Close
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Artificial Intelligence
  • Video
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    Microsofts Security Plan Gets Mixed Reviews

    Written by

    Dennis Fisher
    Published March 1, 2004
    Share
    Facebook
    Twitter
    Linkedin

      eWEEK content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

      Microsoft Corp.s plan to add a slew of new security features and functionalities to Windows and other products is drawing a mix of public praise and criticism in the security community, even as many experts express private concerns about the companys motives and tactics.

      The additions, which Microsoft Chairman and Chief Software Architect Bill Gates discussed at the RSA Conference here last week, include a range of improvements to the firewall in Windows XP as well as a plan to implement behavior-blocking and other dynamic security technology in the operating system. Microsoft will also add lightweight code-scanning tools in the next version of Visual Studio, code-named Whidbey.

      All the moves come under yet another security umbrella from Microsoft called Active Protection, an extension of the companys Trustworthy Computing initiative.

      Despite the positive direction, many experts at the conference were underwhelmed by Gates announcements.

      “Security is not as exciting as the next cool thing in Windows,” said Bruce Schneier, chief technology officer of Counterpane Internet Security Inc., in Cupertino, Calif. “[Gates] had an opportunity to wow us. I wanted to be wowed. I didnt want to hear about cool dialog boxes.”

      However, “its a big boat to turn around,” Schneier said. “Give him some quarter for that. But hes had some time to turn about the boat. Security should be his bottom line.”

      /zimages/2/28571.gifTo find out what else Schneier had to say about Gates announcements, read “Security Guru Unmoved by Gates RSA Remarks.”

      Users also criticized the Redmond, Wash., company for what they see as a lack of innovation, and they said it will be years before the Active Protection capabilities are refined enough to be useful.

      “This is the way they work,” said a security manager from a large government agency who asked not to be identified. “They take things that other people have done, put them in their own products and then try to tell you theyre as good as the stuff thats already been out there for years. Its not going to suddenly make us think Windows is more secure or change the way we buy their stuff. But its probably bad news for a lot of security vendors.”

      Vendors and users point to Microsofts partnerships and relationships with companies such as Sanctum Inc. and TippingPoint Inc. as evidence of such activity. Microsoft and Sanctum have worked together for some time, and Sanctums AppScan DE solution is similar to the code-scanning tool in Microsofts Visual Studio enhancements.

      Next page: Security vendors express concern.

      Page Two

      Indeed, Microsofts moves were the main topic of conversation among security vendor executives here. Many said they were concerned about the possibility that Microsoft could ultimately give away technology their companies sell.

      “The vision is very good. Its a good strategy,” said George Samenuk, CEO of Network Associates Inc., in Santa Clara, Calif., which recently shifted its focus to intrusion prevention, a market that Microsoft seems set to enter with the addition of the behavior-blocking technology. “But theyre going to need partners to pull it off. Just because Microsoft is going to give that stuff away doesnt mean that ISPs and enterprises will rely on it.”

      Microsoft officials said the features and functionality Gates discussed are things customers have asked for and called them logical extensions of the companys Trustworthy Computing plan.

      The biggest changes on tap are additions to the Dynamic System Protection technology, which can block malicious application activity, and the upgrades to the Windows firewall in Windows XP. In Service Pack 2, due by the end of June, the firewall will enable users to allow or deny applications access to the Internet on an individual basis, and it will open and close ports dynamically in an effort to prevent users from leaving ports open unnecessarily.

      “We had to make some of these innovations,” said Mike Nash, vice president of the Security Business and Technology Unit at Microsoft. “From a usability perspective, customers needed them. Its a multifront war, and this is a combination of all our bets.”

      Not surprisingly, some Microsoft competitors were critical of the companys plans, saying it was emphasizing the wrong things and taking a misguided approach to security.

      “Network security is not the oxymoron our competitor would like you to believe, but its time the industry admitted that the defensive approaches to PC security—with bigger moats, taller walls and memos from the CEO—have clearly failed,” said Jonathan Schwartz, executive vice president of software at Sun Microsystems Inc., also in Santa Clara. “Its time we went on the offensive by proactively authenticating and differentiating service to the good guys, instead of always hunting the bad.”

      Microsofts Nash said the company is still not sure exactly where Active Protection technology will show up, but he said it should be in Windows prior to the “Longhorn” release slated for 2006, possibly as part of a service pack.

      Additional reporting by Scot Petersen.

      Dennis Fisher
      Dennis Fisher

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      Get the Free Newsletter!

      Subscribe to Daily Tech Insider for top news, trends & analysis

      MOST POPULAR ARTICLES

      Artificial Intelligence

      9 Best AI 3D Generators You Need...

      Sam Rinko - June 25, 2024 0
      AI 3D Generators are powerful tools for many different industries. Discover the best AI 3D Generators, and learn which is best for your specific use case.
      Read more
      Cloud

      RingCentral Expands Its Collaboration Platform

      Zeus Kerravala - November 22, 2023 0
      RingCentral adds AI-enabled contact center and hybrid event products to its suite of collaboration services.
      Read more
      Artificial Intelligence

      8 Best AI Data Analytics Software &...

      Aminu Abdullahi - January 18, 2024 0
      Learn the top AI data analytics software to use. Compare AI data analytics solutions & features to make the best choice for your business.
      Read more
      Latest News

      Zeus Kerravala on Networking: Multicloud, 5G, and...

      James Maguire - December 16, 2022 0
      I spoke with Zeus Kerravala, industry analyst at ZK Research, about the rapid changes in enterprise networking, as tech advances and digital transformation prompt...
      Read more
      Video

      Datadog President Amit Agarwal on Trends in...

      James Maguire - November 11, 2022 0
      I spoke with Amit Agarwal, President of Datadog, about infrastructure observability, from current trends to key challenges to the future of this rapidly growing...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2024 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×