Skip navigation

Windows IT Pro UPDATE--Security or Else--February 22, 2005

Subscribe to Windows IT Pro:


Make sure your copy of Windows IT Pro UPDATE doesn't get mistakenly blocked by antispam software! Be sure to add [email protected] to your list of allowed senders and contacts.

This email newsletter comes to you free and is supported by the following advertisers, which offer products and services in which you might be interested. Please take a moment to visit these advertiser's Web sites and show your support for Windows IT Pro UPDATE.

Download a Tool that will Benefit any Sys Admin

Shed light on your Active Directory! Get a free flashlight.


1. Commentary
- Security or Else

2. Hot Off the Press
- Intel Ships 64-Bit Pentium 4 Chips

3. Keeping Up with Windows
- Upgrading Windows 2000 to SBS 2003

4. Peer to Peer
- Featured Chat: Group Policy Troubleshooting
- Tip: How can a client computer determine which site it belongs to?

5. New and Improved
- Track Network Assets

==== Sponsor: Download a Tool that will Benefit any Sys Admin ====

Are you searching for an affordable real-time monitoring toolset that will support your proactive system management objectives? Start NOW and download ELM Enterprise Manger from TNT Software. Within an hour, you will experience for yourself why ELM is recognized as the tool that will benefit any System Administrator. Before the 30 Day full feature trial is completed, the Monitoring, Alerting and Reporting will have saved you time and provided you the data for prompt corrective action. Be Proactive; and download ELM Enterprise Manager from the link below:


==== 1. Commentary: Security or Else ====
by Paul Thurrott, News Editor, [email protected]

Security or Else
Last week at the RSA Conference 2005 in San Francisco, Microsoft Chairman and Chief Software Architect Bill Gates revealed much of his company's security-oriented plans for the year. The relevant bits for Windows IT Pro UPDATE readers include the oft-delayed Microsoft Internet Security and Acceleration (ISA) Server 2004 Enterprise Edition, new antivirus and antispyware solutions, and, surprisingly, a major new version of Microsoft Internet Explorer (IE) that will include pervasive new security features. This week, I take a look at what Gates said--and didn't say--and wonder aloud again about whether charging customers for security is in Microsoft's--or its customers--best interests.

ISA Server 2004 Enterprise Edition
Last July, Microsoft released ISA Server 2004, the latest version of its application-level firewall and Web cache server. However, only the standard edition of ISA Server 2004 shipped last year. Since then, large corporations have been waiting for the more advanced enterprise edition. This version, which is now finally available, adds several high-end features. Chief among these features are the high-availability technology called Cache Array Routing Protocol (CARP)-based Web caching and an enhanced version of Windows Network Load Balancing (NLB) that adds support for bidirectional affinity for all Internet protocols, according to Microsoft. During his RSA keynote, Gates highlighted ISA Server 2004 Enterprise Edition's new support for Active Directory Application Mode (ADAM), which lets you replicate firewall policy across Active Directory (AD).

Microsoft Antivirus
According to Gates, 88 percent of all virus-based attacks enter corporations through email. To help combat these attacks, Microsoft is working on "the ultimate mail virus protection," but sadly, that's about as specific as he got, which I found troubling. We do know that Microsoft's eventual antivirus solution will ship in a managed, enterprise version and will be based on Sybari Software's well-regarded antivirus engine technology, which lets you plug in antivirus engines from many third parties. Microsoft, of course, will supply its own engine, which is based on GeCAD Software technology. The product is expected to ship in late 2005.

Microsoft AntiSpyware
Gates surprised onlookers by announcing that Microsoft would provide consumers with Microsoft Windows AntiSpyware for free. However, corporate customers won't be surprised to discover that the managed version will be sold as a subscription offering by late 2005. Based on the antispyware technology it purchased from GIANT Company Software in late 2004, Windows AntiSpyware is, in fact, the highest rated antispyware solution currently available for desktops. However, a problem exists with all today's antispyware applications: None can stop all spyware threats, and therefore consumers are advised to use two antispyware solutions in tandem to get the best protection (I use Windows AntiSpyware and Webroot Software's Spy Sweeper, the latter of which is rated the number-two solution). However, it would be better to fix the spyware problem at the source. But that brings us nicely to ...

