Microsoft hits security milestone


Microsoft hits security milestone

Cliff Saran
Microsoft has issued release candidate 1 for Windows Server 2003 Service Pack 1 (SP1), the next milestone in its Trustworthy Computing initiative.

The service pack offers security improvements, including Security Configuration Wizard (SCW), which provides a role-based guide for administrators on how to reduce the risk of attacks.

"With SCW you can disable unused services easily and quick- ly, block unnecessary ports, modify registry values, and configure audit settings," said Microsoft.

Another security tool, VPN Quarantine, is designed to limit network access for machines on virtual private networks that do not have security updates. Microsoft has also improved monitoring in Internet Information Server, its web server software that runs on Windows 2003.

The functions enable administrators to monitor and audit Internet Information Services (IIS) configuration settings using an XML-based, hierarchical store of configuration information for IIS 6.0. This allows network administrators to see which user accessed the metabase in case it becomes corrupted, Microsoft said.

Post-Setup Security Updates is another improvement designed to block incoming traffic to newly installed servers until the latest patches to Windows Server 2003 are applied.

Graham Titterington, principal analyst at Ovum, said VPN Quarantine would give users a better way to secure their networks. "People did not have a technique to quarantine a network," he said. "It would have been a manual process." With VPN a device can be prevented from accessing certain parts of the network until it has been fully patched.

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy