September 18, 2006 11:37 AM PDT

Cisco exec: Windows Vista is scary

Related Stories

Piecing together Windows Vista

November 8, 2006

Vista's European battleground

September 18, 2006

Chills at Microsoft's security huddle

July 24, 2006

Allchin: Buy Vista for the security

January 27, 2006
LONDON--Bob Gleichauf, the chief technology officer in Cisco Systems' security technology group, has raised concerns that integrating Vista into a complex IT infrastructure could present problems.

"Parts of Vista scare me," Gleichauf said at the Gartner Security Summit here on Monday. "Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."

Gleichauf told CNET's sister site ZDNet UK that Cisco views the Microsoft operating system update, set for broad release in January, as a bearer of possible solutions to security problems, but also as a potential trigger of security issues.

related news
Vista's European battleground
Microsoft and regulators are at odds over security features.

"Vista will solve a lot of problems. But for every action, there's a reaction and unforeseen side-effects and mutations. Networks can become more brittle unintentionally," Gleichauf said.

The Cisco executive's remarks come as Microsoft and the European Commission move deeper into a tug-of-war over security features in Vista. The company wants regulators to set clear guidelines as to what it can include in the operating system, but the Commission will say only that Microsoft must abide by its competition rules.

Systems complexity needs to be taken into consideration in any action plan for Vista implementation, he added.

"If you're embracing Vista, it's not going to be 100 percent initially. It's going to create more heterogeneity for a while," Gleichauf said.

Analysts from Gartner have also found that many businesses are nervous about integrating the security features in Vista with their legacy systems.

"Most organizations are cautious about Vista," said Eric Ouellet, vice president for research, security and privacy at Gartner. "(Companies) already have security tools which are being built into Vista. The risk is to go to another system. There's always going to be some hits," Ouellet told ZDNet UK.

"The risk you have to manage is: Is Microsoft going to get it right first time? Maybe yes. But are businesses going to take that risk?" he asked.

Microsoft has not helped to reassure customers by pushing back the release date of the operating system and changing some of the promised features.

"People don't know what's coming down the pike," Ouellet said. "TPM (Trusted Platform Module) is now not fully integrated--you can't rely on the feature and function set. Microsoft's moving the goalposts is definitely adding to the heartburn."

Tom Espiner of ZDNet UK reported from London.

See more CNET content tagged:
Cisco Systems Inc., Gartner Inc., security feature, Microsoft Windows Vista, exec


Join the conversation!
Add your comment
Microsoft, the company that can't shoot straight anymore!
We're all laughing at you!
Posted by anarchyreigns (299 comments )
Reply Link Flag
They shot straight once?
Posted by Macsaresafer (802 comments )
Link Flag
Ooo... scary!
New software is SCARY! Oooo... Hey... so are CISCO products!

Cisco Wi-Fi is SCARY!
<a class="jive-link-external" href="" target="_newWindow"></a>

Cisco Internetwork OS is SCARY!
<a class="jive-link-external" href="" target="_newWindow"></a>

Cisco Session Initiation Protocol is SCARY!
<a class="jive-link-external" href=",289142,sid7_gci1207783,00.html" target="_newWindow">,289142,sid7_gci1207783,00.html</a>

Cisco Unity is SCARY!
<a class="jive-link-external" href=",289142,sid66_gci1034991,00.html?bucket=NEWS&#38;topic=299030" target="_newWindow">,289142,sid66_gci1034991,00.html?bucket=NEWS&#38;topic=299030</a>

How about...

Bob Gleichauf is SCARY! He drums up fear through speculation when his own company's products have introduced plenty of vulnerabilities. Bob should lay off the rhetoric and do an analysis - if he can find an actual vulnerability, then perhaps we'd have a reason to be worried - and perhaps it would be fixed. But he has no interest in resolving issues or providing a clear understanding of the paranoia he tries to create - he apparently just wants to damage Microsoft sales. What a goon.
Posted by David Arbogast (1709 comments )
Reply Link Flag
Vista is definitely scary! Why buy a better computer?! I mean I just spent around 1000 USD on a new laptop that WON'T run Vista!
The heck with it! I used Win98SE until less than 2 years ago! It ran like thunder! I'll probably use XP for 4 or 5 years more and then switch to a stable, easy to install, customer friendly version of Linux that will probably be on the market by then!
MS has definitely gone out of their mind! That's what I say! We're soon gona need a CRAY 1 just to run the damn thing!
Doesn't anybody just get the meaning of OS? Like Operating System? Like basic functions? What of it?!
Posted by Kostagh (57 comments )
Link Flag
Oooo... scary!
New software! Everybody be scared! Run and bury you head in the sand.

