News

Quarantining Part of Windows Server 2003 'R2' Fleshed Out

• By Scott Bekker
• July 13, 2004

The R2 release is supposed to roll together feature pack components of Windows such as Windows SharePoint Services on top of the code-base of the as-yet-unreleased Windows Server 2003 Service Pack 1. At its annual TechEd conference in May, Microsoft began talking about additional features coming in R2 -- among them quarantining functionality.

Microsoft executives used the Worldwide Partner Conference in Toronto this week to discuss additional details of the quarantining functionality in R2. "IT administrators have told us that managing user access to their corporate resources in a safe and secure manner is a major concern," said Mike Nash, corporate vice president of the Microsoft Security Business and Technology Unit.

Quarantining is a way to address the problem of mobile and remote users introducing viruses, worms, trojans and other malware to the corporate network when they reconnect after potentially infecting their systems outside the network. The idea is to force the user to log in to a restricted area, where the system is scanned, virus signatures are updated and patches are applied. Microsoft has obtained similar results with an API for Windows Server 2003 and provides some capabilities in Internet Security & Acceleration Server 2004, which became generally available on Tuesday.

But the company is positioning quarantining as ready for prime time in R2. The formal name is now Network Access Protection. It will consist of three distinct functionalities.

Network policy validation will determine whether a client machine is compliant with the IT department's policies at the point of network entry.

Network restriction will quarantine non-compliant machines in a restricted network that offers updates and security utilities and also allows "guest access" rights to the network.

Network policy compliance functionality in Network Access Protection will give the IT administrator tools to bring non-compliant computers into compliance.

Microsoft signed up 25 partners who are vowing to extend Network Access Protection to their current or future products. They include client security companies such as CA and Symantec, networking vendors such as Extreme Networks and Juniper Networks and several major systems integrators.

The most interested group appears to be the management and patch management vendors, who scrambled Tuesday to declare their dedication to the technology in news releases. Participating vendors in that space include Altiris, BigFix, BindView, Citrix, HP, LANDesk Software, Microsoft's own Systems Management Server unit, Pedestal Software and Shavlik.