IE 7.0
The biggest security hole in any Windows system is IE. Although Microsoft made many important improvements to IE in Windows XP Service Pack 2 (SP2), the product is still a conduit for spyware and other malicious software (malware), phishing probes, and numerous other electronic attacks. Microsoft is going to attack the problem at the source: Rather than wait for the release of Longhorn in 2006, which was the original plan, Microsoft will ship IE 7.0 in late 2005. At least two public betas will ship around midyear. As with SP2, IE 7.0 will include sweeping security fixes and, possibly, heavily requested features such as tabbed browsing.

There's a catch, however. IE 7.0 will be made available only to XP SP2 users. That's right. Customers still using earlier XP versions, Windows 2000, or Windows 9x are out of luck. This kind of forced upgrade in the name of security is dangerous, in my opinion. Although I agree that XP SP2 includes low-level security features that aren't present in other OS versions and would be difficult or time consuming to add, forcing customers to upgrade an OS--with all the inherent time, difficulty, and cost associated with such an effort--is problematic.

The Big Picture: Microsoft Security
And that brings us to the big picture. Microsoft, at its heart, is a product company, and the aforementioned security-oriented products satisfy the company's need to line up technology in neatly packaged containers it can sell. But charging customers to fix problems caused by the inherent insecurity in the products they already purchased seems a bit unethical. Sure, many security problems can be blamed on misconfiguration and human error, but if Microsoft's products are faulty, the company should fix them for free, especially while the company is still actively supporting them. Specifically, instead of selling antivirus and antispyware solutions, Microsoft should make Windows more resilient to these kinds of attacks. And existing customers should get that functionality in a service pack. Email, database, and real-time communication are all value-added services that Microsoft can and should charge for. Security? No way.


==== Sponsor: Shed light on your Active Directory! Get a free flashlight ====
Are you in the dark when it comes to finding and fixing problems in Active Directory? Quest Spotlight on Active Directory is the perfect solution for troubleshooting and resolving AD replication, performance and availability issues. Spotlight simplifies problem diagnosis with an easy-to-understand topology viewer that displays the entire AD infrastructure, allowing quick identification and resolution of problems. Download Spotlight on Active Directory and complete a short survey to receive a free flashlight.


==== 2. Hot Off the Press ====
by Paul Thurrott, [email protected]

Intel Ships 64-Bit Pentium 4 Chips
Yesterday, microprocessor giant Intel finally introduced its line of x64-compatible Pentium 4 chips, ushering in an era of mainstream 64-bit computing. The Pentium 4 6xx series chips run at clock speeds of 3.2GHz to 3.6GHz, use a large 2MB L2 cache, and offer compatibility with the x64 platform that AMD first pioneered. The only thing missing now is an x64-based OS, and Microsoft is set to release Windows XP Professional x64 Edition within the next several weeks. To read the entire article, visit the following URL:

==== 3. Keeping Up with Windows ====
by Paula Sharick, [email protected]

Upgrading Windows 2000 to SBS 2003
Now that the demise of Windows 2000 is imminent---Microsoft is dropping support for this platform as of June this year--it's time to evaluate upgrade options. Dropping support means that the company will offer no more service packs, no security updates, or no telephone support unless you sign an extended support contract. I expect many small and midsized businesses are still happily coexisting with Win2K servers and workstations, but all good things come to an end, so it's time to budget for new servers and workstations and start planning an upgrade. You can read the rest of the article at the following URL:

==== Events and Resources ====
(from Windows IT Pro and its partners)

Minimize the Likelihood of Downtime in Your Exchange Implementation.
In this free, on-demand Web seminar, discover how to ensure continuous Exchange application availability. Learn how to take preemptive, corrective action without resorting to a full system failover. Or in extreme cases, discover solutions that perform a graceful, automatic switchover to a secondary server, ensuring continuous Exchange application availability. View the archive today!

Get Essential Security Tips in This Free eBook
Knowing where to find answers fast to secure your systems against attack can often mean the difference between shutting the door to various threats (e.g., malware, viruses, Trojans) and declaring defeat. This free eBook provides you with quick answers to help you make the most of your security. Get the entire eBook and start securing your systems!

