Microsoft has been trumpeting its message of security and urging its customers to patch their servers.
But Redmond sells only one pure security product -- its Internet Security and Acceleration Server
Microsoft's proxy firewall is used mainly as an application firewall and not necessarily to protect a network perimeter. Dr. Thomas W. Shinder, a consultant, author and editor of ISAServer.org, said that there are two main advantages of ISA Server 2004 over similar products.
First, it's relatively inexpensive and provides granular, user-based control over what they can access once inside of a VPN. ISA Server 2004 is integrated with Active Directory or any directory that is RADIUS compliant. "If you don't want to mortgage the house with a SSL VPN, ISA is the way to go," Shinder said.
It's also useful as a firewall in an Exchange environment in that it supports Outlook 2003's RTP over HTTP feature. "It can pre-authenticate clients using standard protocols and clients," Shinder said.
Microsoft's software-based firewall has a 10% market share compared with a similar software firewall made by Check Point Software Technologies Ltd., Redwood City, Calif. Check Point's product dominates the market with a 45% share, according to International Data Corp. (IDC), a market research and consulting firm.
There are numerous other products available, including those made by vendors known for their security software, such as Symantec Corp., Cupertino, Calif., and Secure Computing Corp., San Jose, Calif.
Charles Kolodgy, research director of security products at IDC, Framingham, Mass., said hardware appliances are a faster growing segment of the firewall market. Microsoft's advantage is that the company's firewall integrates well with its other servers, and its caching features make it faster than some of the other proxy-type firewalls available today.