- 15 Non-Certified IT Skills Growing in Demand
- How 19 Tech Titans Target Healthcare
- Twitter Suffering From Growing Pains (and Facebook Comparisons)
- Agile Comes to Data Integration
Network World - The recently released beta 2 version of Microsoft's Longhorn is not yet feature-complete, but encouraging work has been done in the areas of security, management and the underlying technology.
The key ingredients still missing are the Hypervisor virtual machine application, necessary search optimization features and advanced clustering services.
Microsoft says it will release Longhorn in a variety of server editions late next year after it gets its new client operating system - Windows Vista - out the door. (See timeline, below, and Windows Vista Beta 2 test.)
In this Clear Choice test, we looked at how the Longhorn Beta 2 code changes Windows servers' overall network security, administration and client-side accessibility. Overall, we found that many of the upgrade changes should be relatively painless, with a few potentially harrowing exceptions in the area of security realignment.
Perhaps the biggest change is the removal of aged code that supports Windows NT LAN Manager network-security methods. These methods were grandfathered into Windows 2000 Server and have been the crux of numerous security patches since.
The Longhorn beta 2 code signifies a move toward a platform where security providers use an application plug-in approach in which a modular security provisioning system serves as the anchor. This change correlates to the elimination of the GINA authentication API set from Windows Vista beta releases.
This combination of client and server-side security alterations may require those using third-party sign-on mechanisms to rethink their authentication schemes or wait for vendor plug-in modules to arrive before upgrading to this next-generation server software. Because no third-party tools are available, we had only Microsoft's Windows (XP and Vista Beta) clients against which to test these new security parameters.
Longhorn implements a hierarchical security scheme similar to Unix operating systems. Core system functions such as printing are now given role-based system accessibility similar to the Unix system user "wheel" in BSD and Linux - a condition that gives users or application software diminished capacity to infect or manipulate processes running in the server. If users lack the administrative password for their machines, the hierarchical authentication system should prevent many types of viruses and Trojans that need privileged-user status to install.
We tested a common virus and Trojans courtesy of BitDefender against Longhorn. The operating system asked for administrative passwords before letting them run or refused to install them at all.
It's not a perfect implementation, as it's unable to recognize the difference between "legitimate" and "evil" applications, instead barring installation based on behavior and user permissions. Users can still blithely offer a password, thinking that an installation is legitimate. However, it is a vast improvement over how previous Windows Server editions handed over seemingly easy access to "root" privilege.