McAfee Launches New Security Strategy as Microsoft Loosens Grip

Several computer security companies are bolstering their efforts to remain viable players with enterprise computer users and consumers alike asMicrosoft loosens control over security access in its next-generation operating system, Vista.

Computer security firm McAfee announced on Monday a security risk management strategy for its customers using current and future versions of Windows operating systems. This strategy is designed to provide enterprises with additional options in minimizing risks from security threats and noncompliance issues.

In a related development, anti-spyware software developer Webroot Software and security firm Sophos announced last Wednesday a technology partnership through which Webroot will license Sophos’ antivirus technology for use in select Webroot consumer and enterprise products.

Also last week, software security company Symantec outlined its vision for protecting its customers from the next generation of threats targeting their business and personal information. The concept Symantec calls “Security 2.0” brings together an ecosystem of products, services and partnerships to provide its customers with more third-party security tools.

Industry Unrest

The announcements from these security firms come in the midst of a heated debate over computer security that pitted Microsoft against third-party security vendors worldwide. Microsoft claims that its PatchGuard security system in Vista will secure its operating system and lock down its kernel without the need for other security applications.

However, the company announced on Monday that it will allow McAfee and Symantec to access some core components of the new operating system.

Other software vendors have downplayed the severity of Microsoft’s Vista security policies, noting that there are always security holes and that any system can, at some point, be compromised. Thus, consumers will always need third-party help to protect themselves from security risks.

McAfee’s Plan

McAfee said Monday that its new security solution for the enterprise is not a new product. Rather, its security risk management line is an integration of its existing products with added strengths from recent acquisitions and new compliance management capabilities, including remediation and network access control.

“With the acquisition and integration of Preventsys and SiteAdvisor technology, McAfee is among the first to integrate threat prevention with compliance management,” Michelle Cobb, group product marketing manager for McAfee, told TechNewsWorld. This provides enterprises with greater automation, operational efficiency and protection of their investments, she added.

McAfee officials said increasingly strict compliance and regulatory requirements, coupled with changing threat environments, have forced enterprises to rethink how they approach and manage security.

“From conversations with our customers, it is clear that enterprises spend an enormous amount of time and money to manage security risks and to demonstrate compliance,” said Chris Kenworthy, senior vice president of marketing, McAfee. He noted that security is more than just a version number and also involves a comprehensive approach to threat prevention and compliance.

Symantec’s Contribution

In a flurry of activity last week, Symantec announced the release of several products designed to beef up computer security by protecting enterprise and e-commerce activities.

Symantec Mail Security integrates anti-spam, antivirus and extensive content filtering technologies designed to stop inbound and outbound e-mail threats. Symantec Database Security uses intelligent profiling to provide fraud detection based on what is considered “normal” interaction with the database. It immediately alerts the organization of malicious or abnormal activity that falls outside the “normal” profile.

Norton Confidential Online Edition helps banks and other organizations strengthen the security that links them to their customers and increases customer confidence in online transactions.

Opposition’s Voice

Antivirus vendor Authentium expects to work around the capabilities of PatchGuard and Vista to protect consumers from online threats. Corey O’Donnell, vice president of marketing for Authentium, insisted that any limitation to Vista access would be a surmountable hurdle with a little initiative and engineering prowess.

O’Donnell acknowledged the security landscape is changing now but said it is still a viable marketplace for third-party vendors. The implications of any actions on Microsoft’s part, he said, depend heavily on the security vendors and their willingness to diligently engineer new solutions.

“In essence, however, Patchguard will function as nothing more than another perimeter fence between the hacker and his intent; it’s simply another hurdle to clear,” O’Donnell warned. “Patchguard will be hacked. We know this, because we’ve already identified the techniques necessary to do so.”

As O’Donnell sees it, tighter Vista security will never eliminate the need for third-party security products. He said Vista users should consider whether the same company responsible for the design that includes the flaws should be trusted to protect against them.

Posture Changing

Microsoft posted an announcement on its Web site late Friday saying that it had reached an agreement with regulatory agencies in Europe and South Korea that removed threats of an antitrust lawsuit over its stringent security policy regarding Vista.

According to Microsoft General Counsel Brad Smith, the company agreed to make a number of changes to Windows Vista in response to guidance from the European Commission and officials in Korea to comply with its legal obligations there.

However, Microsoft officials did not clarify whether those security changes would apply to the Vista version released in the United States by the end of January 2007.

Redmond Reacts

However, a Microsoft official told TechNewsWorld late Friday that third-party security vendors will have to develop new tools to work with Vista.

“Kernel Patch Protection is an opportunity for security companies to evolve and deliver new innovative security solutions and design approaches for customers that build on top of a more secure kernel environment on 64-bit systems provided by Microsoft,” wrote Stephen Toulouse, senior product manager for Microsoft’s security technology unit, in an e-mail message.

“The solutions that our partners provided yesterday need to evolve to address the threats of today and tomorrow, and go beyond the baseline protection that Microsoft is providing to its customers through technologies like Kernel Patch Protection,” he added.

According to Toulouse, in order to deliver a more reliable and secure operating system kernel, Microsoft will provide documented, supported methods for industry partners and Microsoft product teams alike to implement new innovative functionality in defined and supported ways.

Some Cooperation

Despite complaints from third-party security vendors, antivirus firm Sophos told TechNewsWorld on Friday that it is working amicably with Microsoft to ensure that Sophos’ new product line does not conflict with the Vista kernel.

“Blocking intrusive programs and Possibly Unwanted Applications (PUAs) is the goal of our new line of products for consumers. We are working with Microsoft to ensure our viability,” said Ron O’Brien, senior security analyst for Sophos. “We don’t see anything that Microsoft is deliberately blocking.”

O’Brien said blocking malware threats from instant messaging and peer-to-peer applications has traditionally been a function of Sophos’ endpoint security products. He said the company now is looking at the ability to assess and manage the updating process for all software products and security items used on a computer.

Leave a Comment

Please sign in to post or reply to a comment. New users create a free account.

More by Jack M. Germain
More in Security

Technewsworld Channels