Microsoft Launches Beta Of Forefront 'Stirling'

the first public beta

Stirling includes a security management console that interacts with Microsoft's Forefront products that secure the client, server, and network edge. These include Forefront Client Security, Forefront Security For Exchange Server, Forefront Security For SharePoint, and Internet Security and Acceleration Server (ISA).

Microsoft has also re-branded ISA as Forefront Threat Management Gateway, and added antivirus to the product to allow for threat scanning at the network edge, said Ryan Hamlin, general manager of Microsoft's Access and Security Division, in an interview at the RSA 2008 conference in San Francisco.

Microsoft created Stirling in response to the preponderance of point products that were raising cost of ownership and causing configuration hassles, particularly with applying security policies, according to Hamlin.

"Our goal with Stirling is an integrated client, server and network edge, all managed through a simple intuitive console," said Hamlin.

Sponsored post

With the Stirling public beta, Microsoft wants to focus on the underlying functionality and the management console, and not on the detailed protection features that it plans to add to Stirling in future versions, said Hamlin.

Microsoft plans to release a beta refresh of Stirling that will include "all the bells and whistles" before the end of the year, Hamlin said.

However, Hamlin did highlight Stirling's dynamic response capabilities, which use pre-configured policies to detect if a machine has been compromised and shuts it off from the rest of the network as well as the Internet, using NAP as the enforcement mechanism.

Although Stirling bears some similarities to SIM and SIEM, Hamlin says Stirling is more proactive and relies on policies that are set ahead of time.

"With SIM and SIEM, data has to get analyzed, some of the conclusions are automated, but it's really after the fact. But what we do is proactive and in the moment," said Hamlin.