Partners Brace For Challenging SP2 Deployment

Microsoft released Windows XP SP2 to OEMs last Friday and released the network installation version of SP2 on MSDN and the Microsoft Download Center on Monday. The consumer download will be available via Windows Update within days, according to a Microsoft spokesman.

Those updates mean that solution providers, system builders and IT managers now have at their disposal a more secure version of Windows desktop. But several solution providers say they are encountering application incompatibilities, system crashes and difficulties with the Windows Firewall that is now turned on by default.

With Windows Firewall turned on, many customers will run into problems with their file and print services and remote management applications and services, said Eric Schultze, chief security architect of Shavlik Technologies, a maker of patch management software, based in Roseville, Minn. Schultze said any service that remotely initiates a connection to the XP SP2 system might be interrupted.

"That has a far-reaching impact on all customers. It's going to be tricky," said Schultze. "It's the thing that will cause the longest delay in corporate adoption--how to roll out XP SP2 so the personal firewall doesn't break their current management scheme."

Sponsored post

For help dealing with SP2 remote firewall issues, Shavlik Technologies wrote a 28-page document that gives partners and customers prescriptive guidance on using the Active Directory and configuring a system for remote management.

One system builder said he is advising customers who enjoy gaming or other remote activities to turn off the firewall and take advantage of the update's other security benefits.

"Windows XP SP2 is huge, with great security and great stability, and we will certainly generate a lot of revenue," said Brian Bergin, president of Terabyte Computers, Boone, N.C. "But there's a royal pain caused by the poorly thought-out Windows Firewall being enabled on private LANs."

According to Bergin, the default setting forces the firewall on all SP2 users "even if the IP is a non-routable private IP behind another firewall." When that happens, said Bergin, the firewall plays havoc with file- and print-sharing capabilities as well as with remote services, such as Remote Desktop and pcAnywhere.

"Windows Firewall won't solve a lot of problems and will cost many small businesses a lot of money figuring out why their LAN is now broken after the upgrade to XP SP2," Bergin said. But he added, "We have it installed on several machines with no [problems] so far other than the expected firewall issue."

Of course, partners can turn off the Windows Firewall--but Bergin cautions that this can cause problems, too. "Unfortunately, the way Microsoft has [implemented its firewall], if you disable it the wrong way, it's disabled for all connections, even dial-up."

Solution providers are advised to plan well, back up data frequently, and wait for third-party software vendors and Microsoft to release patches as problems arise.

"Solution providers have to be pretty diligent in doing rollouts. It won't be just a quick little download and install," said Jeffrey Sherman, president of Warever Computing, Los Angeles. "You'll have to install and start testing every application that the client uses to make sure they still work. You'll have to expect the worst and be ready to start reinstalling things."

Sherman said Windows XP SP2 can cause system crashes. "Microsoft has a procedure for rolling it back, but I understand that the procedure also removes all other service packs as well," Sherman said. "It requires quite a bit of time to fix."

Bart Hammond, CEO of the Interlink Group, agreed that partners are bumping into incompatibilities with other applications.

"Not all applications currently running on an enterprise's desktop were coded for the default levels of protection," said Hammond. "We are recommending significant testing prior to general rollout, and we believe that organizations that do not have a proactive desktop management strategy should use this opportunity to roll one out."

One systems integrator said the security benefits of Windows XP SP2 are worth the pain, but he agreed it will be a challenging upgrade cycle.

"We know that a lot of things will break under SP2 and a lot of old bad code will need to be redone," said John Parkinson, chief technologist for the North American Region of Capgemini, Rosemont, Ill. "So we expect and are gearing up for a fair amount of emergency repair work between now and the first quarter of 2005."

Indeed, one solution provider noted that several clients' workstations would not launch after installing the final release candidate of Windows XP SP2. "We are advising our customers to think of SP2 like they would any 1.0 software--be prepared for anything," said "Norman Berg, CEO of NBI Computer Services, Bronx, N.Y.

Partners can expect to put out a lot of fires for clients that download the update without planning, another solution provider said.

"If corporate end users have automatic updates, but corporate IT types haven't set up their own software update service operation, we could see a lot of corporate bandwidth taking a hit [Tuesday] night and a lot of break-fix going on Wednesday, " said one solution provider who asked not to be named.

Still, most partners--even those who have run into problems--say the update is well worth the effort. "The improvements in security aside, SP2 also includes a better Wi-Fi management tool, and this is becoming more important as more mobile users are in the workforce," said Ken Winell, president of Econium, a Totowa, N.J.-based solution provider.

Roger Moffat, senior director of product marketing for ASAP Software, Buffalo Grove, Ill., which helps clients manage software assets, said he doesn't predict a sales jump because second service packs don't usually stimulate an upgrade cycle for Microsoft. Even so, he does expect this update to generate good business for Microsoft's resellers and PC builders.

"There's buzz out there about it," said Moffat. "This is the biggest and most significant OS upgrade before Longhorn, so the customer might view this as a major stepping stone."

One analyst predicted Windows XP SP2's problems will be fixed soon.

"It makes sense for Windows XP customers to install this service pack, even though there have been reports of some software incompatibilities, [such as with] Microsoft's own [CRM] software," said Michael Cherry, an analyst with the newsletter Directions on Microsoft, Kirkland, Wash. "Fixes for any of these incompatibilities should be available shortly, and the increased security makes this an important service pack."

BARBARA DARROW and DAN NEEL contributed to this article.