Microsoft swims upstream on security

Microsoft's security ambitions don't stop with the consumer. The company also has an eye on the multibillion-dollar enterprise security market.

Now that it's launched the Windows Live OneCare security service for consumers, Microsoft is ramping up its efforts to convince businesses that it is the solution to, not the source of, their security woes. The Redmond, Wash., company last week unveiled Forefront, a single brand that encompasses updated and upcoming security products aimed at businesses.

The moves are part of Microsoft's attempt to expand its business and tap new revenue sources, analysts said. Last year, security software sales hit $12 billion, according to research firm IDC. On the enterprise side, Yankee Group expects the Windows client security software market to grow to $3.6 billion this year.

"They are in it for the money, of course," said Andrew Jaquith, an analyst at Yankee Group. "Microsoft initially was very mysterious about its security plans. But its steady drumbeat of announcements over the last months shows intent to be a very broad enterprise security player."

Under the Forefront plan, the brand-new Microsoft Client Protection product, now in development, will be sold as Forefront Client Security for PCs and servers. In addition, updates of Antigen for Exchange and Antigen for SharePoint will also carry the Forefront tag, Microsoft said. Antigen for Instant Messaging and the ISA Server firewall and Web caching software are also in the Forefront group.

"We're going to provide a comprehensive set of security technologies for businesses that is integrated with their existing infrastructure, with an emphasis on the deployment, management and ongoing usability," said Steve Brown, the director of product management in the security, access and solutions division at Microsoft.

What's in Forefront?

Microsoft has mapped out the releases for its newly named business security line.

Forefront Client Security

Previous name: Microsoft Client Protection

What does it do?: Guards against spyware, viruses and other attacks on PCs and servers.

Release due: Public tests in fourth quarter 2006. Final release in second quarter 2007.

Forefront Security for Exchange

Current name: Antigen for Exchange

What does it do?: E-mail antivirus and content filtering for Microsoft's Exchange Server 2003 and Exchange 2000 Server.

Update due: Second half of 2006.

Forefront Security for SharePoint

Current name: Antigen for SharePoint

What does it do?: Antivirus, content and file filtering for Microsoft's SharePoint collaboration servers.

Update due: Second half of 2006.

Antigen for Instant Messaging

What does it do?: Antivirus and content filtering for Microsoft Live Communications instant-messaging server.

Update due: No information on Forefront update available.

Internet Security and Acceleration (ISA) Server 2006

What does it do?: Firewall and Web-caching server software. Also sold on appliances.

Update due: Forefront version is planned for release some time in the second half of 2007 or beyond.

As far as motivation goes, Microsoft sees its entry into the security fray as a "very broad opportunity" for itself and for its customers, Brown said. "The primary reason we're doing this is that there is clearly a customer need for this approach," he said.

Companies such as McAfee, Symantec, Trend Micro and Computer Associates have long demonstrated that there's money to be made in protecting Windows systems. For Microsoft, it's simpler to create security add-ons than to build security into its products, an approach that would also make it harder for the company to make extra money, at least one analyst said.

"This is a rather safe play," said Charles Kolodgy, an analyst at IDC. "It is easier than building the security into products and not being able to directly capture revenue. And if their security product line doesn't work, they can leave the market."

Microsoft has gradually built up its security muscle in recent years through numerous acquisitions. It bought antivirus specialist GeCAD, anti-spyware maker Giant Company Software and Sybari Software, maker of the Antigen products. Its lineup also includes hosted e-mail security services, picked up through the takeover of FrontBridge Technologies.

Most recently, the company gobbled up Whale Communications, a specialist in secure remote access and Web application firewalls. Last October, it announced it would sell security software for business PCs and servers. The new product, now called Forefront Client Security, is due for release in the second quarter of next year.

In catch-up mode
While it's bound to attract some business for its new products right away, Microsoft has some work to do to become a formidable competitor in the security area. That's especially true when it comes to enterprise client security, analysts said.

"They will get some market share just for being Microsoft," Burton Group analyst Dan Blum said. "To take a majority position, they need to establish a product that is functionally on par with, or pretty close to, the likes of McAfee and Symantec," he said, adding that this likely won't happen until 2008 or 2009.

Symantec, which provides a range of products aimed at protecting corporate networks and systems, said Thursday that it's ready for any competition from Microsoft.

"With a level playing field, all the vendors in the security space will compete for mind share, based on what enterprise customers believe to be the best product to suit their needs," a representative of the security software maker said. "Symantec has been the leading provider of effective protection against viruses and other malicious threats for more than 15 years."

The main obstacle facing Microsoft is customer distrust. "There are certain customers that don't trust them because of their previous track record," Yankee Group's Jaquith said.

