Microsoft unveils integrated security

'Stirling' package aimed at taking on rivals McAfee, Symantec

Microsoft shared details of its long-term security product strategy as part of its ongoing TechEd 2007 training conference on June 4, lifting the lid on plans to deliver an integrated suite of its software by mid-2009.

After leaping headlong into the security software market in 2007 with the launch of a range of products aimed at defending everything from endpoints to messaging servers, Microsoft officials said the company will soon seek to compete with the integrated security platforms currently offered by rivals including Symantec and McAfee.

[ Slideshow: Back to the future at TechEd ]

Built under the code-name Stirling, the package of security applications will include Microsoft's Antigen server anti-virus, anti-spam and content filtering technologies -- in the form of its Forefront Security for Exchange Server and Forefront Security for SharePoint products -- along with its Internet Security and Acceleration (ISA) Server software, Forefront Client Security desktop defense system, and network access control tools.

The system will also integrate elements of Microsoft's Systems Center IT management platform, company officials said.

By pulling the various security programs together under a single umbrella, Microsoft officials said they can help customers more easily achieve their goals of making IT infrastructure easier and cheaper to manage while providing improved protection through tighter product integration.

One of the most important aspects of Stirling -- which Microsoft plans to preview in 2007 and follow with a public beta version in 2008 before launching during the first half of 2009 -- is a centralized management and reporting console.

As part of the introduction of the Stirling roadmap, Microsoft also launched the beta 2 release of Forefront Server Security Management Console at TechEd. The product is touted as a centralized, Web-based management system for on-site or remote administration of its Forefront server security products.

The unified interface for security management in Stirling will allow IT administrators to share data between the various technologies included in the package and create analysis that offers a more comprehensive idea of their organization's overall security posture, the company said.

"Most companies are currently dealing with a variety of security management consoles that create a mess as each has a different way of applying security and most fail to provide a way for administrators to document and apply processes across various types of solutions," said Josue Fontanez, senior product manager for Forefront Client Security at Microsoft.

While Microsoft's existing security products are already designed to mesh tightly with each other out of the box, pulling the tools together in the factory will provide new opportunities for intelligence gathering across the systems and speed companies' response times when they are attacked, the vendor claims.

"Today, workers have to figure out how to translate all that information into configurations and protect everything themselves, which is a real challenge, and each application requires its own infrastructure for reporting and defining policies, so work tends to be replicated across operations," Fontanez said. "If a complex threat emerges today, there is still a lot of manual work necessary to mitigate the attack, and we feel we can greatly simplify that process by bringing these pieces together."

In addition to more comprehensive and centralized reporting, Stirling will also aim to help IT administrators simplify the process of creating and enforcing security policies and configurations. After creating the rules in the software's centralized management console, workers will be able to distribute the guidelines throughout their network and client systems, Microsoft said.

Another significant piece of the puzzle will be Stirling's tight integration with NAP, Microsoft's flavor of network access control, which aims to help organizations better identify machines as they log onto their networks and test the devices' security settings before granting them entry.

Already present in Microsoft's Windows Vista operating system, NAP will also be integrated into the company's Windows Server 2008 package, code-named Longhorn, which is due to ship to manufacturers some time before the end of 2007.

Industry watchers observed that it will take Microsoft several years to get all the different elements of the Stirling package to work closely together but noted that Redmond has delivered on its promises thus far in terms of delivering its security products on schedule.

Chris Christiansen, analyst with IDC, said that Microsoft understands that it still not perceived as a leader in the security space, where players like Symantec and McAfee have been marketing similar packages of integrated products for years.

Adoption of its rivals' integrated platforms, however, remains nascent, giving the software giant time to get its unified applications package together, he said.

"The scary part about Microsoft for these companies is that when they say they'll do something with security, they've done it right," Christiansen said. "IT organizations still tend to be fairly segmented with responsibilities broken down between numerous departments and environments; the idea of everyone understanding their roles and working together is a wonderful idea, but it is still taking time for customers to get there."

Companies are also working to blend security, storage, and networking capabilities, but the efforts remain in the early stages for all but the most forward enterprise companies, he added.

The analyst said that it will still take another four-to-five years for most enterprise companies to begin looking at security in a truly integrated fashion with SMBs adopting the approach faster to help control costs.

Christiansen explained that the integration with NAP and Microsoft's existing interoperability relationship with Cisco System's NAC technology could also be appealing to customers as they seek to prevent virus outbreaks and increase control over endpoint devices.

If Microsoft can deliver Stirling as promised and on schedule, he said that the company should be able to close the lead that Symantec and McAfee have established by already having their integrated products to market.

"Microsoft has a chance to do [integrated security] well within their environment, especially as you move out of the enterprise to the mid-tier where skills and budgets are lower and the desire to work heavily on security issues deceases," Christiansen said. "[Stirling] should also appeal to managed security services providers and large companies with a lot of smaller divisions, and Microsoft will add new products and services into the mix as they are introduced."

Recommended
Join the discussion
Be the first to comment on this article. Our Commenting Policies