Microsoft wary as security, identity integration plan lags

Microsoft is in the final test phase with Forefront Identity Manager 2010

Microsoft is on the verge of finally providing some pieces of software to back up its ambitious plan to integrate its security and identity technologies, but the company admits it is moving slower than it had anticipated.

The evolution of Microsoft Window

"It is fair to say that getting this done in non-trivial," says Bob Muglia, president of Microsoft's server and tools business. "It is taking us perhaps a little longer in some areas then we would like, but we are pretty excited about the progress that we are seeing."

Muglia says Microsoft is in the final test phase with Forefront Identity Manager 2010, which is one foundational element of the security and identity integration. Identity Manager is slated to ship early next year, and was previously known as Identity Lifecycle Manager. "This ties together the identity management across an organization and enables the foundation for security configurations and security policies that run on top," he says.

In April, Microsoft detailed a long-term strategy that will see it combine its identity management efforts with its Forefront security products built for clients, servers and the network edge. Most of the software encompassed in that plan will ship in 2010.

Delays, especially with Identity Manager and a management console for the Forefront suite, appear to be less about a reputation for slipped ship dates and more about ensuring the pieces are solid in order to avoid setbacks that could doom the effort, according to some analysts. Microsoft has little existing reputation as a security company.

"I think Microsoft is trying to do everything it can to take diligent steps to get it as right as it can be to keep the market happy," says Scott Crawford, an analyst with Enterprise Management Associates. "I give them a lot of credit for a very ambitious strategy. It is going to take time."

This week, Microsoft delivered antimalware software for clients in the form of Microsoft Security Essentials (MSE), a free security tool for consumers. The software was a replacement for Microsoft's Live OneCare security service and is as much a testing ground for similar enterprise software as it is a statement that antivirus tools are becoming a commodity.

MSE shares technology with Microsoft's Forefront Endpoint Protection, formerly Forefront Client Security, a centrally managed enterprise desktop security tool.

"They killed off OneCare but not necessarily because it was a failure, but because they wanted to refine their strategy," says Crawford. "They are looking at what they can capitalize on in terms of their enterprise strategy. Forefront is definitely more targeted toward the enterprise, certainly in terms of its alignment with System Center [management tools]."

Crawford says part of Microsoft's challenge is that it has lots of moving parts on desktops, within network infrastructure and on a network's edge. "They want to get [those parts] better and more market ready before they actually go to market with this plan. They have bitten off an awful lot."

The plan is to integrate security products under the Forefront brand, offer software-as-a-service versions and present it all as an intelligent layered defense for corporate infrastructure.

That layer will be integrated with Active Directory and third-party products and tied together with the forthcoming Forefront Protection Manager console (formerly called Stirling), a centralized management panel for all the Forefront security products. The console is slated to ship in early 2010.

Microsoft officials say the identity and security message is a natural outgrowth of last year's corporate reorganization that merged two business groups -- Identity/Access and Security/Access -- into the Identity and Security Business Group.

"We don't see ourselves as providing the only solution that an enterprise customer needs for security, we see ourselves providing a broad foundation of security services that a company can rely upon," Muglia says. "Then we can work with the rest of the industry to meet the specific needs as they might have for their given organizations on a security basis."

The foundation starts with Active Directory and its ability to manage identities and credentials and to integrate with the cloud via Active Directory Federation Services (ADFS) and the Windows Identity Foundation (formerly Geneva), both of which will ship near the end of this year. Active Directory includes policies and privileges that extend to the edge of the network and are managed by Forefront Identity Manager.

On top of that is the protection layer Microsoft will add that includes among other tools antivirus and antimalware capabilities that stretch across Microsoft's server applications and network infrastructure.

Microsoft's Forefront lineup includes Forefront Endpoint Protection 2010, Forefront Protection 2010 for Exchange Server (formerly Forefront Security for Exchange Server), Forefront Protection 2010 for SharePoint (formerly Forefront Security for SharePoint), Forefront Online Protection for Exchange (formerly Forefront Online Security for Exchange) and Forefront Threat Management Gateway Web Security Service (successor to ISA Server 2006).

The unifying piece is Forefront Protection Manager console that ensures all the tiers are integrated and combined with security assessment data from third-party products.

Protection Manager also will tie in with System Center Management tools, including Operations Manager and Configuration Manager. And Microsoft has said third-party partners would develop for Protection Manager, including Brocade, Juniper Networks, Kaspersky, Tipping Point and RSA.

It's a heady slate of software and services, all built or acquired by Microsoft and its partners, that needs to come together into a logical whole.

Follow John on Twitter:

Join the PC World newsletter!

Error: Please check your email address.

Tags Microsoftintegrationsecurity

Our Back to Business guide highlights the best products for you to boost your productivity at home, on the road, at the office, or in the classroom.

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

John Fontana

Network World
Show Comments

Most Popular Reviews

Latest News Articles


PCW Evaluation Team

Azadeh Williams

HP OfficeJet Pro 8730

A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.

Andrew Grant

HP OfficeJet Pro 8730

I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.

Ed Dawson

HP OfficeJet Pro 8730

As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.

Michael Hargreaves

Windows 10 for Business / Dell XPS 13

I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.

Aysha Strobbe

Windows 10 / HP Spectre x360

Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!

Mark Escubio

Windows 10 / Lenovo Yoga 910

For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.

Featured Content

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?