Microsoft made some waves in the security industry when Windows Live OneCare made its debut two years ago. Roughly six months after the release of Version 2.0, Microsoft has its eyes on the small and midsize business market and building out its anti-malware capabilities. Amy Barzdukas, senior director for Windows Live OneCare, sat down with eWEEK’s Brian Prince to discuss plans for the security offering and the upcoming release of OneCare for Server.
Windows Live OneCare came out targeting the consumer market. Is the company now also focusing on small business?
Windows Live OneCare, currently with its support for three PCs, [is] good for a very small business or a home-based business. This summer we’ve announced that we will have OneCare for Server, and a trial of that will ship with [Windows] Small Business Server 2008. As part of that we will also enable small businesses to accommodate more than the three PCs for OneCare, although we haven’t announced the details of the pricing and licensing around that model.
But we will scale it to make sure we can accommodate businesses up to, say, about 25 PCs. Once you get into a server network environment beyond 25 PCs, you probably have the need for manageability and reporting that go beyond what OneCare offers. And at that point we want you to go to either a hosted solution or Forefront, something like that. That really has a more granular ability to manage an infrastructure that’s suitable for a company that size.
If you are a business owner, how do you decide between Forefront and OneCare?
When you look at the whole small and medium business space, there are an incredible number of subsegments within there. You’ve got a small business that maybe has five employees today. But they intend to [have] 50 employees in 18 months. So they’re already thinking about scaling to that kind of size.
Then you have small businesses that really-it may be a mom-and-pop shop and they don’t really intend to have any more kids so that’s the size of the business … we think about it just in terms of PC size within specific scenarios. Really, below 25 PCs your complexity is such that OneCare is probably going to be sufficient, unless you are a business under 25 [PCs] that is going to be 200 [PCs] in 18 months. Then you want to start building out your network topology to accommodate that much larger size.
But OneCare is a great solution for a home-based office or a very small business. If you are a network and branch office scenario, you are already into a land of server complexity and you really are not probably the best candidate for OneCare. So [for] small businesses that more closely resemble a consumer scenario, or small businesses with just one or two servers, OneCare is a great solution.
What are the capabilities of OneCare for Server? Is it the same as the OneCare version out now?
It is very similar to the client, and the purpose of OneCare for Server will be to provide the full range of security protections for the server that you currently have on the clients. And it will also be able to then be a hub PC to be able to monitor the health of all of the clients in your [OneCare] Circle.
Heuristics, Integrating Komokus Tech and Benefits of OneCare Circle
What are you doing along the lines of expanding the heuristics capabilities of OneCare?
We’re constantly evolving the capabilities of the anti-malware engine in OneCare … We also acquired Komoku, [which focuses on] rootkit technologies. We are continuing to update the ability of our engine to use heuristics as well as signature-based protection … You need to be able to look at kind of behavioral aspects, look more broadly across the range of threats, because they’re always changing. I think back to 2003 and that was kind of a real inflection point when worms were the thing we were most concerned about.
Then in the second half of 2004 we started really worrying about spyware, and that became a significant threat vector. And now we’re much more concerned about blended and silent attacks, where virus writers went from being vandals and tagging their name on corporate sites to bragging in e-mails and bragging in the virus code about how smart they are to now being quiet-because it turns out if you’re wanting to steal money, which is really the motivation now, it’s much better not to brag about it.
Where is Microsoft in terms of integrating Komoku technology into OneCare?
We’re working on [it]. As with most acquisitions in the security space, there are benefits that accrue immediately from the people that come over with the acquisition and the expertise that they bring, and there are technology pieces, and a lot of times the technology pieces take a little bit longer to integrate into products. So it’s on the road map, but I don’t have a timeline to give you.
So, at this point, why go with OneCare over rival tools from Symantec, Trend Micro or other security vendors?
Our biggest concern is that customers get and stay up to date with protection, and I would be delighted if they wanted to use OneCare, but I’m more concerned that whatever they’re using is up to date. Because in the land of always-on and persistent Internet connections, if you leave your house unlocked, you’re at threat of someone coming in and stealing your china, but if you are leaving your PC unprotected, it’s not just your china, you’re also allowing your computer potentially to be a vector of attack against other computers … We think OneCare is more performant, inasmuch as there’s no system drag.
A lot of people complain about the anti-virus slowing down their systems, and it’s a reason that they either turn it off or they don’t reup on it. We don’t want people to turn it off because they think it slows things down, so one of the design goals of OneCare has been to be less noisy and less intrusive. We also think that the benefits of the OneCare Circle in allowing you to manage the PCs in your home and to make things like printer sharing and centralized, scheduled backup really, really easy is a great benefit.
So if I install a printer on one computer in the circle, it will say, ‘Do you want to install this printer on the other PCs?’ ‘Yes’-done, easy. Yes, it is possible to do printer sharing with the wireless network with Windows, but it’s not necessarily easy and the real design goal of OneCare is to be very, very simple to use and you don’t need to be schooled in IT or know IT technical language to be able to use it.