The software maker has invested heavily in security over the past years. Despite this, most malicious software targets Microsoft products, and the company still deals with lots of security holes. Last week, for example, it issued 12 security bulletins with fixes for 21 vulnerabilities--the largest number ever for its monthly "Patch Tuesday" updates.

"You're in one camp or another with them," Jaquith said. Either businesses are very loyal customers and are rooting for Microsoft, or they feel they were burned by the company and simply don't trust it, he said.

[Stan Johnson]

OneCare security service is hard to justify

Windows Live OneCare security service is hard to justify when Microsoft's operating systems are the root of their massive security problems by a large margin. All operating systems have their vulnerabilities but Windows is the top dog.

This whole Microsoft security effort feels like paying protection money to the mafia.

[Tanjore]

Well microsoft is one of the vendors

There is no gaurantee that people will go to microsoft for the service. They are just another vendor in security market.

If they give the onecare product for free then it is more like using their monopoly to kill symantec and macafee.

onecare is more than just a security product. It has more functionality than just scanning and elimination virus, adware/spyware.

Ultimately it is the people that are going to make a decison.

[Tanjore]

Microsoft also provides a free service to eliminate virus!!

ideas.live.com - Safety center - is a free service to detect and eliminate virus.

It also provides lots of functionality and its all free.

mafias rarely provide help this way :)

I am no microsoft fanboy but it is always good to get a complete story.

[Björn Lundahl]

The most popular operating system in the world

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[john55440]

Conflict of Interest

If Microsoft were to make an extremely secure operating system, then it would lose revenue from it's new security services.

(i.e., it's more profitable for Microsoft to make an insecure operating system that requires it's new security services.)

In addition, the early reviews of Windows Live OneCare are mediocre at best. They should fix that, before they get into business security services.

[Stalin Hornsby]

Losing Focus for the View; open renters insurance via ISP providers 5.0.10.

While the band marches on without any Islamic threat in America;ditto. I very well am leaving my back gate unlocked and still; posted with "No Trespassing". To no aveil in my acount of the 'Catch 22'or N-stytle agenda placed on my hundreds of thousands of dollars withheld from personnal endowment. Oh, to 'Dow" is motive for renters insurance. rather, when my own family comes to replant my property I will be asking for saltiel tile instead of carpet. Maybe not, but even the Homeland Security super doesn't do windows.

[Björn Lundahl]

No conflict of interest

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more MS will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[proximityguy]

nice gig

"protection money to the mafia" Exactly!

It's like a car manufacturer selling lemons, then offering extended service and warranties to the buyers.

If the MS OS is such a piece of Swiss cheese, why should we have to pay MS for measures to clean it up and keep it secure? Isn't this their OBLIGATION?!

This is why our shop has gone to a Linux enviroment, but the whole Windows thing still cheeses me off

[Lindy01]

Linux...

has just as many security problems. It just does not have as many people after yet. If it ever gains any real market share it will be a fat target.

The car analogy is lame. Car makers never used to include any kind of theft protection devices....there was and still is a big after market for ant-theft devices for cars. Of course you can get all of that stuff right the auto maker for a PRICE!!

[Björn Lundahl]

Extended service and warranties I bought for my watch

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[gggg sssss]

in a heart beat

I will buy it for the servers and workstations I manage, even pay a bit more than symantec, who we use now, simply because it is one less vendor's licencing scheme to deal with

[Lindy01]

I agree

One less contract and one less comapny to deal with whe there are problems.

I am going to bet its going to be cheaper to move off of Symantec for my windows enviroment and Exchange as well.

It cant come out fast enough.

[km4hr]

If "vendor's licencing schemes" are a problem...

Then why aren't you using Linux?

[danielgarciaacosta]

Actually, Open Source is the king

Propietary software has more patch developer time than open source. The question is how many programmers destiny microsoft to develop patches and how many programmers forming *NIX comunity

[Tanjore]

Open source will be king only when...

It is true that open source is very good. Specifically linux.

Open source will be king only when it have lot os driver support from hardware vendors. There are many vendors who do not have drivers for linux.

It also needs good software support. There are many applications that users use on windows and those application have scaled down functionality in linux.

It is true that there are many vendors behind the linux bandwagon, but still support from commercial vendors is less than what it is for microsoft platform (unfortunately this is true).

And for a vendor to support linux, it may be a nightmare because there are so many linux distributions out there and making sure the software/device driver works on all the distributions is a nightmare (probably not).

Though linux os is superior in many ways, it doesn't have the same kinda support microsoft enjoys.

[Björn Lundahl]

A very tiny king

Open Source is a very good thing, I think. But a king.....? I do not think so. But we never know about the future. As long as the market is free and people will have a choice, that is enough for me. Best regards, Björn Lundahl, Gothenburg, Sweden

[J_Satch]

Boils Down to This...

"For Microsoft, it's simpler to create security add-ons than to build security into its products, an approach that would also make it harder for the company to make extra money"

Nuff said.

