Microsoft security maturing fast

With release of its Stirling security management platform, company officials and industry watchers say Microsoft is proving itself a force to be reckoned with in the sector

One year ago, Microsoft was defending the quality of its products, battling with the world's largest security vendors over features in its next-generation platforms, and pitching the company's nascent promise as a provider of IT systems-defense tools at the annual RSA conference.

With the release of its Stirling security management platform at the ongoing RSA Conference 2008 in San Francisco on Tuesday, company officials and industry watchers contend that the software giant is rapidly proving itself a force to be reckoned with in the sector.

[For more coverage, see InfoWorld's special report on the RSA Conference 2008 ]

Vulnerability researchers may still mock Microsoft's overall security standing based on the availability of exploitable flaws in its flagship Windows and Office products, but the company's growing array of security tools is maturing quickly, and its burgeoning security business should be taken seriously by major rivals, including Symantec and McAfee, according to analysts.

The arrival of a Stirling beta -- a package of integration and management tools aimed at helping administrators gain firmer top-down control of their IT security infrastructure -- marks the first opportunity for companies to begin driving their systems defense strategy using Microsoft technologies, company executives said.

Rivals may contend that few businesses will be willing to trust Microsoft to provide their critical security infrastructure, but customers are singing a different tune, the experts maintain.

"We are hearing from customers that point products are no longer the answer; the lack of integration present in that model is feeding complexity, leading to additional vulnerabilities and driving cost of ownership further upward," said Doug Leland, general manager of Identity and Access at Microsoft. "These point products can't provide an end-to-end view on the state of IT environments and lead to a fundamental lack of [regulatory] compliance; we feel that our current set of solutions not only addresses these customer pain points, but also the weaknesses created by these silos of technologies."

Combined with its ID and access management tools, Forefront messaging systems defense products, and end-point anti-malware agents, among other products, Stirling will allow companies to manage a lion's share of their security infrastructure using Microsoft technologies, Leland maintains.

Customers may still need specialized products to deliver on strategies such as DLP (data loss prevention) and behavior monitoring, but businesses can rapidly simplify their security "stack" using Microsoft's stand-alone and integrated tools, he said.

"Stirling will provide complete integrated protection and coordinated management, which is an important point. These aren't simply point products defending individual portions of the IT environment anymore; this is a framework that reaches across the network and end points," Leland said. "Integration by design is a key differentiator from other solutions on the marketplace; through integration, we will help customers save time, reduce costs, and build out a more secure IT environment."

However, Microsoft's security rivals claim that the company's biggest selling point is also its greatest weakness.

In addition to the level of concern that most customers harbor about trusting the software maker to protect its OS, desktop, and infrastructure technologies -- especially in light of the security vulnerabilities frequently found in all of those products -- Microsoft's technologies don't address one of the biggest complexities of today's IT environment, heterogeneity, said John Thompson, chief executive of Symantec.

"Microsoft's entry into the security space will make us a better company and make us better able to support the needs of our customers than perhaps if we had not seen them enter the marketplace," Thompson said. "But in a broader sense, they don't care about issues outside of their own world; I can't think of any large enterprises that are Windows only, so while Microsoft has added capabilities for protection within the context of their own products, we have to address the real-world heterogeneous technologies in use within all of our customers."

And other large security technology providers echoed those sentiments.

Platform providers including Microsoft, Cisco, and EMC have invested heavily in acquiring security technologies, but the integrated features those companies have built into their respective desktop, server, networking, and storage platforms don't provide the level of comprehensive cross-architecture capabilities that large customers demand, said McAfee CEO David DeWalt.

"The question becomes would you trust your [computing infrastructure] and security requirements to a single vendor," said DeWalt. "Microsoft can tell you that they will throw security capabilities into their products, but that turns the overall debate into best-of-breed security from a specialist like McAfee versus a gigantic platform company with some security in their strategy. Our goal with heterogeneity is to create freedom of choice for companies to leverage across their environments; customers don't want to get locked into a single vendor for everything."

While recognizing the need for a "healthy ecosystem" of vendors, Microsoft executives deny, however, that their security technologies relate only to their own products.

Microsoft's identity and access management tools can be used with nearly any type of IT and networking platforms, and in deference to its competitors' skills, the software giant's Forefront security products source anti-virus engines from Symantec and others, company officials said.

And more importantly, Stirling will give customers the ability to manage security systems made by a number of different vendors using Microsoft tools, according to the company.

"As far as our customers are concerned, this perception that [Microsoft's security rivals] put forth is inconsistent with what we hear; customers tell us that they see the integration we can provide as an advantage and having Microsoft best positioned to protect their environment as strategic," said Paul Bryan, director of product management for Security and Access Product Management at Microsoft. "Companies continue to see value in a defense in-depth strategy, and they see us as being in a good position to help protect infrastructure and even help bring together multivendor solutions in many respects."

Industry watchers said that Microsoft has a long way to go in developing its security products to compete head-to-head with the likes of Symantec and McAfee, but predicted that the company will continue to close the gap rapidly.

The arrival of Stirling will nicely augment the security products that Microsoft has on the market today, but there are areas where the company still lags far behind its largest rivals, said Natalie Lambert, analyst with Forrester Research.

"There are certainly different areas where [Microsoft] has holes, but they have made giant steps forward over the past year, and I think they will continue to keep pushing forward with their initiatives," Lambert said. "For instance, their client security portfolio is barely competent today, but they have aggressive plans to bring it up to the level of Symantec and McAfee, and they have accomplished a lot already in only the last year."

Microsoft also lacks any real host intrusion prevention, DLP, or data encryption tools, but it should be able to add those skills relatively quickly via acquisitions and continued development, the analyst said.

Symantec, McAfee, and their competitors in the security space may not need to worry about losing much of their core business to Microsoft today, but they must recognize that the company, while still behind, is gaining credibility fast.

"The stand-alones have a decade-plus of existing work to help them stay ahead, and in many cases they will, but for individual pieces of technology where [Microsoft is] good enough and positioned at an affordable price point with integration with rest of their environment, they're already having some success," she said.