Close
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Latest News

      Securing Windows Server 2003

      By
      Dennis Fisher
      -
      April 18, 2003
      Share
      Facebook
      Twitter
      Linkedin

        SAN FRANCISCO—The upcoming release of Windows Server 2003 is a watershed event, not only for the Windows group, but also for the security team at Microsoft Corp.

        Company executives have made it quite clear over the last few months that the next version of the flagship operating system will be a key test for the processes and improvements made as part of the Trustworthy Computing initiative.

        In fact, Dave Aucsmith, chief technology officer of the Security Business Unit at Microsoft, based in Redmond, Wash., said if the OS is found to be as vulnerable as previous versions of Windows, it will mean that the companys model for improving security “was wrong.”

        However, folks in Redmond arent just holding their breath and hoping for the best. The company has made some major changes to Windows that executives believe will begin to turn the tide in the battle against vulnerabilities and other quality problems.

        One key security improvement in Windows Server 2003, set for release April 24, is a feature that checks the configuration of user PCs as they connect to the network. If the machine is not configured properly, i.e., doesnt have updated anti-virus signatures or a personal firewall installed, the software can quarantine the machine on a private segment of the network until it is reconfigured. Some third-party vendors sell similar solutions as add-ons to Windows, but this will be the first time that such a capability is included in the OS itself.

        As part of the security push that all Microsoft products now go through, the companys internal penetration testers developed some innovative tools to attack new applications.

        Page 2

        “We spent a lot of time and money on penetration testing,” said Mike Nash, vice president of the SBU, during an interview at the RSA Conference here this week. “We decided to look for new ways to attack products and anticipate the next generation of attacks. One of the ways people do this is by going after points of integration. Integration is a source of complexity, complexity is a source of vulnerability, so our goal is simplicity.”

        This approach to penetration tests has convinced Nash and others inside the SBU that for the Trustworthy Computing effort to be a success, it must include several separate components and not just rely on one element.

        “Its not just education or training or pen testing or writing secure code. Its the combination of all of these things that drives quality and security,” Nash said.

        Still, even with all of the new technology and processes in place, Nash knows the release of Windows Server 2003 is just the beginning of a long journey. “Our customers are asking why there are so many vulnerabilities and what we can do about it,” he said. “We still have a lot of work to do.”

        Latest Microsoft News:

        Search for more stories by Dennis Fisher.
        Find white papers on security.
        For more on Windows Server 2003, see our special section.

        Dennis Fisher
        Get the Free Newsletter!
        Subscribe to Daily Tech Insider for top news, trends & analysis
        This email address is invalid.
        Get the Free Newsletter!
        Subscribe to Daily Tech Insider for top news, trends & analysis
        This email address is invalid.

        MOST POPULAR ARTICLES

        Latest News

        Zeus Kerravala on Networking: Multicloud, 5G, and...

        James Maguire - December 16, 2022 0
        I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
        Read more
        Applications

        Datadog President Amit Agarwal on Trends in...

        James Maguire - November 11, 2022 0
        I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
        Read more
        Cloud

        IGEL CEO Jed Ayres on Edge and...

        James Maguire - June 14, 2022 0
        I spoke with Jed Ayres, CEO of IGEL, about the endpoint sector, and an open source OS for the cloud; we also spoke about...
        Read more
        Applications

        Kyndryl’s Nicolas Sekkaki on Handling AI and...

        James Maguire - November 9, 2022 0
        I spoke with Nicolas Sekkaki, Group Practice Leader for Applications, Data and AI at Kyndryl, about how companies can boost both their AI and...
        Read more
        IT Management

        Intuit’s Nhung Ho on AI for the...

        James Maguire - May 13, 2022 0
        I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
        Read more
        Logo

        eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

        Facebook
        Linkedin
        RSS
        Twitter
        Youtube

        Advertisers

        Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

        Advertise with Us

        Menu

        • About eWeek
        • Subscribe to our Newsletter
        • Latest News

        Our Brands

        • Privacy Policy
        • Terms
        • About
        • Contact
        • Advertise
        • Sitemap
        • California – Do Not Sell My Information

        Property of TechnologyAdvice.
        © 2022 TechnologyAdvice. All Rights Reserved

        Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

        ×