http://www.microsoft-watch.com/article2/0,1995,1549876,00.asp By Mary Jo Foley March 16, 2004 Company execs reiterate security roadmap; talk up forthcoming 'Security Summit' roadshow. If you lead customers to the security trough, will they drink? Microsoft seems convinced they will. And the company is pulling out all the stops to continue to educate its users, reasoning that a more educated customer base will be a more secure customer base. Mike Nash, corporate VP in charge of Microsoft's security business and technology unit, reiterated in a Web cast on Tuesday Microsoft's plans to continue to deliver security-assessment and vulnerability-analysis tools as part of its educational outreach. Nash also told Web cast participants that Microsoft will release for download on Wednesday, March 17, a new scripting capability for its Microsoft Baseline Security Analyzer 1.2, a product which performs scans of Windows systems for security misconfigurations. The new scripting tool will allow users to scan an unlimited number of computers or IP addresses from a single input file. Nash said Microsoft is sticking to its current security-product timetable. In the first half of this year, the company will roll out its Windows XP Service Pack 2 release. (A broad-scale beta of SP2 is expected imminently.) It also will deliver the final release of its Internet Security and Acceleration 2004 product before mid-year, Nash said. In the second half of this year, Microsoft will deliver its first service pack for Windows Server 2003; its Windows Update Services (formerly known as Software Update Services) 2.0 release; its Microsoft Update patch-catalog technology; and other, unnamed security "enhancements." Some time in the future — Nash did not specify any dates — Microsoft will deliver its Exchange Edge Services, Next Generation Secure Computing Base (formerly code-named "Palladium") and its Active Protection technologies, he said. Active Protection technologies take the XP SP2 security enhancements to "the next level," according to Microsoft officials. The company first outlined its plans for Active Protection at the RSA conference last month. The first of these technologies are expected to debut as part of the Longhorn Windows client, which is expected to ship in 2006. Active Protection describes three groups of technologies that Microsoft is devising to run across Windows desktops and servers. Dynamic-systems-protection technologies are those which will monitor changes in machine state, and will automatically open and shut ports to lock down systems. Behavioral-blocking technologies are those designed to limit the impact of worms and viruses by blocking risky user behaviors (like clicking on a .exe file sent via e-mail). And application-aware firewall and intrusion-prevention technologies will take the security settings in the existing Windows firewall a step further. Security Summit Roadshow Coming to a City Near You During Tuesday's Web cast, Nash reiterated the commitment made last fall by CEO Steve Ballmer to "reach, train and educate in security over 500,000 people within the next 12 months." Nash said Microsoft will achieve this goal by the end of calendar 2004. Microsoft is planning a two-month traveling "Security Summit" roadshow that will kick off April 6 in New York City. The summits offer in a day much of the same security content that Microsoft has made available over the past few months in its Web casts and online chats. Microsoft is offering Security Summit attendees a choice of a developer track or an IT Professional track. And all attendees will receive a free "Microsoft Security Guidance Kit," which is a DVD full of tools for assessing security and helping to mitigate existing and future security threats, according to the company. Different Microsoft executives are slated to keynote the summit in different cities. Among those on the docket, in addition to Nash: * Rick Devenuti, Corporate Vice President, Chief Information Officer * Scott Charney, Chief Trustworthy Computing Strategist * Richard Kaplan, Corporate Vice President, Content Development and Delivery Group * Brian Valentine, Senior Vice President, Windows Core Operating System Division * Tom Button, Corporate Vice President, Windows Client Product Management Group Division * Simon Witts, Corporate Vice President, Enterprise and Partner Group (This article includes content from the March 4, 2004, issue of the Microsoft Watch newsletter.) - ISN is currently hosted by Attrition.org To unsubscribe email majordomo@private with 'unsubscribe isn' in the BODY of the mail.
This archive was generated by hypermail 2b30 : Wed Mar 17 2004 - 02:15:31 PST