Tip

How do Microsoft's security tools stack up?

For a long time, the running joke has been that "Windows" and "security" didn't belong in the same sentence. Thankfully, this has started to change, and Microsoft is not only beginning to create and include more aggressive defenses within Windows itself, but it's also drawing attention to existing products that handle security. Here are three of the company's major security product categories, with insights into what each has to offer. I've also included a competing non-Microsoft product.

Desktop firewalls

One of the most obvious points of comparison is how the Windows Firewall, the firewall software that is now an integral part of both Windows XP and Windows Server 2003, stacks up against third-party firewalls. The fact that it ships with Windows means it's that much easier to enable, and its protection is very tightly integrated into the operating system. Instead of merely blocking or allowing ports, you can configure it to work per-application and per-interface. Plus, it supports both inbound and outbound filtering. Lastly, because it's a standard Windows component, it can be

Requires Free Membership to View

passively configured through an .INF file at install time.

That said, the program's flexibility is limited. Per-interface configurations can only work by port, not application (unless a given interface only supplies a specific range of network addresses), and there's no way to assign specific firewall configurations to individual users or to specific time slots. It isn't hard to find a more powerful desktop firewall for Windows -- Zone Labs LLC's ZoneAlarm, for instance, is a highly regarded suite with a free trial version and many companion products -- but for immediate, interim protection, Windows Firewall will work as a stopgap.

ISA Server vs. third-party firewalls

ISA Server is one of Microsoft's products that holds its own very favorably against third-party offerings. This isn't just because of tight integration with Windows Server and Windows environments in general (since it is, after all, a Microsoft product), but it has other key features as well. For one, ISA Server operates both as a firewall and as a number of other products such as a VPN server. Second, ISA Server, being a software product, has one advantage over hardware firewalls: It's far easier to try out before you commit to a purchasing decision.

The downside with ISA Server, for many people, is the price tag: It may be more than most people might need at $6,000 per processor. It may also be utter overkill -- maybe it has more features than you really plan to use. If you don't need something at ISA Server's level or scope of protection, you can certainly consider a less robust product. But, if you've obtained ISA Server through, for instance, a Small Business Server Premium Edition license, then it doesn't hurt to try making use of it and seeing if it's a fit for your work. (A free 120-day trial version is available for those who want to try it hands-on in a relatively unrestricted way.)

Antispyware

The most recent addition to Microsoft's security products, a desktop antispyware product named (appropriately enough) Windows AntiSpyware, has quickly shaped up to be a fine contender for many of the commercial and freeware antispyware products out there. The application's still in beta, but it already has the polish and finesse of a finished product. If you're reluctant to use a beta product in any form, you can try it out provisionally or work with one of its proven competitors such as Spybot Search & Destroy or Lavasoft's Ad-Aware.

In addition to scanning for threats, AntiSpyware's advanced features match what's available in many of its competitors. It can restore spyware-crippled installations of Internet Explorer to their factory settings, it provides real-time protection against various threats and it can report back information about detected potential problems to Microsoft for further analysis (which you can always opt out of). It also has a "System Explorers" section that lets you spelunk many of the common areas infested by spyware -- IE's Browser Helper Objects, or the Windows HOSTS file.

Conclusion

As expected, Microsoft security products' ability to integrate distinguishes them from their third-party competitors. In some situations, administrators may look to third-party solutions to increase functionality and reduce cost, but some Microsoft products, particularly antispyware, compare favorably to competitors.

About the author:Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators -- and please share your thoughts as well!


This was first published in January 2006

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.