Indeed, Microsofts moves were the main topic of conversation among security vendor executives here. Many said they were concerned about the possibility that Microsoft could ultimately give away technology their companies sell. "The vision is very good. Its a good strategy," said George Samenuk, CEO of Network Associates Inc., in Santa Clara, Calif., which recently shifted its focus to intrusion prevention, a market that Microsoft seems set to enter with the addition of the behavior-blocking technology. "But theyre going to need partners to pull it off. Just because Microsoft is going to give that stuff away doesnt mean that ISPs and enterprises will rely on it."The biggest changes on tap are additions to the Dynamic System Protection technology, which can block malicious application activity, and the upgrades to the Windows firewall in Windows XP. In Service Pack 2, due by the end of June, the firewall will enable users to allow or deny applications access to the Internet on an individual basis, and it will open and close ports dynamically in an effort to prevent users from leaving ports open unnecessarily. "We had to make some of these innovations," said Mike Nash, vice president of the Security Business and Technology Unit at Microsoft. "From a usability perspective, customers needed them. Its a multifront war, and this is a combination of all our bets." Not surprisingly, some Microsoft competitors were critical of the companys plans, saying it was emphasizing the wrong things and taking a misguided approach to security. "Network security is not the oxymoron our competitor would like you to believe, but its time the industry admitted that the defensive approaches to PC securitywith bigger moats, taller walls and memos from the CEOhave clearly failed," said Jonathan Schwartz, executive vice president of software at Sun Microsystems Inc., also in Santa Clara. "Its time we went on the offensive by proactively authenticating and differentiating service to the good guys, instead of always hunting the bad." Microsofts Nash said the company is still not sure exactly where Active Protection technology will show up, but he said it should be in Windows prior to the "Longhorn" release slated for 2006, possibly as part of a service pack. Additional reporting by Scot Petersen.
Microsoft officials said the features and functionality Gates discussed are things customers have asked for and called them logical extensions of the companys Trustworthy Computing plan.