At the RSA security conference in February 2004, Microsoft disclosed some plans for its next-generation desktop...
that may put a dent into third-party security software company revenues—namely, plans to beef up security software components and configuration capabilities. For those who don't already know, Longhorn is the code name for the forthcoming desktop version of Windows. It's slated for public release in 2006, but alpha versions started to circulate as early as October 2003 for developers (and the same build is now available to members of the Microsoft Developer Network, or MSDN).
Items of interest mentioned at the February conference included:
- A Next-Generation Secure Computing Base (NGSCB, formerly known by code name, Palladium), that works with a special hardware component called the Trusted Platform Model chip to offload cryptographic processing, and to securely store digital keys and hashes. It also supports a special form of operation, called nexus mode, wherein application processes run in isolated, separated memory areas to prevent unauthorized access, interference or alteration.
- Active Protection Technologies, that work like behavior-based antivirus products or TripWire-like monitors to look for known malicious behaviors and stymie software that exhibits unwanted or untoward patterns of activity.
- Dynamic System Protection, which keeps track of security patches and updates, and manages the Windows firewall to protect systems from the potentially adverse effects of missing patches. This facility can also change security settings to react to the network connection it's using, to reset security to accommodate a connection from behind a corporate firewall, a security/broadband network appliance or a dial-up connection as needed.
Add these capabilities to components already included or on their way—which currently include a working Internet Connection Firewall (ICF) and planned antivirus screening (in the wake of the company's 2003 technology acquisition from Romanian company GeCAD)—and you've got an interesting mix of capabilities in Longhorn. It will be interesting to see if third-party vendors like Symantec, McAffee and others will use these capabilities to their benefit as they've done in the past, or if Microsoft will whittle away at their market share. For now, with about two years still to go before Longhorn's public release, only time will tell.
For more information on Longhorn security features, see:
- Edmund X. DeJesus "MS to duplicate 3rd-party security apps in Longhorn"
- Pedro Hernandez "Longhorn Security in the Spotlight"
- Ryan Naraine "Thumbs Up for Longhorn Security Lockdown"
Tom Lancaster, CCIE# 8829 CNX# 1105, is a consultant with 15 years experience in the networking industry, and co-author of several books on networking, most recently, CCSPTM: Secure PIX and Secure VPN Study Guide published by Sybex.