thats bad," said Mark Deason, director of IT at Silverside Equipment Inc., in Reno, Nev.

"Microsoft has some so-so tools already. If they were integrated better together, like [Software Update Services] and Automatic Updates, with a watchdog service before the system goes online, that could be quite powerful to help promote change," Deason said.





  Reader Comments: Microsoft to Revamp Windows Security
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Network Security & Hardware Articles          >>> More By Dennis Fisher
 


x}ks۸qf89EmGJɒĶ|,%Lm!c!) /=hɏ8["~$ItÚs[l}ёKo zI;_BZF!Cթ[2dDMs@ ;5ӘẌZ>u3u=>뱒;|9|@D%SjL~M3f⹣ھl̴ duc_gp,{ h{9Dm@~Ս[ 2"&Iι?KsQ{٦IAmg|{Peh=g;1,( !)/F<ub = #|=VyZA/usLmqH=UX'[vx>҂_d!gBBm׀{C}UiO$Cd jI$: `IT1܉mSOЇ@o6m&T*-R͌aBw4iQzmyKu3|CH ͌L}<rH n: 8ՈJ16|uӧ$@',ۢ,n؏`uؾxjk-]..8b#*6]׼)/tdoV0,2u鸖ʲgu{mdE}ydJXU+Q\(Us^rww3,ݾLÚl';goFzg\w9GA fnp[^ԼZ84I\t?59N Nֶ߉Q"**R>4IhjAG'${@BsoVS+jWsꑚ!TFqjaE4f‰EQrU$NߒL-~k~yz|i |')Ġ˪ PBbP E+5gxk^t\.9;utHlsِ:ln~R|[k5o~nvO^In[CYCa-U*Ūd#16_.d[:Md:ߔVE~=ퟟCfyJ ͔EdLD_KGɏ}=Úy> mdƱ(|ǺrN &Y^mM'jf-M_"d̨|]Lp-Alo Kj.(H)5?&`Mil&XJp;Qsm̗V/``(A/g- 5t*軘ɛ!"ĈKn9x|!XsI((GFN쥲lϑy@W CrjN+3Wr{H 9\zmM'FUEz݋^?{Ƈ68^%glh|X.B2iK1PW5MG\FWPP9*;=xQnx٩l Z2X bXvPX~Vs6 :uf>QݘjCͲbOGs>h2胆6mdX-kAXn`NtHWXxؿ\ sO&v/|TSƌzN-VD$h-DAwu0Ie{e"3@qKs LΝހ25fC/ F{t( 5,/= 0/ ZMy@e^~m̢k>isB3<won5Ԇ &R}>;Ԃ!~9.b&;A/tKt]JI>'ڂ"D%  h4AfǰE|EN@@wW;.V\,2=bq !3{bbX@;7҄BZ z)3 eVPIhn1!G,D`v9r,L.[ O6JԭyB!wR>Ѹ7=#0  uU S' Xb IKPC";*O\sùuh?l?KzyK +ZsξS : j\X#,TfB7g Ʃ1 \ .eB`9}M/Xg51 g TF`3!W-МwaMߨȃ~|ÈouN/'ܑMú"߄V *9v\Ȅ ry͚X 4ؐ)|ƓBw7Cnc^ښI䊹u.F(2/%kb*q ( 4Q\O ō8|ЊOW}?