Microsoft security maturing fast

One year ago, Microsoft was defending the quality of its products, battling with the world's largest security vendors over features in its next-generation platforms, and pitching the company's nascent promise as a provider of IT systems-defense tools at the annual RSA conference.

With the release of its Stirling security management platform at the ongoing RSA Conference 2008 in San Francisco on Tuesday, company officials and industry watchers contend that the software giant is rapidly proving itself a force to be reckoned with in the sector.

[For more coverage, see InfoWorld's special report on the RSA Conference 2008 ]

Vulnerability researchers may still mock Microsoft's overall security standing based on the availability of exploitable flaws in its flagship Windows and Office products, but the company's growing array of security tools is maturing quickly, and its burgeoning security business should be taken seriously by major rivals, including Symantec and McAfee, according to analysts.

The arrival of a Stirling beta -- a package of integration and management tools aimed at helping administrators gain firmer top-down control of their IT security infrastructure -- marks the first opportunity for companies to begin driving their systems defense strategy using Microsoft technologies, company executives said.

Rivals may contend that few businesses will be willing to trust Microsoft to provide their critical security infrastructure, but customers are singing a different tune, the experts maintain.

"We are hearing from customers that point products are no longer the answer; the lack of integration present in that model is feeding complexity, leading to additional vulnerabilities and driving cost of ownership further upward," said Doug Leland, general manager of Identity and Access at Microsoft. "These point products can't provide an end-to-end view on the state of IT environments and lead to a fundamental lack of [regulatory] compliance; we feel that our current set of solutions not only addresses these customer pain points, but also the weaknesses created by these silos of technologies."

Combined with its ID and access management tools, Forefront messaging systems defense products, and end-point anti-malware agents, among other products, Stirling will allow companies to manage a lion's share of their security infrastructure using Microsoft technologies, Leland maintains.

Customers may still need specialized products to deliver on strategies such as DLP (data loss prevention) and behavior monitoring, but businesses can rapidly simplify their security "stack" using Microsoft's stand-alone and integrated tools, he said.