SAN DIEGO — Security may be a hot-button IT issue, but you wouldn’t know it from Mike Nash’s keynote at Tech 2004 this week.
Microsoft’s corporate vice-president of the security business and technology unit spoke before a
virtually empty auditorium about Microsoft’s security strategy and tools. To be fair, there were more than 400 sessions scheduled for Tech Ed. There were probably a few conflicts.
Nash said feedback from customers in the wake of last year’s Blaster virus indicated Microsoft needed not only short-term security focus, but also a long-term view — predicting and anticipating threats. Customers wanted the impact of malware to be minimized, maintenance to be simpler, enjoy better access control, and more reliable and secure software.
Windows XP Service Pack 2 addresses some of those issues (though one IT professional in the audience questioned the year-long response time). One of the “”key learnings”” from Blaster, said Nash, was the effectivenes of firewalls — machines so equipped were immune to the virus. XP is shipped with its built-in firewall turned off — it caused too many conflicts with other applications without some configuration work. Microsoft developers had to establish how to configure the firewall to minimize the conflict. Service Pack 2 ships with the firewall engaged by default.
Other tweaks let users know when code is attached to e-mail and prevent the Web browser from automatically installing software from Web sites. Pop-ups — one source of exploit code, according to Nash — are blocked by default. The Service Pack is now in the “”release candidate”” stage of development.
Internet Security and Acceleration Server 2004 will ship “”soon,”” said Nash. ISA is a firewall-VPN-Web cache product protects against application layer attacks, Nash said. Microsoft Canada plans to launch ISA locally at the InfoSecurity conference in Toronto next week.
According to Jen Field, security business and technology unit project manager, ISA runs on a “”hardened”” vesion of Windows Server 2003 — code that isn’t necessary to run a firewall is stripped out, reducing the services that can be exploited.
ISA will be able to inspect clients to make sure they have up-to-date patches, antivirus signatures and firewalls, isolating boxes that don’t from the rest of the network and allowing only enough access to receive updates, she said. ISA also blocks inappropriate system behaviour that’s a sign of infection — “”When Notepad starts to send e-mail, you know you’ve got malware,”” she said — and intrusion prevention.
Several partners have announced appliance firewalls based on ISA, including Celestix, Network Engines and Hewlett-Packard. HP’s box, the Proliant DL320, will be available in the fall of this year with prices starting at US$3,000.
Microsoft has been banging the security drum this conference. CEO Steve Ballmer, in his keynote on Monday, called security “”Job 1.”” Nash stressed Microsoft’s security record since founder Bill Gates’s memo of two years ago outlining the “”trustworthy computing”” initiative, with a reduction to 13 critical updates in the first year of release for the 2003 server from 42 for the 200 version.
And on Tuesday, Microsoft and six partners — IBM Corp., Netegrity Inc., Oblix Inc., OpenNetwork Technologies, Ping Identity Corp. and RSA Security Inc. — announced interoperable federated identity management technology based on the Web services architecture.
According to Andy Lees, Microsoft’s corporate vice-president of the serve and tools business, the WS-Federation specification binds identity, account, authentication anhd authorization, eliminating the need for specifying technical requirements for interoperation between vendors’ products.