How about:

Cisco Internetwork OS is SCARY!
<a class="jive-link-external" href="" target="_newWindow"></a>

Cisco WiFi is SCARY!
<a class="jive-link-external" href="" target="_newWindow"></a>

Cisco Session Initiation Protocol is SCARY!
<a class="jive-link-external" href=",289142,sid7_gci1207783,00.html" target="_newWindow">,289142,sid7_gci1207783,00.html</a>

How about... Bob Gleichauf shut his trap and quit spreading fear of the unknown through biased speculation? If he can find a flaw, we'll have reason to worry - and there's a chance it'll be fixed. But no... Bob's only goal is apparently to hurt Microsoft sales. He offers no valuable evidence at all. EVERY new system has the possibility of security flaws - CISCO should know this better than anybody. Hey Bob... how about cleaning your own house before suggesting that somebody elses could possibly be dirty. What a goon!
Posted by David Arbogast (1709 comments )
Reply Link Flag
Re: Oooo... scary!
"If he can find a flaw, we'll have reason to worry - and there's a
chance it'll be fixed. But no... Bob's only goal is apparently to
hurt Microsoft sales."

Microsoft doesn't need anyone else to hurt their sales. They're
doing well enough on their own.

Shoddy product quality, uninspired new products, and massive,
crippling delays have already pushed many organizations to
Linux and Mac OS X.

What about Vista has taken five years to create and complete?
they've cancelled most of the compelling new features. Are you
telling me it took five years to get DirectX 10 out?

Vista's going to make a splash, alright - into the toilet bowl.
Posted by Hep Cat (440 comments )
Link Flag
And that, Mr. Cisco...
Is precisely why we pay you. Deal with the problems or pack up and go home.

Either way, quit whining.
Posted by Christopher Hall (1205 comments )
Reply Link Flag
MS wants Vista to suck
It really makes no difference how bad Vista is, from the time it stars shipping, all PC's from then on will ship with it.

The OEM's will love to accommodate MS because Vista requires a top of the line system. MS has to ensure Vista runs like crap on yesterdays hardware because hardware sales = windows sales.

Vista will sell anyway, and if it is total crap that just means they can repeat the cycle sooner rather then later.

On client XP systems they have all these services in listening state (eg highly vulnerable to remote attack). This pushes up the hardware requirement and ensures lack of security. They reply by saying they _need_ this stuff in listening state by default and if there is a vuln they patch but don't dissable the services.

fast forward to SP2 and they still leave the services in listening state but now include an added layer, a firewall to stop traffic. Everybody upgrades to the better, more secure product but what happened to the statement they needed the services in listening state? How is adding a firewall rule any easier then turning on a service only after you decide you need it?

Answer, it's not, but running everything requires beefy hardware ($$PC upgrade cycle$$).

MS is their own competition, if they release a perfect product nobody will upgrade and it costs them money.

MS can't do like Apple and include a bunch of cool things for free cause it is against the law for them (monopoly thing), so releasing a crappy products so they can improve on it in another version later is the best strategy they have going for them, intentional or not.
Posted by Dachi (797 comments )
Reply Link Flag
And the doomsayers also said WinXP would collapse the internet because of its networking features. Yet, the internet is still here.

But that wont discourage our chicken littles from making such predictions, or the lazy journalists who publish such predictions unchallenged (*cough*, CNET. How about doing some actual journalism?).
Posted by (402 comments )
Reply Link Flag
What a Joke!
First, the whiners complain that Windows doesn't have enough security, now they say it has too much! What a joke!! Then you have the E.U.'s ridiculous carrot and stick and approach, another laughable, if not pitiful stance. I think Gates and company ought to just ignore these fools and simply and move full steam ahead, which I'm sure they will do. Nothing has really stopped them yet!!
Posted by WJeansonne (480 comments )
Reply Link Flag
$1M bet with Bill Gates
Dear Mr. Gates,

"I hereby wager one million dollars that more security risks will be discovered in the first year of Vista's release than XP &#38; W2K combined.

