Gates outlined a security strategy that focuses on the evolving nature of technology, the growing need for a security policy and Microsoft's greater commitment to work with new partners and even old rivals to develop innovative products and services. As part of the company's vision for secure and easy "anywhere access," these new products should include "who should connect with whom and some trustworthy proof of who those two end points are," Gates said.
Available in May, Microsoft's Identity Lifecycle Manager 2007 is said to help IT administrators manage employee identities throughout their tenure with the company. The product takes the company's meta directory and user provisioning technologies and adds support for managing identity credentials like certificates and smart cards. A second version will be ready in late 2008, according to company officials.
Microsoft's Identity Lifecycle Manager announcement was one of several during the RSA Conference that included a collaboration of Windows CardSpace with the OpenID 2.0 specification for secure online transactions. Other Microsoft announcements at the RSA Conference included:
The release of a public beta of the new Forefront Server Security Management Console, which is a centralized Web-based management tool for onsite or remote administration of Microsoft messaging and collaboration security.
Enabled support for Extended Validation SSL Certificates in Internet Explorer 7, which helps users provide identity certification by supporting EV SSL certificates. Twelve certificate authorities are already issuing EV SSL certificates.
The addition of four new data providers to the Microsoft Phishing Filter service, which includes anti-phishing feeds from a number of data sources.
Two users at the conference who have been working on security issues for the federal government said they were pleased to hear about the new products and the ongoing commitment the company has to working with others to improve security.
IPv 6 security was an area in the Gates keynote that piqued the interest of John Pearce, a network security engineer at Booz Allen Hamilton Inc., a consulting company based in McLean, Va.
"I think how [Microsoft] tied it in with identity [management] and access management is going to let organizations leverage both of those," Pearce said.
Mohammad Khattak, a network security engineer also at Booz Allen Hamilton, said he sees that many forces are coming together to improve security. "I think the convergence of the network and appliance layers with entitlements, security and PKI is really the highlight of this keynote," Khattak said. PKI is public key infrastructure incorporating technology that acts as a trusted third party to confirm a user's identity.
"Microsoft has been advancing application integration and security at all levels, which are good things as new computing platforms are rolled out across organizations, government and academia," he said.
Dana Brundage contributed to this report.