Despite all the anxiety security vendors have expressed over
Microsoft's foray into their territory,
companies like
Symantec and
McAfee insist they will always have a place in Windows-based IT
shops.
 | | | | | As the saying goes, security
should be like an onion -- each layer should bring tears to [the
attacker's] eyes.
Eric Case,
support systems analystUniversity of
Arizona |
| | | | | |
| |
|
IT professionals interviewed by SearchSecurity.com appear to
agree, though they say security vendors ought to be worried about
losing business to Microsoft, especially among consumers who lack
the security savvy of enterprise IT administrators.
"Security vendors have a valid concern, as Microsoft is known as
a convicted monopolist," said John Bambenek, a Champaign,
Ill.-based security professional who volunteers as a handler at the
Bethesda, Md.-based SANS Internet Storm Center (ISC). "Microsoft is
nicely positioned to say it has this nice security suite and it
could lead some to drop a McAfee or Symantec."
Microsoft is readying its next move on the security front with
the final release its Forefront product line. Microsoft first
unveiled plans for Forefront Client Security in the fall of 2005,
and it made a trial version available a few months ago. The
software is designed to protect desktop computers and servers from
a variety of insidious code, including worms and viruses, rootkits
and spyware.
During a presentation in the Netherlands last week,
Microsoft CEO Steve Ballmer predicted the
final release would be ready in the next month or so.
"We are introducing our Forefront line of products," he said
during the presentation, the text of which is available on the
Microsoft Web site. "Some of these products
we've had in market for a while. Some were developed at
Microsoft, some came to us through acquisition, but it really is
for business customers a comprehensive line of products to help
you protect information and secure access to your networks. It
really does do hygiene, security [and] antivirus all the way
down to the client level."
All the way with Microsoft security?
Some security pros said its unclear whether Microsoft's security
solutions are comprehensive enough to start dropping their security
vendors. Bambenek said dropping some of his security vendors
depends on the particular tool. He's certainly not prepared to rely
solely on Microsoft for his security.
"For virus scanning, I would probably run something
non-Microsoft because their coding practices haven't been that
great and it's why we have the problems we have now," he said.
Eric Case, support systems analyst for the University of
Arizona's Department of Chemical and Environmental Engineering,
said he wouldn't give up his third-party vendors because strong
security requires layers of protection that can't be provided by
just one source.
"As the saying goes, security should be like an onion -- each
layer should bring tears to [the attacker's] eyes," Case said in an
email exchange.
Case pointed to the gaming industry as an example of how things
might shake out in the security market in the face of Microsoft's
efforts.
"Microsoft does games and game consoles but the gaming industry
is still alive and kicking," he said.
Peaceful co-existence is possible
Despite the misgivings some security vendors have expressed in
recent months over Microsoft's activity on the Forefront and Vista
fronts, Ballmer acknowledges that his company's moves won't spell
the end of the security industry as we know it.
"Despite our entry into the security business and the management
business, we continue to work very well with companies like
Symantec, McAfee, HP, Computer Associates and IBM, [which] have
their own line of security and management products," he said during
last week's presentation. "We're going to be the best, but we're
going to earn it, and many of you are also going to, for a variety
of reasons, want to have a more heterogeneous environment, and
we're going to work very well with those other vendors."
Security giants like Symantec Corp. and McAfee Inc. in
particular have expressed anxiety over the Microsoft effect, one of
the best examples being the recent
spat over the PatchGuard feature designed to
protect the Vista kernel. The vendors complained loudly that
PatchGuard blocked kernel access that is necessary for them to
produce products that will work with Vista.
But in interviews with SearchSecurity.com last week, both
companies looked to a future where peaceful co-existence with
Microsoft is possible.
"We worked with Microsoft throughout the Vista development and
we see them as both a competitor and a partner," said Brian Foster,
senior director of product management for Symantec's endpoint
security group. "We are one of the biggest ISPs on Microsoft's
platform, and they're one of our most important partners."
Rees Johnson, vice president of product management and system
protection at McAfee, sees a similar picture.
"We've worked closely with them for more than a decade," he said
of the software giant. "From an OS standpoint we have strong
relationships over there and we will continue to cooperate."
As a recent example of that cooperation, he pointed to the
PatchGuard issue that attracted so much media attention. Once
Microsoft decided open the kernel to security vendors, he said, "We
helped them identify the necessary APIs, and they gave us what we
needed. It was a strong show of cooperation."
But while they want to keep working with Microsoft in those
areas, both make it clear they're ready to compete with the
software giant when it comes to security offerings.
"On the consumer side we're not seeing an impact from
Microsoft," Foster said. "I expect we'll hang onto our share on the
enterprise side as well. We have enough understanding of our
customer needs that we will continue to do well."
He also insists that Microsoft won't meet current security needs
with such offerings as Windows Live OneCare.
"OneCare is not doing well in comparative antivirus tests," he
said. "They're coming to market with something that is
insufficient, based only on signatures, and those signatures aren't
very good."
Jury still out
While OneCare may not measure up to other antivirus products,
Bambenek thinks it would be foolish for vendors to assume that most
users will know or care about the difference. "For most
small-to-medium businesses, providing the price is right and it
works, they'll go with Microsoft," he said.
That, he said, may not be such a bad thing.
"If they integrate these tools into the OS for consumers,
Microsoft is filling a gap that needs filling, because many
consumers aren't investing anything in security," he said.