If you do not wish to participate in this wager, please post your refusal within 24 hours, otherwise you will be deemed as consenting to this wager."

Vista's release will be a paradise for hackers, scammers, organized crime, and terrorists.

Micro$oft can't execute reliable security tests now for the more simple XP &#38; W2K platforms, so there is NO WAY they can deliver a "safer" Vista that is enormously more complex!
Posted by W2Kuser (33 comments )
Reply Link Flag
um...this isnt
perhaps you should mail this to bill gates, or at least post this on microsofts site somewhere if youre hoping to reach him. im sure he has better things to do than sit here reading cnet forums, like rolling around in money for example.
Posted by TheMikeness (12 comments )
Link Flag
More FUD
Cisco is just afraid that Msoft will build routing and VPN and firewall and anti-virus all into the operting system. Then who will need OIS?

Wait - they already have done that - NOW Cisco is starting to worry that nobody will need theoir overpriced pieces of crap. Maybe they can get together with Symantec and drown their sorrows together.

Bill still rocks.
Posted by gggg sssss (2285 comments )
Reply Link Flag
"Cisco is just afraid that Msoft will build routing and VPN and firewall and anti-virus all into the operting system."

No single solution is perfect and software firewalls are nice, but there are many advantages of using stand alone hardware routers.

"NOW Cisco is starting to worry that nobody will need theoir overpriced pieces of crap."

Considering we're talking about Microsoft it's interesting you mention over priced.
Posted by unknown unknown (1951 comments )
Link Flag
It is IOS...
The competition between Microsoft and Cisco is not a big concern for Cisco yet. The performance of Cisco products is more than just their own OS that runs on their products it is a lot to do with the hardware. When Microsoft comes out with more hardware to target the Cisco market then there would be cause for alarm at Cisco.

Where you could have a point with "FUD" is that Cisco can benefit from additional Cisco product purchases to deal with potential problems created with a Vista deployment in a large enterprise. Cisco wants CTOs to remember and budget for Cisco while buying into Vista.
Posted by zaznet (1138 comments )
Link Flag
Sad that CNet considers this newsworthy
So in review, Mr. Gleichauf from Cisco, has this to say about Windows Vista:

"Anything with that level of systems complexity will have new threats, as well as bringing new solutions. It's always a struggle in security, trying to build for what you don't know."

"Vista will solve a lot of problems. But for every action, there's a reaction and unforeseen side-effects and mutations. Networks can become more brittle unintentionally."

"If you're embracing Vista, it's not going to be 100 percent initially. It's going to create more heterogeneity for a while."

...Does someone want to explain to me what's so amazingly insightful about this that it's newsworthy, other than Cisco throwing barbs and a company they know they're going to be competing hard against in the near future?

I suppose this is CNet's version of linkbaiting, although I wish they'd stick to real news. Leave the linkbaiting to the, Microsoft Watch &#38; and other industry leeches that make their living off of synthentic media hype.
Posted by bruinsensei (16 comments )
Reply Link Flag
Cisco, Too, Presdicts a V I S T A P O C A L Y P S E !
Gleichauf knows that Vista is nothing less than a national security threat waiting to explode.

If the new cybersecurity czar, Gregory Garcia, had any intestinal fortitude at all, he'd call for an investigation into the security of Vista before it is shipped, complete with source vetting by the NSA.

But, as a lifelong industry hack, he'll sit and collect his check and stare out the window.

Posted by Sumatra-Bosch (526 comments )
Reply Link Flag
Just a thought.
This would be pretty bizarre in another reality, but maybe Apple
should consider selling or atleast co-operating with Microsoft on
Mac OS 10, under the agreement that the next OS they make be
done as a joint venture.. of course it would be a seperate entity/
OS from Vista and OS 10 but of course be based on OS 10's
current technology and not branded specifically to one company.

