The recently released Beta 2 version of Microsoft's Longhorn is not yet feature-complete, but encouraging work has been done in the areas of security, management and the underlying technology.
The key ingredients still missing are the Hypervisor virtual machine application, necessary search optimization features and advanced clustering services.
Microsoft says it will release Longhorn in a variety of server editions late next year after it gets its new client operating system - Windows Vista - out the door. (See timeline, below, and Windows Vista Beta 2 test.)
In this Clear Choice test, we looked at how the Longhorn Beta 2 code changes Windows servers' overall network security, administration and client-side accessibility. Overall, we found that many of the upgrade changes should be relatively painless, with a few potentially harrowing exceptions in the area of security realignment.
Perhaps the biggest change is the removal of aged code that supports Windows NT LAN Manager network-security methods. These methods were grandfathered into Windows 2000 Server and have been the crux of numerous security patches since.
The Longhorn beta 2 code signifies a move toward a platform where security providers use an application plug-in approach in which a modular security provisioning system serves as the anchor. This change correlates to the elimination of the GINA authentication API set from Windows Vista beta releases.
This combination of client and server-side security alterations may require those using third-party sign-on mechanisms to rethink their authentication schemes or wait for vendor plug-in modules to arrive before upgrading to this next-generation server software. Because no third-party tools are available, we had only Microsoft's Windows (XP and Vista Beta) clients against which to test these new security parameters.
Longhorn implements a hierarchical security scheme similar to Unix operating systems. Core system functions such as printing are now given role-based system accessibility similar to the Unix system user "wheel" in BSD and Linux - a condition that gives users or application software diminished capacity to infect or manipulate processes running in the server. If users lack the administrative password for their machines, the hierarchical authentication system should prevent many types of viruses and Trojans that need privileged-user status to install.
We tested a common virus and Trojans courtesy of BitDefender against Longhorn. The operating system asked for administrative passwords before letting them run or refused to install them at all.
It's not a perfect implementation, as it's unable to recognize the difference between "legitimate" and "evil" applications, instead barring installation based on behavior and user permissions. Users can still blithely offer a password, thinking that an installation is legitimate. However, it is a vast improvement over how previous Windows Server editions handed over seemingly easy access to "root" privilege.
Longhorn also can prevent hardware devices from being installed ad hoc, reducing the risk associated with data theft or blocking alternate undesired network paths. A group-policy method allows groups, users or specific computers to be prevented from installing drivers needed to use all or specific devices. With this condition in place, hardware such as USB flash drives, wireless network cards or external CD/DVD drives are denied access to the Longhorn operating system. You can plug in a device, but the operating system prevents the installation, citing policy violation.
Under Longhorn's optional Network Access Protection methodology, from the moment a device appears on a network the client is measured against an entire scheme of access control tests. If the client fails any of these, it's quarantined or prevented from authenticating to the network.
In Longhorn, a Network Policy Server is coupled with a built-in DHCP server. A Windows XP or Vista client, upon receiving an address, is asked to send system health information in the form of certificates to the server. The certificates give information about various states of the client machine. For example, they advise the server that the machine has up-to-date virus definitions or was booted with mandated files. These certificates are then weighed against a policy decision tree defined in the Longhorn server and granted the appropriate degree of network accessibility.
If a machine/user combination fails the certificate test, administrators can define whether they are confined to a remediation virtual LAN (VLAN), where Web pages direct users to resources needed to be accessed (such as downloading the latest virus definitions mandated), or detained in a "corralled" network space until a reauthentication can be made.
Other interesting changes
Longhorn has an entirely new TCP/IP stack that manages IPv4 and IPv6 services equally. We tested IPv6 support, and it works well, allowing full DNS and name resolution services as well as forward/backward conversion for existing IPv4 networks. Administration was simple, and dual IPv4/IPv6 traffic was handled equally well under moderate stress.
Managing Longhorn has become easier via Service Manager, an application that unites the jumble of administrative tools found in Win 2000 and 2003 Server editions. Comparable in functionality to open source-based LinuxConf and Yast2, Service Manager installs, removes and reports on server applications, and checks dependencies of other resources and services when adding, removing or changing what Microsoft calls roles. Server configuration has never been easier.
Terminal services also have been vastly improved and can be connected via a Remote Procedure Call or by an https:// page. It's then possible to log on to one's desktop or any of those provided by a terminal services server. We tested the updated terminal services via the Terminal Services Gateway, which authenticated us as users through the firewall and then linked us to a Remote Desktop Protocol services session. The session responsiveness of applications used under Terminal Services was very speedy and startlingly easy to configure compared with prior versions we've tested. Even USB devices are supported (or as defined by policy - not supported) so that local hardware resources can be virtualized into the Terminal Services session.
We tested the Longhorn build on 32- and 64-bit servers and noted that in our minimalist configurations, we couldn't discern any real performance difference between the two. They were both slow, and we fully acknowledge that this is beta code and did not formally benchmark it. Help files are missing or are sparse. We found numerous instabilities for which we could not find answers.
However, with all that said, in the enormous amount of rewritten, revised and replaced code in Longhorn Beta 2, we found hope in what will be the next generation of Windows Server.
Henderson is managing director and Szenes is a security researcher at ExtremeLabs. Henderson can be reached at firstname.lastname@example.org.
Henderson and Szenes are also members of the Network World Lab Alliance, a cooperative of the premier reviewers in the network industry, each bringing to bear years of practical experience on every review. For more Lab Alliance information, including what it takes to become a member, go to www.networkworld.com/alliance.
Learn more about this topicMicrosoft to let users lead Longhorn forward
05/29/06Microsoft releases Vista, Longhorn, Office betas
05/23/06Longhorn beta will have near-complete Indigo