[Björn Lundahl]

Good for the customer that MS charge

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[kamwmail-cnet1]

So how often will Windows Live OneCare call Microsoft per Day?

Who would be dumb enough to trust Microsoft?

[kamwmail-cnet1]

Let's make Buggy OS and than make more $$ selling the bug "fixes".

Gotta admit, it makes perfect business sense.

[Björn Lundahl]

Blame the customer for bad security and not MS

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[Tui Pohutukawa]

Get a Mac,

and your expenses for security are exactly... Zilch.

[Björn Lundahl]

You might need a firewall, though?

Macs are nice, I think. But there are a lot of other points than security. As we all really know. That is why XP is so popular.
Best regards, Björn Lundahl, Gothenburg, Sweden

[john55440]

Apple Leaving Money On The Table...

If Apple made a version of OSX that could be preinstalled on Dell, HP, and other current-Windows computers, they would probably make a pile of money.

Currently, with a stagnant 3.x% market share, Apple is no threat to Microsoft.

[wbenton]

I'll believe it after I see it!

Microsoft doesn't swim upstream with security... they usually float downstream like all the other crap. (* GRIN *)

FWIW

[technewsjunkie]

"It's simpler for MS to charge for add-on then to secure Windows"

This statement says it all:
"For Microsoft, it's simpler to create security add-ons than to build security into its products, an approach that would also make it harder for the company to make extra money, at least one analyst said."

They are rewarding themselves - and charging us -for their poor security designed products.

[technewsjunkie]

"It's simpler for MS to charge for add-on then to secure Windows"

This statement says it all:
"For Microsoft, it's simpler to create security add-ons than to build security into its products, an approach that would also make it harder for the company to make extra money, at least one analyst said."

They are rewarding themselves - and charging us -for their poor security designed products.

[Björn Lundahl]

It is not bad to charge for add-on

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more MS will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[qwerty75]

Way too funny

MS has yet to make a product that is reasonably secure.

You would have to be a complete idiot to trust MS on anything, especially in regards to security.

[Björn Lundahl]

Are we idiots because we buy from MS

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[corelogik]

Currently

celebrating 5 years of being Microsoft free and loving it. My servers
run LAMP, my desktops are Mac,... viruses to date... zero, spyware
to date... zero, malware to date... zero

Ah the microsoft free life, im lovin it!

[bsacchini]

They are in it for the money?

They are in it for the money, of course," said Andrew Jaquith, an analyst at Yankee Group.

Why would individuals of a publicly traded company form an organization or business group and spend hours and resources on NOT making money? I thought he was an analyst...

[km4hr]

Saving is money is not obvious to MS users.

It's true that businesses are in it for the money. You'd think individuals would be looking out for their own finances as well. But MS users are oblivious to the fact that they're spending money for stuff they can get for nothing. Ignorance really is bliss. MS users spend their money on a flawed system. Then they spend more money to patch it up. MS has no motivation to fix their security problems. Just the opposite. They have every reason to create built-in flaws so they can turn around and sell software to fix them. It's crazy! In the automotive world flaws are called factory defects. Companies have recalls and they pay to fix the problems. In software the customer pays to fix the manufacturer's mistakes. In the case MS, flaws are probably not even mistakes. They're part of the business plan.

[technewsjunkie]

No one is saying they can't make $, it's about HOW they make it

No one is saying MS can't make money, but it's the way they tend
do do it.

I'm a Capitalist and have no problem with people making lots of
money. But in this case (and others) Microsoft makes mediocre
products and in effect creates a whole industry to support their
poorly designed products and then usurps that third party market
to fix thier own damn product!

[Björn Lundahl]

I think it is ok that MS makes money

I think the truth can be like this:

If the general customer for the now coming Vista wants "x amount of security upgrade", Microsoft will deliver it and have it built in the Vista version. MS makes all sorts of things to make the Vista more attractive. Why? The more attractive Vista is, the higher the price and the more will they sell. So, if then the general customer wants mentioned security upgrade, the Vista will be more attractive, the price will be higher and MS will sell more of them. But if the general customers do not want this upgrade, then MS will sell those upgrades only to those that want them. This is very good. We must accept that the customers do not always want the best security. Not everyone is like we are! The demand for security changes and the internet changes, and now MS is also a bit changing there services because of that. Best regards, Björn Lundahl, Gothenburg, Sweden

[gordonf4cnet]

Well don't buy OneCare then, and compute safely instead

Windows had better security in it since Win2K. In fact, over WinME's and Win2K's mainstream support period, Win2K was slightly less expensive:

http://www.antiwindowscatalog.com/?mode=rant&id=31

That's not including savings from preventing downtime.

OneCare was obsolete the moment they launched it, so don't buy it if you don't want it.