It would fulfill so many purposes..

It would cut the cost of R&#38;D for Microsoft.. Guarantee OFFICE as
the no.1 business software (as if their worried about this) but it
would definitely put an end to other competing suites, most
security issues would vanish, and Microsoft can focus more on
Networking and the business side of computing which Apple and
Microsoft have already drawn fine lines with. I simply don't
think Vista is going to sell though.. Why? it already has a bad rap
attached to it and whats worst is, its under the scrutiny
microscope, and its not even 75% full proof so its safe to say it
won't do well in its first two years of existence..

For Apple; they will get the marketshare they want, insure that
their OS technology will survive, because afterall it really is
good), probably sell more computers and give Dell &#38; HP some
real viable competition, guarantee Ilife as the no.1 suite for
handling digital media for the average consumer. Issues of
incompatibility would disappear, I can probably go on and on...
it opens up so many more possiblities.. for both companies.. of
course there will be tariffs on certain aspects on features for the
OS but it will benefit everyone...
Posted by ServedUp (413 comments )
Reply Link Flag
Revisit the past?
Apple and Microsoft were working together a long time ago. Microsoft stole a solution from Apple in order to make the Windows Operating System work in the first place. I would hope Apple would not trust Microsoft that much again...

Do you remember IBM used to have an OS? That too was sunk by Microsoft short handing IBM and not cooperating as fully as they let IBM believe they would. It may be time for Microsoft to work with a partner but they have burned any they worked with in the past.
Posted by zaznet (1138 comments )
Link Flag
Five years of development for Bloatware...
I am a windows user, administrator, and developer. What Vista represents to me is just a small incemental increase in functionality from Windows XP, but a disproportionate increase in code size, complexity, vulnerability vectors, and hardware requirements.
Microsoft has really blown this development cycle.
Posted by fred dunn (793 comments )
Reply Link Flag
add to that the software and hardware
Youre dead right and the hardware and current software obsolete issues bring the migrains to a whole new level. We all know we will be forced to switch to it screming and kicking. The real questions is how long can we hold off with a gun pointed to our heads.
Posted by mssoot (169 comments )
Link Flag
Re: Then we agree
[i]"So Vista will be the next big OS, it will not drive the marjority to another system, and in my opinion, people are going to like it."[/i]

You sure do extrapolate a lot, don't you? Whether Vista is "like"d or not will depend on the public, not you or I.

My point is simple: MSFT dominates now. They may not dominate 10 years hence, mostly due to their own short-sighted policies and coding methods.

After all, Apple was once the dominant, until their own hubris and (at that time) bad practices knocked them way back.

Posted by Penguinisto (5042 comments )
Reply Link Flag
Yes, we agree
No arguement from me. It is the public that will eventually decide what they want. What worries me is this is the same public that watches reruns of "cops" on TV for entertainment.
Posted by Seaspray0 (9714 comments )
Link Flag
What's wrong with Cops?
Bad boys, whatcha gonna do?!

I mean that theme song is incredible and the show is entertaining.
Posted by Nubasaurus (9 comments )
Reply Link Flag
What is right with cops?

It is a ignorant LCD show.
Posted by qwerty75 (1164 comments )
Link Flag
Sorry, somehow I blundered into this Microsoft Shareholders' forum... gotta go.
Posted by real_bgiel (46 comments )
Reply Link Flag
And they are one to talk
I suppose when a new IOS comes out it is very rock solid, not.

And Cisco, a network company that now wants o be a security company probably has had more vulnerabilities against their network AND security products than any other vendor I know.
Posted by virtualphil (1 comment )
Reply Link Flag
And you are one to talk?
Nothing is perfect. The bigger the company and or product is, the more hackers will try to get into it. Actually, I'd say Computer Associates, remember they had something in their product that disabled lsass.exe service I think I read. LOL.
Posted by pentium4forever (192 comments )
Link Flag
Fear, Uncertainty, Doubt
FUD, by another name. It was used by IBM for years to keep their stranglehold on PC's and keep customers away from "clones". Now clones are the only PC's you can buy.

