Microsoft users sticking with third-party security vendors

News Analysis

Microsoft users sticking with third-party security vendors

Bill Brenner, Senior News Writer
Despite all the anxiety security vendors have expressed over Microsoft's foray into their territory, companies like Symantec and McAfee insist they will always have a place in Windows-based IT shops.
As the saying goes, security should be like an onion -- each layer should bring tears to [the attacker's] eyes.
Eric Case,
support systems analystUniversity of Arizona

IT professionals interviewed by SearchSecurity.com appear to agree, though they say security vendors ought to be worried about losing business to Microsoft, especially among consumers who lack the security savvy of enterprise IT administrators.

"Security vendors have a valid concern, as Microsoft is known as a convicted monopolist," said John Bambenek, a Champaign, Ill.-based security professional who volunteers as a handler at the Bethesda, Md.-based SANS Internet Storm Center (ISC). "Microsoft is nicely positioned to say it has this nice security suite and it could lead some to drop a McAfee or Symantec."

Microsoft is readying its next move on the security front with the final release its Forefront product line. Microsoft first unveiled plans for Forefront Client Security in the fall of 2005, and it made a trial version available a few months ago. The software is designed to protect desktop computers and servers from a variety of insidious code, including worms and viruses, rootkits and spyware.

During a presentation in the Netherlands last week, Microsoft CEO Steve Ballmer predicted the final release would be ready in the next month or so.

"We are introducing our Forefront line of products," he said during the presentation, the text of which is available on the Microsoft Web site. "Some of these products we've had in market for a while. Some were developed at Microsoft, some came to us through acquisition, but it really is for business customers a comprehensive line of products to help you protect information and secure access to your networks. It really does do hygiene, security [and] antivirus all the way down to the client level."

All the way with Microsoft security?
Some security pros said its unclear whether Microsoft's security solutions are comprehensive enough to start dropping their security vendors. Bambenek said dropping some of his security vendors depends on the particular tool. He's certainly not prepared to rely solely on Microsoft for his security.

"For virus scanning, I would probably run something non-Microsoft because their coding practices haven't been that great and it's why we have the problems we have now," he said.

Eric Case, support systems analyst for the University of Arizona's Department of Chemical and Environmental Engineering, said he wouldn't give up his third-party vendors because strong security requires layers of protection that can't be provided by just one source.

"As the saying goes, security should be like an onion -- each layer should bring tears to [the attacker's] eyes," Case said in an email exchange.

Microsoft security:
Microsoft shaking up security market: A new Forrester analysis says Microsoft is already gaining on the top security vendors, but the battle for security mindshare is just beginning.

Microsoft releases Vista APIs to security vendors: Microsoft released a draft set of programming interfaces allowing security vendors to develop software using the Windows kernel on 64-bit systems.

Case pointed to the gaming industry as an example of how things might shake out in the security market in the face of Microsoft's efforts.

"Microsoft does games and game consoles but the gaming industry is still alive and kicking," he said.

Peaceful co-existence is possible
Despite the misgivings some security vendors have expressed in recent months over Microsoft's activity on the Forefront and Vista fronts, Ballmer acknowledges that his company's moves won't spell the end of the security industry as we know it.

"Despite our entry into the security business and the management business, we continue to work very well with companies like Symantec, McAfee, HP, Computer Associates and IBM, [which] have their own line of security and management products," he said during last week's presentation. "We're going to be the best, but we're going to earn it, and many of you are also going to, for a variety of reasons, want to have a more heterogeneous environment, and we're going to work very well with those other vendors."

Security giants like Symantec Corp. and McAfee Inc. in particular have expressed anxiety over the Microsoft effect, one of the best examples being the recent spat over the PatchGuard feature designed to protect the Vista kernel. The vendors complained loudly that PatchGuard blocked kernel access that is necessary for them to produce products that will work with Vista.

But in interviews with SearchSecurity.com last week, both companies looked to a future where peaceful co-existence with Microsoft is possible.

"We worked with Microsoft throughout the Vista development and we see them as both a competitor and a partner," said Brian Foster, senior director of product management for Symantec's endpoint security group. "We are one of the biggest ISPs on Microsoft's platform, and they're one of our most important partners."

Rees Johnson, vice president of product management and system protection at McAfee, sees a similar picture.

"We've worked closely with them for more than a decade," he said of the software giant. "From an OS standpoint we have strong relationships over there and we will continue to cooperate."

As a recent example of that cooperation, he pointed to the PatchGuard issue that attracted so much media attention. Once Microsoft decided open the kernel to security vendors, he said, "We helped them identify the necessary APIs, and they gave us what we needed. It was a strong show of cooperation."

But while they want to keep working with Microsoft in those areas, both make it clear they're ready to compete with the software giant when it comes to security offerings.

"On the consumer side we're not seeing an impact from Microsoft," Foster said. "I expect we'll hang onto our share on the enterprise side as well. We have enough understanding of our customer needs that we will continue to do well."

He also insists that Microsoft won't meet current security needs with such offerings as Windows Live OneCare.

"OneCare is not doing well in comparative antivirus tests," he said. "They're coming to market with something that is insufficient, based only on signatures, and those signatures aren't very good."

Jury still out
While OneCare may not measure up to other antivirus products, Bambenek thinks it would be foolish for vendors to assume that most users will know or care about the difference. "For most small-to-medium businesses, providing the price is right and it works, they'll go with Microsoft," he said.

That, he said, may not be such a bad thing.

"If they integrate these tools into the OS for consumers, Microsoft is filling a gap that needs filling, because many consumers aren't investing anything in security," he said.


Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy