Microsoft Security Division Spurs Debate


Microsoft's plan to intensify its security product development through a new business unit is drawing mixed reactions from the security industry.

Microsoft executives confirmed last month that the software giant recently formed a division to develop security products, starting with its ISA Server, which provides firewall protection and Web caching.

The security business unit won't focus on securing the operating system but rather on "developing products to help secure the environment the operating system is running in," said Lucian Lui, ISA Server product manager. The division does not yet have specific product plans, he said.

 
>> Microsoft's new security business unit will be responsible for 'infrastructure security solutions.'

 

A Microsoft spokeswoman said the division will be responsible for "infrastructure security solutions."

Jeff Johnson, vice president of managed services and business development at Vigilinx, a Parsippany, N.J.-based security firm, said he's heard that Microsoft's plans include better integration of authentication capabilities into its product lines and establishing antivirus protection in its .Net strategy. Those forays could make some security vendors nervous, he said.

"To have all their applications, operating systems, ISA . . . all tied to one security framework is a pretty compelling reason to go with Microsoft," Johnson said.

Some security vendors, however, don't see Microsoft's new division as a threat. "Customers are going to choose best-of-breed products and best-of-breed solutions for their environments," said George Samenuk, CEO and chairman of Santa Clara, Calif.-based Network Associates. "That's what we provide for our customers."

Samenuk lauded Microsoft's overall efforts to boost security in its products, as did Timothy McGurran, president and COO of Secure Computing, San Jose, Calif.

"It provides great awareness in the marketplace for security," McGurran said.

He added, "One of the challenges with security is it takes people who are very experienced in that area. Our roots go back 20 years to classified development for the [National Security Agency."

Tung Lam, senior network engineer at Burlingame, Calif.-based solution provider Xtelesis, pointed out that the majority of new worms or viruses are targeted at security holes in Microsoft products. After having studied spec sheets for ISA Server, he questions whether Microsoft can address both its current concerns and security issues for future products.

"There's going to be a proving ground for them to go through before they make a niche," Lam said.