In-Depth

New MS Forefront Tools Improve Security

Microsoft's new Forefront products and Vista security enhancements were highlighted at this week's TechEd keynote.

• By Peter Varhol
• 06/08/2006

Much of what Microsoft cited during its Tec-Ed keynote on Sunday night is destined for delivery in the future. This includes Windows Vista, Longhorn Server, Office 2007, and the Windows Presentation Foundation (WPF). Many of these future capabilities have been known for some time, and many developers have already been planning for the new features of Vista and WPF. By doing so, the keynote presenters effectively laid out a roadmap of existing and upcoming technologies that work together to both deliver value to the enterprise and make the jobs of IT professionals a little easier.

The one new announcement was Forefront, the primary initiative in improving security and controlling access. Forefront is an umbrella technology for antivirus and anti-spyware tools for SharePoint, Exchange, Windows Server, and Windows client operating systems. The unique aspect of Forefront is that it coordinates the efforts of these different systems to watch for and prohibit actions that violate security policies or will harm an individual computer or the network.

There are also a number of security enhancements in the upcoming Windows Vista desktop operating system, including least privilege application execution, Bitlock disk encryption, and network access protections. These collectively might become the must-have features that will speed Vista adoption in the enterprise.

The keynote started on a somewhat incongruous note, with Windows Server Group Senior VP Bob Muglia focusing on the business value of IT and its role in the enterprise. Certainly Microsoft technology is in extensive use in the corporate enterprise, but it might not have been the best way to engage the audience, made up largely of IT professionals who are at Tech•Ed looking for ways to improve their skills and do their jobs better. Launching the keynote on an enterprise theme brought home the value that IT delivers, but the value to most of the attendees was "less PowerPoint presentations and more smokin' demos," a sentiment expressed by guest Mary Lynn Rajskub, who plays computer maven Chloe O'Brian on the TV show "24."

In the keynote introduction, Muglia defined four promises that Microsoft was making with both enterprises and IT professionals. These promises nicely bridged the themes of enterprise value with professional expertise and improvement. These promises were:

1. Manage complexity and achieve agility.
2. Control access and improve security.
3. Advance business.
4. Amplify the impact of people.

Chief Technology Officer Ray Ozzie then set the stage with a 30-minute foray into hosted services that was perhaps the most thoughtful portion of the keynote. He used a trip through his own career to highlight the series of disruptions experienced by the computer industry over the last 30 years. The first began with Data General, which was building The Soul of a New Machine (with unfortunately no attribution to author Tracy Kidder). The DG 32-bit minicomputer (along with similar technology advances by neighbor Digital Equipment) was a disruptive force to the dominance of the expensive and difficult-to-maintain mainframe computer of that era.

The second disruption was signified by his move to Software Arts, which was the developer of VisiCalc, the first spreadsheet application. The next was to Lotus, where Ozzie was involved in the development of Symphony, the little-known next-generation spreadsheet.

The next, and probably the best-known, disruption was timed with his founding of Iris Associates, a Lotus-funded startup that focused on enterprise collaboration. The resulting product, Lotus Notes, radically changed how knowledge workers collaborated in the enterprise before the widespread availability of the Internet. The last part of Ozzie's journey was the founding of Groove Networks (and its subsequent acquisition by Microsoft last year), which developed a product to enable peer-to-peer sharing and collaboration within the enterprise.

By using Windows Live Virtual Earth (local.live.com) to track his career in the Boston area, Ozzie highlighted the forthcoming disruption of hosted services and how those services might be combined and augmented to quickly build new applications customized for specific needs. As an example of this new class of services, he cited Windows Live Search, a tool that can perform a search for information simultaneously on the desktop, within the enterprise, and on the Internet.

Bob Muglia followed up by returning to the four promises, spending a significant amount of time describing each and defining how Microsoft was fulfilling them. He cited a number of advances for managing complexity and enabling agility, with a focus on Microsoft's Dynamic Systems Initiative. Specifically, he noted that virtualization goes well beyond the well-known hardware approach, in which multiple operating systems run on a single physical system. This concept also provides significant value for operating system services in hosted environments, and for running multiple versions of different applications on the same system. The latter technology Microsoft gained when it acquired a company called Softricity, and Muglia committed to delivering this capability as a product in the future.

Muglia also led demonstrations on new tools for managing workloads across virtualized servers as a part of Windows System Center. He showed how to migrate workloads across two different servers graphically in the Windows System Center environment, and also how to look inside operating system images to determine configurations and even to change those configurations. Last, Muglia called out Microsoft's High Performance Computing (HPC) initiative as an example of an IT technology that can benefit business needs by performing fast parallel computations for time-sensitive operations.

The advancing business promise was presented as the ability to more quickly and easily deliver applications to take advantage of new business opportunities. There was a brief look at the upcoming Expression Interactive Designer (available in beta today for use with the Windows Presentation Foundation), but the demos focused on how to easily examine and manipulate data in SQL Server databases from within Visual Studio.

The Tech•Ed keynote concluded with Corporate Vice President Chris Capossela describing how Microsoft was fulfilling on the fourth promise, to amplify the impact of people, through collaboration tools such as Office 2007. These tools enable instant meetings and information sharing among ad hoc teams in response to specific needs, and the ability to manage documents that require contributions by many members of the team.

While the bulk of the keynote presentations and demonstrations seemed geared toward enterprise operations and operations staff, developers must pay attention to all of it. For example, some of the new security features, such as least privilege execution of applications, have direct implications to how an application is developed.

Features in Visual Studio Team System can also define a new role: infrastructure architect. This professional, who typically has an operations responsibility, defines the environment under which a newly conceived application must execute. In designing and implementing that application, developers have to work within the parameters set by the capabilities of the existing infrastructure.

This emphasis on working within the defined infrastructure places new challenges on developers in the areas of security, performance and scalability, and compatibility. Fortunately, Visual Studio and the Team System provide both a foundation and a growing set of tools for addressing these challenges. The role and responsibilities of Visual Studio developers are going to be greatly expanded in the coming years as new applications will have to be assembled from services, work within the existing IT infrastructure, incorporate better security, and be more aware of interactions among collaborating users. It is a challenge that will require high levels of expertise and an intimate knowledge of Windows and Visual Studio tools.