Security and identity management

Security and identity management Picture 1 Microsoft's history and business software development strategy
Security and identity management Picture 2 Prepare for upcoming releases
Security and identity management Picture 3 Windows operating system - Client operating system
Security and identity management Picture 4 Windows operating system - Server operating system
Security and identity management Picture 5 Database, deployment and web - SQL Server
Security and identity management Picture 6 Database, deployment and web - Website and Portal Management
Security and identity management Picture 7 Database, deployment and web - Tools for developers
Security and identity management Picture 8 Database, deployment and web - Application integration
Security and identity management Picture 9 Enterprise applications - Office and Visio Sets
Security and identity management Picture 10 Enterprise applications - Managing portfolio and projects
Security and identity management Picture 11 Business applications - Business Intelligence and Self-Services
Security and identity management Picture 12 Communication issues - Exchange and Outlook
Security and identity management Picture 13 Communication issues - Instant messaging, Voice and conference
Security and identity management Picture 14 System Management - Virtualization
Security and identity management Picture 15 System management - Configuration, testing and analysis

Security and identity management products such as software against viruses and spyware; Internet security firewall, Acceleration Server, storage software; and Identity Integration Server.

Microsoft continues to expand its line of security products, especially products for malware protection. All company security products include Internet Security and Acceleration (ISA) server, which will be changed to the company's new Forefont brand name.

To get a graphical overview of current security products and about to be introduced, see the security overview below.

Security overview

Security and identity management Picture 16

Released in February 2007 and then following Microsoft estimates estimates
The black dot is the point in time to stop expanding support

For anti-virus and spyware products for clients scheduled for the first half of 2007, Forefront Client Security will be an integrated malware scanner for computers for virus, worm, trojan, adware and spyware issues. .It may not have OneCare consumer firewall, health checks or backup and restore features, but this product will support centralized configuration with Active Directory and Group Policy.Forefront Client Security will also support distributing malware signatures via Windows Server Update Services (WSUS).(The new Forefront name will apply to all Microsoft enterprise security products.)

Some products require Syrari's new version along with product releases in late 2006. In particular, Sybari Antigen e-mail antivirus products have been upgraded to support Exchange Server 2007, and Exchange Server 2007 will integrate Antigen Spam Manager's capabilities. SharePoint Antigen antivirus software has also been upgraded to support SharePoint Server 2007. A similar upgrade is due to the Antigen instant messaging (IM) product with the Communication Server IM and platform platform release in 2007.

ISA Server received an upgrade in October 2006. It is followed by a Forefront label product that is scheduled to ship in 2008 (no specific name yet) to support security and remote access as well as merge some new features of Windows Server Longhorn.

Malware software

Microsoft is expanding its products for protection against malicious software (malware), including viruses and spyware. For large organizations, Microsoft has planned or provided the following products:

- Forefront Client Security , formerly known as Client Protection, Forefront Client Security will be the most proprietary code scanning software for detecting and eliminating viruses, worms, Trojans, adware and spyware from computers and server operating system. It will support centralized configuration using Active Directory and Group Policy, distributing malware signatures via Windows Server Update Services (WSUS) and checking centralized reports. Recently, in beta, Forefront Client Security will be offered separately in a registered edition, but registration licenses are also part of Microsoft's new Enterprise license.

What's new in security and identity management?

Major developments in Microsoft's product line for security and identity management since September 2006 include:

- Forefront Security antivirus / antispam products are released for Exchange Server 2007 and SharePoint Server 2007; they are based on Antigen products that are still available for older Exchange and SharePoint versions.

- Identity Lifecycle Manager products are scheduled in mid 2007; it incorporates Identity Integration Server 2003 SP2 and digital certificate management technology obtained with Alacric in September 2005.

- ISA Server 2006 has been released, with many improvements for administering websites and supporting multiple authentication forms such as smart cards.

- Forefront Security servers (Antigen) . The product line of Forefront Security servers (originally named Antigen and received in July 2005 with Sybari software) protects Microsoft server applications against viruses and spam. Forefront Security for Exchange Server, released in November 2006, provides spam and virus protection for Exchange Server 2007. Similarly, Forefront Security for SharePoint, released in December 2006, provides protection against Virtual Server for SharePoint Server 2007 and Windows SharePoint Services (WSS) 3.0.

Customers, who subscribe to Forefront Security for Exchange Server or SharePoint, can downgrade their registrations to match the registration for the previous version, Antigen-labeled products, including products for Exchange. Server 2000 and 2003, Windows SMTP and SharePoint Portal Server 2001 and 2003 servers Antigen antivirus products for Instant Messaging are also being offered for Live Communications Server 2003 and 2005 as well as Symantec Instant Messaging (formerly IMLogic). Forefront Security servers for Communication Server 2007 will be available after it in 2007. (Antigen antivirus product for Domino has been blocked except for customers who have previously purchased it).

- Exchange Hosted Services . Obtained with the Front-Bridge in August 2005, this online service provides security and archiving services for email, including the ability to scan input notifications to check malicious code and store everything. both incoming and outgoing traffic can be restored when needed.

Like other software vendors, Microsoft also has a customer-specific line, which includes Windows Defender, the Windows Live OneCare PC service, and the free Malicious Software Removal Tool for detection and elimination. viruses, worms and trojans. These products only support very limited centralized configuration and management, making them most suitable for home users and small businesses.

Internet Security and Acceleration Server

Internet Security and Acceleration (ISA) Server has a dual role as a firewall to isolate corporate networks from the Internet, a cache to speed up Internet content viewing and reduce WAN bandwidth requirements. ISA Server is sold as a standalone product and passes OEM as a security device.