The Cisco Exec cites not one identified security flaw - just "Fear, Uncertainty, and Doubt". This article is not news - it's propaganda.

(and no, I'm not a MS fan either. I just can't stand it when people spew FUD)
Posted by GTOfan (33 comments )
Reply Link Flag
Having not read the entire interview...
... or even the questions asked, I do not see how you feel in a
position to make any conclusions about his comments at all.
Posted by DeusExMachina (516 comments )
Link Flag
Pay no attention
This has absolutely nothing to do with Cisco NAC vs. Microsoft NAP. Absolutely nothing!
Posted by solrosenberg (124 comments )
Reply Link Flag
Anti-competition is OUT
Until Microsoft learns to abide by competitive rules... which aren't adhered to in the US... and to which the government tends to turn a blind eye... much of the rest of the world wants to ensure that their vendors markets don't succumb to the same fate which MANY American corporations have... the most noted one NetScape!!!

I wish the EU all the success in the world in trying to keep Microshaft abrest of competitive regulations while hoping that the US will catch wind of the fact that Microsoft CAN BE HELD accountable... but one must stand up and be defensive about it!

Something many corporations have given up throughout the years... but which they should not have given up on.

Posted by wbenton (522 comments )
Reply Link Flag
THIS is even scarier ...
... namely that odd military facility in China recently found using Google Earth:

Articles with pictures:
<a class="jive-link-external" href="" target="_newWindow"></a>
<a class="jive-link-external" href="" target="_newWindow"></a>

Google Earth forum post:
<a class="jive-link-external" href="" target="_newWindow"></a>

That's the place in the middle of the desert where the Chinese Army has constructed a scale-model replica of the entire region of Aksai Chin (occupied by China since the 1962 war with India). At 1:500, it's still 700 by 900 meters big ( = several football fields). Next to it is a base with dozens of troop transporters seen coming and going. The duplicate shows everything: rivers, lakes, roads and snow-capped mountains. It's basically a landscape within a landscape.

The problem is that nobody has been able to figure out the function of this thing. The world's biggest miniature golf course, perhaps? China's own Area 51? That's why it's the subject of so much discussion in the blogosphere. The discoverer even had to set up his own blog to handle the buzz:

Any ideas?
Posted by tania3000 (18 comments )
Reply Link Flag
Thank you
Glad to hear when someone who actually KNOWS something about the history of operating systems discusses mac, windows, and unix. I would also like to mention that another large source of windows crash problems is due to lax coding, there are 13 year olds out there writing windows applications on .Net and other languages, whereas 99% of the Mac users out there dont know how to program real applications on their platform.

Some people are saying that the main thing holding back the Mac is the fact that people dont see it as worth it to write software for a small percentage of the market, but then why is almost every piece of professional software out there available for both pc and mac? You can even play games on linux now. Many people switch away from windows, and like it.

Usually the reason they switch away from windows is something like security or stability, because if they dont need to run too many specialized programs, they never miss it, and when windows represents over 90% of the loosely secured systems on the planet, why bother writing viruses for unix or mac? it can be done, sure, but in practise it isnt, because these jerks like targetting the majority of people.

My main gripes with Vista RC2 that ive seen so far are the 10GB default barebones windows folder size, and the massive amount of folders and files in it (i think its got some 50,000+ files in about 7,000 folders, compared to XP's 2,000 files? in about 700 folders, taking up about 1.2GB).

I used to remove most spyware/viruses manually for the most part, but now that its not going to be easy to determine what belongs and what doesnt, this makes it harder for me. Hopefully i wont need to however, now to changes in access to the kernel, etc, which yes, i believe are long overdue.

The new object oriented shell features are probably a very big step forward for developers, id like to hear more about how it works.

