One year ago, Microsoft was defending the quality of its products, battling with the world's largest security vendors over features in its next-generation platforms, and pitching the company's nascent promise as a provider of IT systems-defense tools at the annual RSA conference.

With the release of its Stirling security management platform at the ongoing RSA Conference 2008 in San Francisco on Tuesday, company officials and industry watchers contend that the software giant is rapidly proving itself a force to be reckoned with in the sector.

[For more coverage, see InfoWorld's special report on the RSA Conference 2008 ]

Vulnerability researchers may still mock Microsoft's overall security standing based on the availability of exploitable flaws in its flagship Windows and Office products, but the company's growing array of security tools is maturing quickly, and its burgeoning security business should be taken seriously by major rivals, including Symantec and McAfee, according to analysts.

The arrival of a Stirling beta -- a package of integration and management tools aimed at helping administrators gain firmer top-down control of their IT security infrastructure -- marks the first opportunity for companies to begin driving their systems defense strategy using Microsoft technologies, company executives said.

Rivals may contend that few businesses will be willing to trust Microsoft to provide their critical security infrastructure, but customers are singing a different tune, the experts maintain.

"We are hearing from customers that point products are no longer the answer; the lack of integration present in that model is feeding complexity, leading to additional vulnerabilities and driving cost of ownership further upward," said Doug Leland, general manager of Identity and Access at Microsoft. "These point products can't provide an end-to-end view on the state of IT environments and lead to a fundamental lack of [regulatory] compliance; we feel that our current set of solutions not only addresses these customer pain points, but also the weaknesses created by these silos of technologies."

Combined with its ID and access management tools, Forefront messaging systems defense products, and end-point anti-malware agents, among other products, Stirling will allow companies to manage a lion's share of their security infrastructure using Microsoft technologies, Leland maintains.

Customers may still need specialized products to deliver on strategies such as DLP (data loss prevention) and behavior monitoring, but businesses can rapidly simplify their security "stack" using Microsoft's stand-alone and integrated tools, he said.

"Stirling will provide complete integrated protection and coordinated management, which is an important point. These aren't simply point products defending individual portions of the IT environment anymore; this is a framework that reaches across the network and end points," Leland said. "Integration by design is a key differentiator from other solutions on the marketplace; through integration, we will help customers save time, reduce costs, and build out a more secure IT environment."

However, Microsoft's security rivals claim that the company's biggest selling point is also its greatest weakness.

In addition to the level of concern that most customers harbor about trusting the software maker to protect its OS, desktop, and infrastructure technologies -- especially in light of the security vulnerabilities frequently found in all of those products -- Microsoft's technologies don't address one of the biggest complexities of today's IT environment, heterogeneity, said John Thompson, chief executive of Symantec.

"Microsoft's entry into the security space will make us a better company and make us better able to support the needs of our customers than perhaps if we had not seen them enter the marketplace," Thompson said. "But in a broader sense, they don't care about issues outside of their own world; I can't think of any large enterprises that are Windows only, so while Microsoft has added capabilities for protection within the context of their own products, we have to address the real-world heterogeneous technologies in use within all of our customers."