ٲZdY6 V7v/KX<߮LR[k( RLZ1 E$$Y `}ίeKaHīd- W6pc7l{`(`RT9ȹ5) KAUjN-G:,Wfn  (M.rߟLl5I թ۴mڝy@tq˶'-0Tt>eۙ^Ҧ ;BU*Jl3=Äや _%tp:P[9f-/g+ I{u]ؕ.RL|rn P[AHz{<8`Tfla86Lb?3Zy /syEP~2;2.eX kۦiߥ#ObY$Ei8"97(]rnB‰1z&|J h0Aȉc۝yٙyRaabuEwP|?kXe;;pM2=Hm [졁 l{bRIB<M\)Fw ` L] {TsGSyiv3$5`m\>(cpFL`^|<ӆ B9&DBT Hg[QZo3Czo@zcyK& GGsݧ==1g *7|oC@h+|a}jIQ壂R.Q+7cSFOPxx /OQk꿬3u_k }ɗ\u@)ۿ`3TxaKm`䓃,*,Ȳ|˘ հv2<~,3Vsb Yg>yRi@7KGѝUK)O{Hiv?l3jFswф6VAqcُM*?B%NJt( ҹD\ɩb_RwU# tT# 3)X]QiRsnQ9^P4˧SK@x(Aܚ:z,. H0zGV3hTSslTcm/ kJ\ҜwZ5^,߬]pH)dyDG/qbk l|k}rp@d#!R~Cݜ5n"vyڀVIYhQ[[6MU;4 ObIۛgorMis=KNPMGF1T,ۀ ^0:3Z[xH]-濍;fR/cc>ˢ#WT% Lg$fqN' G~:T{%7 s0X3f~ruW dx{ zЍt;fȭ_ לܱtzOR@71PUL xg4gDcK6jU+'F&lZՒ Z;k}zGdC\j -'@Tc΁M\1W*b =cx{ێ1dmj̩7XN=v4)sfMrCjm>a,0tl\#FcldǶ8oyg@fV u`R~Vp8ʫ7xџYD+++0-e7"h -#r exT̓f2Oܖ[J,]>|a u m9LŽQ;k\l@h secn.`I3 ˽'jH@KY|PFVJU@שIWRy̡2a{і$}/ \EI's⿿﹦n F`A|7=h#Sj$̇R*mX.e~ܓNcĵ'R^)KYdA:(~f,/8u!aAvi?0Wޟ+Kx47sjzHGV-?\u?]yCM q ߲gSRH3 J@G$9Ĩڐ9}/vlZ6xv> 2D4xwՇ΅w{ֽGY-{w/;Oz܉g, Y# B4ڍfS L k;d8ɳ(pdJu\8=`&zR[KվĂKӜ8"J*?3 nh0Skޚ( Bb.Bx|P\# rG@R`OH5['#ZYKx$;)38Ǟu}Ih !酘:%e~E/c)!Q\(,nv( 6;Fٿ~ Ib X x4~h+0wAइg5qV3b~:)}A/gm9˞~D nT)o <%EɦW@ׇdj:BJ L5"6v=O[?qu#16àArb1|I;G)uyjdJ!!Stl 04L PV7,O⴬y=!lQ2 (KhţDlbTHRoOwٸ6<6ޥ]晿LƗHȃ ,-WI+4$/AiA0;Y) #-|8B[(H Tո ZrU+?vƇ!qbwSV '#ȫrHNJ5[9UղĶ3.= k' klqߋt2Ti\'sX2w{ѺB ?݁E5=ICw5ϴchJNj=,/5gi3@ \:`A)6mn ^]ުe8Eq\x,3u\Qt{v,x]S<,Du{1CZ]rY}E_ q+=F'x tDo7۰;.xʜ,=~!K5&oYq>sB?uorO0#͡oo۽dYviimơ85J=~l/Nt6DY[f{wCVȊ̙S.zr.F&tZp@2M3}>JfxӼ2iќAxn>;]mtC7bR8A/'gjw.er@r@oqw6{ZgEQJ=q @5qw5V{QI)*tu=//s`TTzH^8⛈ڃ}soD: ʷ'8\Kn1Ƅ??C4ȥN</:; `!3Ȑ +Q1m&3$9g20 )8T0x l?