If Mac were able to encourage developers to consider its OS, maybe they wouldnt be stuck with under 5% of the desktop computer market share perhaps? After all, its not like there could be anything WRONG with OS X, its not Apple's fault their product isnt selling, its somebody elses, like (insert company/person name here)'s fault, right?
Posted by TheMikeness (12 comments )
Reply Link Flag
RE: I don't know how you can be so wordy and so wrong
(last comment was for rapier1?'s comment, hit wrong reply link when reading it)
Posted by TheMikeness (12 comments )
Reply Link Flag
i have not worked a whole lot of different jobs in the past, but i have worked in different industries altogether, and when i see a computer running in a business, its just as likely to be running dos/linux or some sort of non GUI based system as windows 98 or xp. the truth is, the office world is ruled by Windows, and windows 2000 is seen as the MINIMUM spec required when setting up a large corporate network due to windows 2000's introduction of active directory. i think windows 98 SE is the EARLIEST possible windows release that can be used in active directory, and due to all that netbios nonsense, etc, most larger companies usually skip thru to 2000/xp rather than have to deal with tons of different OS'es

I worked at a company that did a local newspaper, and they had the strangest mix ive ever seen: mac os 9, 10, windows 95 osr2, 98, 98 se, 2000, xp, linux redhat 6.something, windows 2000 advanced server, SCO OpenServer Unix, SME, was atrocious.

They were using a 20 year old COBOL database app running on the SCO Unix server, and for some reason when they upgraded to Mac OS X almost across the board, Mac doesnt have a telnet client that can read the SCO Unix telnet data properly, and linebreaks dont work, so the text-based application interface becomes unusable, whereas a dos box in windows 98 to xp could run it properly on any of the windows systems. THIS is one of the main reasons why you see windows dominating most office environments, because rather than having to upgrade their ancient central server applications, windows products have had a history of good upgrade paths that have acceptable backward compatibility.

Microsoft is changing all that with Vista, and this will make companies not move to upgrade for quite some time, but most companies have known for ages that theyve needed to upgrade their legacy systems, and most are following suit. Most of these programs are moving towards web application driven intranet servers, which are platform independent for the most part.

There havent been a great deal of business applications available for any operating system besides linux and windows, and they both can run on the same hardware and interface with each other fairly well as compared to Apple, and its extremely proprietary, too-good-for-standards stance. Now that Microsoft has been long established as the business leader, theyre able to get away with changing things and forcing the industry to keep up, thats just how it goes. Eventually, the 30 year old hardware these legacy applications run on will fail, and if these people arent encouraged to upgrade, they can end up closing down after they permanently lose their database or are unable to file their taxes thanks to cheap, extremely anti-tech-savvy management.
Posted by TheMikeness (12 comments )
Reply Link Flag
windows dominating most office environments
<a class="jive-link-external" href="" target="_newWindow"></a>
Posted by Ipod Apple (152 comments )
Link Flag
Cisco = Liars
The only reason Cisco is saying this is because are looking to dodge work to make their software compatable with Vista. They did make a client, which half-works with Vista and is full of bugs for the VPN Firewall and Firewall products. Cisco TAC blew me off, and I repeatedly asked to have my case escalted to managment. Each time I waited 2 weeks, only to get lip service and lies from the managers. Some who did not even have the courtesy to write me back and email, until I send them something in capital letters. The only ones who are lazier then the developers at Cisco are the Managers, I guess the EXECS are leading the way here.

To everyone who owns a pix. Just put it in the trash can if you run a current Microsoft OS like Vista, which has been out for a year. The only solution is to give more money to Cisco, and buy an ASA. I was told they are giving up on the bugs for the Pix firewalls, and they blamed microsoft. You may need to go to small claims court to get your money back for your PIX firewalls, and also for your time wasted on their broken promises. This time I bought an ASA, but I am not really happy about why I had to buy it. If you use TAC, which is a waste, they will just tell you to buy an ASA and get ANYCONNECT. That is what they told me when i called TAC, althought ANYCONNECT is not even for the product I purchased, (the regular Pix). Also, the newest OS, Pix 7 is not supported on the Pix. Again, they could easily support Pix 7 OS on the pix, but are really dragging their feet hoping you will get frustrated enought and go buy a new firewall. I don't have a lot of time right now, because my firewall is basically down because of TAC, so I had to buy an ASA. Next time I will not buy Cisco. Where is the integrity Cisco?
Posted by parkstreet1234 (1 comment )
Reply Link Flag

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot



RSS Feeds

Add headlines from CNET News to your homepage or feedreader.