FOSE, April 5 – 7, 2005
FOSE - the most comprehensive technology event serving the government marketplace. FOSE provides more value through expanded educational programs; more exhibits; more solutions via best practices and demonstrations; informative keynotes speeches; and networking opportunities. FOSE is *FREE* for government & military personnel. For details, visit:

Infosecurity Europe 2005
Infosecurity Europe is Europe's number one, dedicated Information Security event held on the 26th – 28th April 2005, Grand Hall, Olympia. Now in its 10th year, the event continues to provide an unrivalled education programme, new products & services, exhibitors and visitors from every segment of the industry. To register for FREE please visit:

Get Ready for SQL Server 2005 Roadshow in a City Near You
Get the facts about migrating to SQL Server 2005. SQL Server experts will present real-world information about administration, development, and business intelligence to help you implement a best-practices migration to SQL Server 2005 and improve your database computing environment. Receive a 1-year membership to PASS and 1-year subscription to SQL Server Magazine. Register now!

~~~~ Hot Release: (Advertisement) Symantec ~~~~

Symantec LiveState Recovery
Symantec LiveState Recovery Advanced Server is a system and data recovery solution that allows organizations to perform a full system restoration, a bare metal server recovery or restore individual files/folders in minutes. With this disk-based backup solution, capture the server's entire live state without disrupting server accessibility.

==== Instant Poll ====

Results of Previous Poll:
The voting has closed in Windows IT Pro's nonscientific Instant Poll for the question, "Do you plan to evaluate Windows Server 2003 Service Pack 1 (SP1) by downloading the Release Candidate 2 (RC2) version?" Here are the results from the 132 votes:
- 15% Yes, we've already downloaded and begun testing RC2
- 8% Yes, we plan to download and test RC2 soon
- 70% No, we'll wait for the final version
- 7% I don't know

New Instant Poll:
The next Instant Poll question is, "Which client OS does your organization use?" Go to the Windows IT Pro home page and submit your vote for a) Windows XP Service Pack 2 (SP2), b) XP SP1 or earlier, c) Windows 2000, d) Windows 9x, or e) Other.

==== 4. Peer to Peer ====

Featured Chat: Group Policy Troubleshooting

Join a Windows IT Pro Chat About Group Policy Troubleshooting
On February 24 at 12:00 p.m. EST, chat with Darren Mar-Elia and get answers to your Group Policy troubleshooting questions. You can log into the chat 15 minutes before it starts. To access the chat on February 24, go to the following URL:

Tip: How can a client computer determine which site it belongs to?
by John Savill,

Find the answer at the following URL:

==== Announcements ====
(A complete Web and live events directory brought to you by Windows IT Pro: )

Try a Sample Issue of Exchange & Outlook Administrator!
If you haven't seen Exchange & Outlook Administrator, you're missing out on key information to help you migrate, optimize, administer, backup, recover, and secure Exchange and Outlook. Plus, paid subscribers receive exclusive online library access to every article we've ever published. Order now!

Nominate Yourself or a Friend for the MCP Hall of Fame
Are you a top-notch MCP who deserves to be a part of the first-ever MCP Hall of Fame? Get the fame you deserve by nominating yourself or a peer to become a part of this influential community of certified professionals. You could win a VIP trip to Microsoft and other valuable prizes. Enter now--it's easy:

==== 5. New and Improved ====
by Angie Brew, [email protected]

Track Network Assets
MIS Utilities released Network Asset Tracker 2.7, an asset-tracking solution. The program lets administrators remotely obtain information about OSs, service packs, hotfixes, hardware, software, and processes currently running on PCs. Network Asset Tracker can create reports with one click and can export reports in HTML, XML, Microsoft Excel, Microsoft Visio XML Drawing, or RTF formats. The product features a built-in scheduler. Network Asset Tracker starts at $99 for 10 computers. Contact MIS Utilities at [email protected].

Tell Us About a Hot Product and Get a T-Shirt!
Have you used a product that changed your IT experience by saving you time or easing your daily burden? Tell us about the product, and we'll send you a T-shirt if we write about the product in a future Windows IT Pro What's Hot column. Send your product suggestions with information about how the product has helped you to mailto:[email protected].

==== Sponsored Links ====

Quest Software
See Active Directory in a whole new light. And get a free flashlight!;13695556;8214395;t?

Automate Patch Management with Symantec ON iPatch

DynaComm i:scan from FutureSoft
True Enterprise anti-spyware, network-wide from a central console

==== Contact Us ====

About the newsletter -- [email protected] About technical questions -- About product news -- [email protected] About your subscription -- [email protected] About sponsoring UPDATE -- [email protected]


This email newsletter is brought to you by Windows IT Pro, the leading publication for IT professionals deploying Windows and related technologies. Subscribe today!

View the Windows IT Pro Privacy policy at Windows IT Pro is a division of Penton Media, Inc. 221 East 29th Street, Loveland, CO 80538, Attention: Customer Service Department Copyright 2005, Penton Media, Inc. All Rights Reserved.

TAGS: Security
Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.