|nwkLRx26y)h4Rg7 lv8HW - 6N 7V9U+/[QVD3>>d VVip{$#譴-埋X`֙3gIum ܘ`Yn|Ta !,EBXq` "{TXa>Tԫ'A ߠqs_:>}uPh+$a 9zHS;*\r6RRvЍ"m^Kǘ ˓# pʮ\M!~DPSp=Bµo]UݖJ/#{eRX[Bݙ6F(Gji&+D^MjX(k捗  >wR Rs>#V _R*O"ְ𤉻q2]sisʓJ/,jSvx;K- X&3n&Q1"җCв *?dl3/f~bq$8F n76666~YqXΕ6dyUq BTJ0JiI}^Q0#W+7F~Ejڨ3R_|y6i;/RlY 75 ťb'iÀ5jVx(3M=eۮ')yP4 €3.E <,ߴOxuK#/U2- OJ>)TexJݒ1{K׶k꒚ l $ʒP1> Zs#)R[س;^ڟ;kũ` V"˓0O|=_ܣ86 o*By o` [Ds,DsPgsva{9.#1{עȴ皵-6&EZe!R"$ a^ =VB?-Bz#&ɒ* n/rqOC+fx!9tae1O#Ï|n,Τ5J1C3!l˅q][do'` ^~0Ҁ2{xԜaи?HZh^:}4NV7L;MywwwwE%niׇU1|n_.|ExRR7L<6A=_Ә뛕@Q[:voU[_^%vmf&cș?))" I@:\oM4* ]^o]]/ߌObKw`dP6w45@DҸlk2]k3, b?xc/ǎqymuLEwfX{pE#F/(^!아{5\Xa[Րz>ui{@-fJWnҹATfSyGWм=̱]g>frb_=B!!9+: qC!wѡ$B N9}{mK~z7 .р={P.ޫP- (g '?[^7e=pV Z3 0v4KzM\AūMHCœ1-ķFsp5#L/RT`.ك*Q l߼+!) fFR2o jߦ̿m_uT(V^s5ǁ dUooȲ.ٷt%G۴RPSW36}ߤezL-^O5zl¯BIf#e։ )V(dLS3ƚe<' M~ml%@=N_">8\AO\腭Ӄ%:?ط}Uj έmorPT燃>k^~/u~ɏcjeȓy0\ ';j>i%n[b1E+l@.h }L=!LKr|יn[*0g8;7 ~kՃ܁Z9X~Z+ Rn,"yxa yu%lPFPx> 3s+C2Bm.9191yP>sjp7ZUt=咷%:^'Yb Z7q&B"rT餷 K!XXxpU1 &G Ɵ|Z0=Cisݰ3#lzZCJOkƷm{Vi j+Lp9Z8P_q=o7ݝB 57:Ub3Y7Sק)@c,-{#o Yh2lKaZ$e~TRuu1bc"̶t|?Gj>WTJʑ!~g+"<rC3-U1H""Ql[XT J)1 mh Pу%ƌ2L\lgN((#L~59 IpOaˡǪFcj+ɱFsK k q|Pп0Y{wn/*~ߊ YlngIDmh6-ý,H@jm#/Tګ61 VY$.^`hR<璣]%FT!)h Yv ,&B"9tdhzG,ŘV̯nR߅q>&[Q{RmgPW1rRm4he⪌)Dk"3^*r@(YIr' .G.!Yo/?VHtVrob[Zc~_D_t&KgRZtMpk97aT0|LD|d&;(~񇇇/tX0/b-38#^>Nn!2K=o~{@\p X!r,(Ie%+փފ> sF@YbG P56:Y?CsF.׽v߾ꡇU CJ嵁Dp@0uwCٞjd80>>Dnj,O= RdfbVb-=MmV<7rapko9gH0ע r؇*.zj.՝cpT`qj d5&t857>w=?