ORLANDO, Fla.—Walking into Steve Ballmers keynote on the first morning of Microsofts Tech Ed conference here, one immediately gets the sense that software updates, patch management and Windows security will be front-burner topics.
Even before the Microsoft Corp. CEO officially announced the release of WSUS (Windows Server Update Services), attendees were fiddling with free copies of the patch-management infrastructure handed out before the keynote began.
For Ismael Pimienta, a network specialist at the University of Miami, the final version of WSUS is a “must have” to help schlep through the complications associated with the large-scale, rapid deployment of Windows updates.
“Were managing a Windows-centric environment with 150 servers and we depend heavily on these tools,” Pimienta said in between visits to the many security-themed booths on the show floor.
Pimienta and two other colleagues said they are here at Tech Ed primarily to look at security technologies to improve the way the universitys servers and desktops are protected.
After grilling the representatives at the Sybari Software Inc. booth about features of their enterprise anti-virus and anti-spam products, Pimienta told Ziff Davis Internet News that he was largely satisfied with Microsofts efforts to secure the software it sells and was pleased that a patch-management solution was ready and freely available.
“I have to say, they [Microsoft] have been much more responsive on security and their patches and updates have become more and more stable. We trust SUS for the delivery of patches and we plan to migrate to WSUS now that theres a final version,” Pimienta said.
Even so, he said, the school still uses a third-party vendor to verify and test the updates before deployment, and adopts strict patch testing on a limited number of servers and desktop before full-scale rollout.
Mario Juarez, a program manager in Microsofts Security Business & Technology Unit, said the company was thrilled by user feedback during the extended WSUS beta test. “Weve had 68,000 downloads of WSUS, and the feedback has been phenomenal. Were seeing customers and partners doing some really cool stuff on the integration side,” Juarez said in an interview.
Microsoft partners integrating the patch-management mechanism into third-party products include Patchlink Inc., Citadel Security Software Inc. and BindView Corp.
During the testing phase, Juarez said Microsoft logged almost 70,000 downloads and counted WSUS deployments on about 21,000 servers in corporate environments.
It was not easy to get attendees to open up about patch deployment and internal security mechanisms. Privately, IT administrators who made the trek here to survey security technologies said they plan to use WSUS but only alongside third-party patch-management solutions.
“We will use the Microsoft product but, for checks and balances, well pay for another vendor to help with the verification of the patches and, in some cases, even the delivery,” said one IT administrator who is here to shop for enterprise anti-spyware software.
On the other hand, Brian Thompson, who is part of a two-man team responsible for security at Socket Communications Inc., said he currently uses SUS exclusively to handle the distribution of patches to the companys 75 desktop systems.
“Well upgrade to WSUS,” he said matter-of-factly. “I havent found anything better to handle what we do. It works perfectly for us on the client side.”
For Sockets 25 servers, it remains a manual update process. “Automated server patching is a no-no. I do those manually,” Thompson said.
Next Page: The spyware menace.
The Spyware Menace
Ziff Davis Internet News quizzed about a dozen attendees on the high-priority security problems that called for improved budgeting. Each one said that spyware had surpassed e-mail-borne viruses and spam as the “biggest nightmare.”
“Its not just having unwanted software on desktops, but spyware is a drain on resources when you have an infection,” said the University of Mimis Pimienta. “You are always worried about information leaks when keyloggers and tracking software sneak onto the machine, but, even worse, you are running from machine to machine trying to disinfect and uninstall, and thats a major expense.”
“Youre also dealing with major desktop performance issues. It is the biggest problem today, without a doubt,” Pimienta said.
In the exhibit hall, vendors displaying enterprise-facing anti-spyware products are clearly visible.
Microsofts blue-shirted employees are also busy displaying the Windows AntiSpyware beta version, constantly reminding the throng that a for-profit version with management capabilities will ship once the consumer product goes final.
Socket Communications Thompson said his company was testing Sunbelt Software Distribution Inc.s CounterSpy product for spyware protection, but that he is keen to take a look at a corporate edition of the Microsoft product.
Sunbelt, which has a history with Microsoft, also has a major presence here, using the lure of a Chopper motorcycle to help score some attention for CounterSpy demos.
Interestingly, Sunbelts anti-spyware signature database is being powered by engineers at Redmond, thanks to a co-ownership deal on the rights purchased by Microsoft when it acquired Giant Company Software Inc. earlier this year. Microsoft is delivering spyware signature updates under the pre-existing Sunbelt/Giant partnership through July 2007.
As Microsoft gears up to deliver enterprise security products, theres a growing sense here that the irony of a company hawking security for its own products wont come into play.
“Thats a non-issue for me,” Thompson said. “Id consider a security product from Microsoft because, to some extent, they have an edge over competitors.”
“Who else would have a better understanding of how Windows works or how to patch security holes? Its a helpful thing that they own the software they are protecting because they know how it works inside and out,” he added.
“It seems to me that Microsoft is committed to spending on R&D around security. Theyre putting a lot of emphasis on identifying all the different types of spyware, malware and viruses, and I think they are slowly gaining trust,” he said.
Thompson singled out Microsofts work around rootkit detection as one area where the company is way ahead of others in the industry.
The University of Miamis Pimienta was also unfazed by the perception that Microsoft products are insecure. “If theyre priced competitively, wed consider it,” he said of Redmonds enterprise anti-virus/anti-spyware lineup.
Another big security-themed topic dominating the water-cooler chatter at Tech Ed was the security enhancements coming this summer in the refresh of the Internet Explorer browser.
Microsoft employees here flatly refused to discuss plans for IE 7.0, and it came as a surprise to many that some basic details were included in a presentation from Gordon Mangione, Microsoft corporate vice president.
Mangione confirmed that IE 7.0, due later this summer, will ship with reduced privilege mode turned on by default to help thwart browser-based hacking attacks.
“Weve rearchitected it to defend against exploits,” Mangione said, describing the latest browser version as a “lower rights IE” with base minimal privileges. The new browser will also feature major changes in the way files are executed, and new anti-spoofing and anti-phishing technology to let users identify scam Web sites.
“Im really looking forward to what they will do with IE. It would be nice to be able to rely less and less on anti-virus and anti-spyware and more on the operating system,” said one sys admin who insisted on anonymity.