Channel News and Analysis - Channel Insider
Empowering the next generation Channel
 

Bull’s Eye Awards
Nominations Open for Channel Insider 2009 Bull’s Eye Awards
Nominations are now open for the Channel Insider 2009 Bull’s Eye Awards, which recognize excellence in customer service, technology prowess, business acumen, channel leadership, communications and community building, and innovation among vendors, solution providers, distributors and channel services companies.



Sponsored Links
  • Control VM Sprawl, What You Don’t Know Can Hurt You
  • FREE Sophos Encryption Tool: Encrypt, compress and share files easily
  • LSI 6Gb/s Portfolio Expands to Include SATA+SAS HBAs
  • Reduce the cost of managing your mobile workers.
  • Find out 7 Ways to Drive Data Center Efficiency
  • SonicWALL breaks through network and email gridlock
  • Save up to 40% on calling costs with Avaya Aura™



    		•  

    Microsoft's SP1 for Server 2003 Packs a Security Punch

    in Channel News and Analysis
    DATE: 2004-06-14 | By Dennis Fisher


    Article Rating:starstarstarstarstar / 0
    Article Views: 720

    Rate This Article:
    Poor Best
    Add This Article To:
    The company says its set of upgrades for Windows Server 2003, due to be included in Service Pack 1, will make its products more secure by default and give enterprises more options for locking down servers.

    Microsoft is working on a set of security upgrades for Windows Server 2003 that executives said will deliver on the company's promise to make its products more secure by default and give enterprises more options for locking down servers.

    The security capabilities for the company's flagship server operating system are due to be included in Service Pack 1, which is scheduled for release late this year.

    Microsoft Corp. historically has used service packs to fix minor bugs and introduce new features.

    But as the company's focus on security has become more pervasive throughout the development process, Microsoft has begun using the updates to integrate more security capabilities.

    The biggest addition due in SP1 is a technology called server roles that can automatically set up security procedures based on server use.

    With templates that define settings for servers, Windows will be able to lock down Web, mail and FTP servers and other boxes, said officials.

    For example, if an administrator is setting up a Windows Server 2003 machine as a mail server, the system could automatically close port 80 and turn off IIS (Internet Information Services) to deny Web traffic and open port 25 to SMTP connections.

    If the organization needs to change the box into a Web server, the change can be made quickly, and the system can apply the recommended settings for locking down the IIS server.

    Resource Library:

    For insights on security coverage around the Web, check out eWEEK.com Security Center Editor Larry Seltzer's Weblog.

    Microsoft seeks to make it easier for those without substantial security knowledge to secure Windows environments, officials said.

    "The number of people who can manage security well is fairly small. We could spend a lot of time training systems administrators on this, but we can do it automatically," said Scott Charney, chief security strategist at Microsoft, in Redmond, Wash.

    Next Page: Extending functionality to enterprises that haven't migrated.

    In addition to finalizing the new security features in SP1, Microsoft has been working with customers to find ways to extend some of the functionality to enterprises that haven't yet migrated to Windows Server 2003.

    One idea gaining ground inside the company is the use of virtual machines to set up separate compartments running Windows 2000, or even Windows NT 4.0, and Windows Server 2003 on a single server.

    In this scenario, an administrator could run particularly sensitive applications in the Windows Server 2003 environment while continuing to run applications in the other partition.

    Server roles and virtual machines receive a warm reception from some users, many of whom have yet to get Windows Server 2003 after spending numerous hours locking down their servers.

    "This all sounds very positive, and I think all of it will be useful," said Patrick Flanagan, network administrator at Phoenix-based CFS Mortgage Corp. "I'm particularly in favor of the backward-compatibility features for 2000 and NT, given that a lot of us won't be upgrading any time soon."

    Read more here about the security updates on tap for Server 2003.

    Microsoft officials said they are still deciding what other security functionality will make it into SP1. The most likely candidate is the company's ACI (advanced client inspection) technology, Microsoft's Charney said.

    This system allows the server to check the security configuration and overall health of any PC that connects to a network and deny it access if it doesn't meet the existing corporate policies, he said.

    "Even if we build resilient products, they have to be managed well," Charney said. He said Microsoft is considering adding a feature to the Windows client that would automatically download and install updated drivers for third-party devices and applications.

    By analyzing customer data provided after system failures, Microsoft officials said they have found that conflicts with outdated drivers cause most of the crashes on Windows machines.

    Check out eWEEK.com's Security Center at http://security.eweek.com for the latest security news, reviews and analysis.

    Be sure to add our eWEEK.com developer and Web services news feed to your RSS newsreader or My Yahoo page



    Discuss Microsoft's SP1 for Server 2003 Packs a Security Punch
     
    >>> Be the FIRST to comment on this article!
     

     
     
    >>> More Channel News and Analysis Articles          >>> More By Dennis Fisher
     



    		 

    Related Content

    Articles Labs/How-To Multimedia


    [ci] feeds
    XML
    Add Channel News, Product Reviews, Trends and Analysis to your RSS newsreader or My Yahoo!

    HTML PLAIN TEXT

    Keep on top of news for VARs and Resellers with CI's Weekly Newsletter and Alerts.

     

    CHANNEL RESOURCE CENTER
     
     
    Enterprise Mobility Zone
    The Enterprise Mobility Zone (EMZ) blog is a tool designed to help senior IT executives discuss, create and deploy next-generation mobile strategies in their organizations.
    Go beyond yesterday's tactical approach to mobility!
     
    Build A More Efficient Data Center
    Demands are growing but budgets are not. Solve your pressing IT issues using the resources you already have. Determine which technologies can help you drive efficiencies and how they are applied. Gain a quick ROI on new initiatives
    Find out how
    Let Enterprise TechBrief do the work for you. Aggregated content, tech news, product reviews, vendor updates, how-to’s—all you need to boost your efficiencies and cut costs, all from one place.
    enterprisetechbrief.com