The latest version, ISA 2006, was released in October 2006 in both the Enterprise and Standard versions, incorporating many small changes to make it easier to administer tasks such as making SharePoint sites available. Ability to see on the Internet and manage Web Server systems. It also supports smart card and RSA card user authentication, improving server certificate management. With ISA Server 2006, firewalls do not need to be a domain member to authenticate users to Active Directory and achieve their membership in Active Directory security groups; It can use the Lightweight Directory Access Protocol (LDAP) to perform the same functions more safely. (LDAP has a smaller attack surface than the method that passes RPC calls between existing firewalls and domain controllers).

Note that ISA Server 2006 does not have DynaComm i: content filtering technology purchased from FutureSof in February 2006, and there is no Secure Sockets Layer (SSL) virtual private network technology available from Whale Communications in the year 2006. An upgrade to Whale products has been released to security vendors, Intelligent Application Gateway 2007, but it is not sold directly.

ISA Server 2006 will be followed by a Forefront security and access product (still unnamed), available in beta and expected to be released sometime in 2008. Designed To run on Windows Server Longhorn, this product will support network security, application access security, and secure connections for branch offices. It will have SSL, VPN and web application firewall functions (based on Whale's acquired technologies); URL filters based on DynaComm i: filter; and support for Microsoft antivirus solutions.

Previous ISA Server versions

This listing outlines the milestones that support each release's lifecycle as well as the initial release dates for each product and service pack history for recent versions of ISA Server.

Recent Service Pack version Timeline of termination time supports mainstream ISA Server 2000 SP1 Release History : February 18, 2002
Feature pack 1: 1/2003 April 11, 2006
Expand: April 12, 2011 Release: 2/2001 ISA Server 2004
Standard Edition SP2: January 31, 2006 October 13, 2009 Release: September 2004
SP1: March 11, 2005 ISA Server 2004
Enterprise Edition SP2: January 31, 2006, April 4, 2010 Released: March 2005

Identity Integration Server

Identity Integration Server helps organizations manage identity stores such as employee names, email addresses, and passwords, so that administrators can create or edit identity data, synchronize that data in in the entire archive, and get an entire view of identity information. The main script allows collaboration between Active Directory and other identifiable data repositories. The product will be renamed Identity Lifecycle Manager next year.

Overview of identity management

Security and identity management Picture 17

Released in February 2007 and then following Microsoft estimates estimates
The black dot is the point in time to stop expanding support

Identity Integration Server will be renamed and have certificate management features.The Identity Lifecycle Manager, which was intended to be released in mid-2007, provides a variety of Identity Integration Server upgrades and additional technology for administering user smart cards and technology-based digital certificates. obtained with Alacris in September 2005. However, this Alacris technology requires the purchase of registration licenses for all the certificates the user is receiving, even by customers who have software for Identity Integration Server.

A second release of Identity Lifecycle Manager after Windows Server Longhorn will introduce a self-service user interface for tasks such as password reset, authorization for administrator responsibility, and a workflow system to automate and enforce identity management principles as well as other improvements.

- Identity Integration Server 2003 . This version (released in August 2003) allows software developers to write custom extensions to identity databases and management agents, which allow The company can integrate additional sources of identification data and create business principles for processing that data. It also provides support for change logging, a Web-based password reset interface for administrators and tools for analyzing identity data. SP1 (released in November 2004) has introduced many features for password synchronization between identity repositories and management agents to synchronize identity data with IBM Directory Server and DB2. Identity Integration Feature Pack is also available as a free small episode. Major support for it will end around 2008 or later.

- Identity Lifecycle Manager 2007 . Scheduled for release in mid 2007, this product will consolidate Identity Integration Server. Identity Lifecycle Manager will also have additional smart cards and improved digital certificate management features from Alacris in September 2005. Identifying the Alacris idNexus product, Identity Lifecycle Manager will support processes. can be customized for tasks such as smart card issuance and withdrawal as well as certificates, issuing short-term smart cards. Self-service operations (eg users who require their own certificates) are also supported through the Web portal.

Identity Lifecycle Manager Server subscriptions will be provided free of charge to Identity Integration Services customers who have a Identity Integration Server warranty. The server's price will be lower: Identity Lifecycle Manager Server registrations will start selling at $ 15,000, $ 25,000 per Identity Integration Server processor. However, Identity Lifecycle Manager's certificate and smart card management feature require a license for all users to have their certificates issued and even software insurance customers still individual license certificates must be purchased for $ 25 (retail price in the US).

- Identity Lifecycle Manager 2 . Releasing Identity Lifecycle Manager 2 (currently unnamed) will be released following Windows Server Longhorn, probably in late 2008. It will provide many of the original features that Identity Integration Server plans for the future. code name Gemini, these features are like self-service for users (for example, support for password reset), with integration within Outlook and Windows login components that can help Users find and deploy features. Identity Lifecycle Manager 2 will have a new workflow system to define and enforce identity management policies and will have new reporting and verification features. This feature will help verify financial issues and security holes meticulously. Finally, this version will introduce the Web Services API to support customization for self-service Web applications (for example, applications that handle user requests for access issues).

Recent versions of Identity Integration Services

The table below outlines the timelines that support each release's lifecycle as well as the initial release times for each product and the history of service packs for Identity Integration Services previous versions. , the name was formerly known as Microsoft Metadirectory Services.

Recent Service Pack Version Timeline of mainstream support Release history Metadirectory Services 2.2 SP1: 1/7/2001 September 30, 2004
No extended support Release: 7 / 2000Identity Integration Server 2003SP1: 10/1/2005 14/10/2008 Released: September 2003