Microsoft Sets Unified Security Strategy with Stirling

Updated: The software maker claims "Stirling," due in two years, makes security a single process across the client, server applications and network edge.

Microsoft officials have outlined plans for a unified security product they say will allow users to centrally manage security across an entire IT infrastructure from a single console.

Code-named Stirling, the product is designed to enable IT managers to centrally set policy, configure, deploy and manage security within their IT environments. When it is officially released—Microsoft officials have mentioned 2009 as a general release date, with the beta version to be available later in 2007—it will include the next-generation versions of the Forefront Client Security, Server Security, and Edge Security and Access solutions, plus a unified management console.

/zimages/2/28571.gifFor advice on how to secure your network and applications, as well as the latest security news, visit Ziff Davis Internets Security IT Hub.

The move is a challenge to more dominant security vendors like Symantec, which has put a focus on integrated tools. Symantec officials declined to comment on Stirling, but Steve Brown, director of security and access product management for Microsoft, based in Redmond, Wash., said the new product will reduce complexity and cost and improve security across a customers entire IT infrastructure in a way many other tools do not.

"What we consistently hear from customers is that they have a lot of pains … and a lot of problems that are not currently addressed by business security products that are out there on the market," Brown said. "Most of their existing solutions today have multiple consoles for doing things like policy definitions, multiple consoles for doing management, and in fact no ability to do critical visibility and reporting for the health of the overall systems and their infrastructure."

Chris Christiansen, a security analyst for IDC, said the move is a competitive necessity for Microsoft because other vendors have been headed down this path for years.

"The midtier companies definitely want it," Christiansen said.

Stirling will not "play nice" with third-party security products—at least not right away, Microsoft officials said.

"Over time what well look to do is figure out ways to provide direct management capabilities for different third-party solutions as well," Brown said.

Stirlings integration with Microsofts NAP (Network Access Protection), a policy enforcement platform that is now part of Windows Vista, will allow customers to enforcement their security standards on endpoints while checking the health of those machines, Brown said.

"This is really something thats a game-changer," he said.

Editors Note: This story was updated to include additional information from Microsoft and comments from analysts.

Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.