Business users could face complex management challenges
to get the most out of the Windows XP Service Pack 2 update due for
release in July.
XP SP2 will, by default, switch on the Windows firewall, and
Microsoft is recommending that users configure the Windows Firewall
and use Active Directory to manage configurations of the firewall
across large numbers of desktop PCs.
David Overton, technical strategist at Microsoft, said, "Our
recommendation is to run [Windows] Firewall on all corporate
desktops. It makes sense to use group policy [in Active Directory
for managing the firewalls]."
Group policy uses Active Directory to roll out configurations
across the business based on an end-user’s role, application
requirements and level of authorisation.
However, research by analyst firm Meta Group has suggested that
some users have been reluctant to use Active Directory.
Rakesh Kumar, vice-president at Meta Group, said users looking
at a Windows migration should consider Active Directory, but
suggested it might not be appropriate if it is used simply to
manage a security infrastructure.
Gartner analysts Michael Silver and John Pescatore said, "Only
those organisations that are pure Windows XP, Active Directory,
group policy-driven enterprises will be able to depend on the
Windows Firewall completely."
For most businesses, Gartner predicted users would need to
install third-party personal firewalls on all desktop PCs.
What’s new in Windows XP SP2?
Windows XP SP2 is an 80Mbyte download which is due out in July.
It offers improvements to Windows security and easier patch
management
- Delta patches mean that users only download changes to patches.
Microsoft said this could make patches 80% smaller
- Not every patch will require a user to reboot their PC
- Windows Firewall will protect desktop PCs from rogue
applications
- Support for NX technology in AMD64 and Itanium 2 architecture
will reduce the risk of buffer overflow attacks.