|
Unwrap Windows Server 2008, the first server revision under Trustworthy Computing. Microsoft promises it is secure by design, default and deployment.
Six years into Microsoft's Trustworthy Computing initiative, Windows Server 2008 (aka Longhorn) reflects Redmond's "three D" promise to deliver products that are secure by design, secure by default and secure in deployment.
"There's no doubt about it; this is the first full Windows Server revision [under Trust- worthy Computing]," says Rand Morimoto, CEO and principal consultant for Oakland-based Convergent Computing, which has been piloting Windows Server 2008 internally and for customers. "When they came out with Windows Server 2003, it had already been half baked before Trustworthy Computing began. Windows Server 2008 is built from scratch--the server core has a lot of security built in."
The verdict on the inherent security of Server 2008's code will be rendered in the number and severity of vulnerabilities that come to light in the months and years following its release (manufacturing release is scheduled for Feb. 27). Microsoft trumpets security as the primary design consideration for Windows Server 2008, the product of its security development lifecycle process (SDL). It retrained its development staff on how to write secure code and created threat models, performing extensive security testing against each model. These efforts should go a long way toward reducing flaws that can be exploited; for example, you won't have to worry about things like buffer overflow attacks against your Windows Server 2008 systems.
Is that sufficient reason to upgrade? Perhaps, but in addition to changes in the code itself, Windows Server 2008 provides many new data and network protection features and enhancements that allow you to more easily respond to new security compliance requirements. We'll focus on what Microsoft has done under the hood, as well as a few of the features that secure your directory services, data and network environments.
|