_zI݊1% aArz>]{FpsD70KNx scS̿u@rjAx)\26Fiŷ^(l8*wxc.l|>0K Dja˖]N"@[ ' !z1t7QI,e~/xģ3OmXeb xpxm)lwrgp͒j:rtT+rb:KM 5;=nUĶnNKL BH$bax=9`51A<dwȓY~,aP8\  +z*J9W &u%O<weX z(؉ܷx͒W2qnɥJR e0AV0`A-#2fg44\K-v@< LB،Pf rg_I4UMz{ͫeӽ 5¶-R%ew[_/'U碟xdg&cE`X<eHy)sS9MjM4Wñ;KWΒ}VX\mSkQwg`JT/!bXűuPl 37=V؊jm9j8ٙEoC"uy/}uri)sXmn~(hO!v{vOL=0[EYJG(RR~W˛ FJyʻ)H-ARބI ~>@?'(v6wZzR3r'{^J( mW?Osyy|y ~?)9񟧌<>ρ>Sy"esJ)R~)0){s?0)ׅwSM?]/r qBeW@?W)kbٔr/e}~ _7B_sZ9s>>ʯʁ~SڿNi:NR7Rq S,b~B/ȋOi射8I)By<+<^`]k )x.3{ %;[?[u.V|]!,.%PVO[«3/Y307Q em{}eh}1Ɨ^Z%/$pJU-(er)swrHiDDK1QTYɹ 6rb 0XT^9Q(Fuo*!K0Y=v̐ga0VJ!'\BxGt-&+2dof2 `dR͍p$v@}pDR P}oy=m YI*7ǫW6VI2hؐMK؊9Nح? &N>y@Of™C{KX&3(W "-7.@# dϽE!NEIB7=[Lgt9_=F5' \˦=w7`p*}t11)#a퉷4455~ɱiL(1 kDF(d#Bg1c[:i&gK\۞ۀ6[ݨ3K~5x\ nagy3)D;em%^#%:ac{I>Xz7`k/}{ S\}T.Q " 2kHH 2s{D|%j=SnFD֣co[4&6pN瘽HaCKF2}jRgj[h};gsWa?>N@Um6aƵHzBXOt(,5u8:\5m$$&"3@ gYlVxRBZ9=vbb RJvMF*HsGSmMTx/ē_| P'Wbz`#YұߞQ DQ[K|~%^Πb_wsԶeQ&PLŽ5ʆ)Jq[+~HRS/l\w|7(69B{C}ow ,AP6N>O&1| j7*عsC1L1P8v2OA=p ύ+e[a O2C2Ay خ;Oq^G 3>Fd7eߙTP1$(+nOvGX '>4'كt4pM@!(_ْk0. 9@/7A{| r@b]T؂O^\jTj_fRTnlSP`xlԙɎjSw:E}2\Xx kyfţ3+gt-(5x2[ṅMek(|_a[0~Y+JbA4|>Ei3|@ =( oz05`y+@44z pS{n)ZF$ci ԭ全<?߀~C.vQEeN܌1F Ш6pCTؕEodS^kycOE]Y>Ѝ O!ngNb*kna1 g'{y{~k'> ill,e׎`YX&5D3/O B7Ѱ0 L{,luEE%%ÀbFCa 0F:p2 1>.Oh<˜4W6IĶqyn6тKv,ejVN~TʩmbPѽk xؚսU$bC=A$K>jOcV\3|7tZЎksq7E Sga+cPXjcL1G,@\փ LW{څGQY6;|,ݐbV"Nd׊2q)9= )}&b쇶ԌaBbȴ iL$g8% S^೐l,/A,8r"r*]xWI"cXM7X ZD+x1ƕyXqө8YoW.}ByҽK'ٗCRI>SW,v48~v.3ba'*nw>7gݫ, MmtK͏.ZRPD^ZP$DU RzVs!^/uK+_1d͆-<GzMQKj9N"i~ۊΘ#iQfX:rYOB%ե{,;uD^b'e>Td%rR[W+w6c!V0vlǝlt n!%C\&Ůvbe}I*