Microsoft to roll virus, spyware protection into one

Microsoft's much anticipated entry into the antivirus market is set to take a step forward Thursday with the unveiling of a new product for businesses called Microsoft Client Protection.

The software, which will be released in a beta version by year's end, will combine both antispyware and antivirus capabilities, the company said. It will be followed in 2006 by a beta version of a new antivirus product for Microsoft Exchange.

"What we're going to be announcing is a single integrated security solution for business customers that will provide protection against the latest spyware and virus threats," Scott Stanzel, senior product manager for Microsoft's security technology unit, said on Wednesday. "This client protection technology will be a solution that businesses can use, and it will offer them central manageability."

Client Protection will be built upon the GeCAD antivirus software that Microsoft acquired in 2003, as well as the Giant antispyware product that it picked up in late 2004, Stanzel said.

The software will have a different interface from the two earlier products that will allow business customers to better manage the security of networks of machines from a central point. "Microsoft Client Protection will have very rich reporting about your environment, reporting about what machines on your system are up to date, where you have weaknesses and where things need to be better secured," Stanzel said.

Microsoft is due to discuss the new product at a press event on Thursday in Munich, where Chief Executive Officer Steve Ballmer and Security Business and Technology Unit Vice President Mike Nash are scheduled to give an update on the company's security roadmap.

The new roadmap is expected to be light on details, however. According to Stanzel, the first version of Client Protection will be released later this year in "early beta," meaning that only select customers will be able to try out the software. Microsoft is still not saying when it expects to ship a follow-up version to this release, or when it expects to ship a final, commercial product.

Microsoft did have an update on its plans for the antispam and antivirus software that it picked up with its 2005 purchase of Sybari Software. In the first half of 2006, the company plans to release a new product based on this technology called Microsoft Antigen for Exchange. Again, the company had no details on when a final version is expected to ship.

So for the time being, customers wondering how to plan for Microsoft's corporate security products will just have to wait, said Michael Cherry a Windows analyst with research firm Directions on Microsoft Inc., who had been briefed on Thursday's announcements. "We still really don't know the timeframe for when they're going to be delivered," he said. "The big question in my mind is what is the real roadmap."

Ballmer is expected to address the company's security strategy at a very high level in Munich, and to broadly outline the ways Microsoft plans to secure its products. He is also expected to unveil a new security consortium, called the SecureIT Alliance, focused on developing security for the Microsoft platform.

The 30-company alliance, which will include vendors such as Verisign, Trend Micro, and Symantec, will work on security related developer programs, best practices, white papers and security product information, Stanzel said.

It is nearly four years now since Bill Gates issued his famous memo calling on his company to make to make "trustworthy computing" its highest priority. And although Microsoft may still be slow to patch known vulnerabilities, it is now an industry leader when it comes to security, some observers say.

The company is more responsive and more security-minded than many other software companies, said Marc Maiffret, chief hacking officer with eEye Digital Security Inc. "Not to say that Microsoft is perfect, but ... they definitely shine compared to the other guys out there," he said. "I think they're going down the right path. They're definitely improving security."

More information on the SecureIT Alliance can be found here http://www.secureitalliance.org

Microsoft did not disclose pricing on the Microsoft Client Protection or Microsoft Antigen products.