SAN DIEGO — Security may be a hot-button IT issue, but you wouldn’t know it from Mike Nash’s keynote at the recent Tech Ed 2004.
Microsoft’s corporate vice-president of the security business and technology unit spoke before a virtually empty auditorium about Microsoft’s security strategy and
tools. To be fair, there were more than 400 sessions scheduled for Tech Ed. There were probably a few conflicts.
Nash said customer feedback in the wake of last year’s Blaster virus indicated Microsoft needed not only short-term security focus, but also a long-term view — predicting and anticipating threats.
Customers wanted the impact of malware to be minimized, maintenance to be simpler, enjoy better access control, and more reliable, secure software.
Windows XP Service Pack 2 addresses some of those issues (though one IT professional in the audience questioned the year-long response time). One of the “”key learnings”” from Blaster, said Nash, was the effectiveness of firewalls — machines equipped with firewalls were immune to the virus. XP is shipped with its built-in firewall turned off — it caused too many conflicts with other applications without some configuration work. Microsoft developers had to establish how to configure the firewall to minimize the conflict. Service Pack 2 ships with the firewall engaged by default.
Other tweaks let users know when code is attached to e-mail and prevent the Web browser from automatically installing software from Web sites. Pop-ups — one source of exploit code, according to Nash — are blocked by default. The Service Pack is now in the “”release candidate”” stage of development.
Internet Security and Acceleration Server 2004 will ship “”soon,”” said Nash. ISA is a firewall-VPN-Web cache product that protects against application layer attacks, Nash said. Microsoft Canada said it planned to launch ISA locally at the InfoSecurity conference in Toronto earlier this month.
According to Jen Field, Microsoft’s security business and technology unit project manager, ISA runs on a “”hardened”” version of Windows Server 2003 — code that isn’t necessary to run a firewall is stripped out, reducing the services that can be exploited.
ISA will be able to inspect clients to make sure they have up-to-date patches, anti-virus signatures and firewalls, isolating boxes that don’t from the rest of the network and allowing only enough access to receive updates, she said. ISA also blocks inappropriate system behaviour that’s a sign of infection — “”When Notepad starts to send e-mail, you know you’ve got malware,”” she said — and intrusion prevention.
Several partners have an-nounced appliance firewalls based on ISA, including Celestix, Network Engines and Hewlett-Packard. HP’s box, the Proliant DL320, will be available in the fall of this year with prices starting at US$3,000.
During the conference, Microsoft and six partners — IBM Corp., Netegrity Inc., Oblix Inc., OpenNetwork Technologies, Ping Identity Corp. and RSA Security Inc. — announced interoperable federated identity management technology based on the Web services architecture.