Keeping PCs Safe on the Internet

PC Security Journal

Subscribe to PC Security Journal: eMailAlertsEmail Alerts newslettersWeekly Newsletters
Get PC Security Journal: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

PC Security Journal Authors: RealWire News Distribution, Denise Dubie, Lacey Thoms, Bob Gourley, Michael Bushong

Related Topics: PC Security Journal, SOA Best Practices Digest, Software Testing Journal, Microservices Journal


The Case For 3rd Party Software

3rd-party solutions are not going away, they’re a valid and vital part of a robust Microsoft infrastructure

If I had to classify the questions I get on a routine basis, among the first in the list would be “Why should I buy software for reason X when Microsoft has built it in free. X could be anything from firewall software for desktops through availability tools for SQL Server. It’s absolutely true that Microsoft builds a ton of great tools into their products these days, but that doesn’t mean you should rule out the need for 3rd-party solutions, and here’s why.

Let’s take the case of anti-virus as an example. Windows 7 – Microsoft’s upcoming desktop OS platform – will not have a built-in anti-virus solution. However, Morro will be released by Microsoft as a no-cost anti-malware (anti-virus, anti-spyware, etc) that will be available free of charge. So, why are other players in the Windows anti-malware area still in business? First things first, not everyone will meet the minimum requirements for Morro. As things stand, support for XP may be non-existent. That means that at least for the short term, users on older versions of the OS will need a 3rd party tool.

Next up, Morro will most likely provide adequate protection for many home users, but will be unlikely to offer the levels of customization that power users demand. Since higher levels of customization usually lead to less user-friendliness, allowing the system to be configured more and more will lead to fewer users who get it right. This leads to fewer users properly protecting themselves, and more successful attacks. To reach the broadest audience, Morro will have to be simple to use, and for a lot of people that means that it will not be flexible enough to be tweaked the way they need.

Finally, Morro is designed for the home-user market. In the corporate world, anti-malware is firmly in the hands of non-free products. ForeFront Client Security from Microsoft is not free – so even the native solution will require some budget.

Now, on the flipside, take a look at anti-malware products from Avira, Symantec, Panda and McAfee (just to name 4 of literally dozens of players). Each of them offers a basic product that will feel a bite from Morro, but they also offer a more extensive product line. They offer systems that can provide spot protection where Morro may not meet the security needs of some users. They also offer configurability that would amaze most folks, allowing experienced professionals to fine-tune the system to allow hardware and software communication that Morro will most likely block – or at least make difficult.

The theory extends from desktop solutions to server platforms as well. Exchange 2010 will ship with basic automated High Availability. Database Availability Groups will give administrators the power to have duplicate copies of databases on other Exchange servers – which would lead one to question the continued need for backup and recovery products. The problem is flexibility. While DAG solutions will no doubt handle basic availability concerns, they will be bound to the configuration options provided by the basic “right-out-of-the-box” solution set. If the organization needs to extend beyond those features, they’ll need 3rd party software to make it happen.

There is also the question of complexity. While the DAG system is free, experienced Exchange Engineers are not. So many firms may not be able to afford the expertise required to manage the systems which come at no charge with the software. 3rd-party providers, who have spent years developing automation and wizard-based systems, can come in handy in those cases.

Finally, the built-in solutions are not designed for backup and restoration. Microsoft has been quite clear on that, and has created their own not-free solutions to provide that functionality set. For a complete solution to data protection and availability, you’re going to have to look outside of the built-in tools. For those who are looking for proof, consider that the Windows Server Backup tool in Windows Server 2008 will not back up an Exchange 2007 database at all.

To their credit, Microsoft has worked very hard to make sure that extended solutions can be found. They have created flexible platforms like Data Protection Manager and Systems Center Operations Manager that can work with 3rd-party tools to give you the complete solution you need. They’ve also created a robust and wide-reaching partnership program that lets their end-users find such 3rd-party solutions easily. While they, understandably, recommend starting off with the built-in solutions; they do not discourage additional options when they’re needed.

So, 3rd-party solutions are not going away. They’re a valid and vital part of a robust Microsoft infrastructure. Even as Microsoft brings more of these types of tools into the OS and other platforms, there will always be cases where the free tools just don’t offer what your organization needs, and therefore always a place for 3rd-party system to fill the void. That’s why Microsoft continues to offer a wide range of partnerships to 3rd-party providers, and why those providers continue to make new and better tools to augment built-in solutions.

More Stories By Mike Talon

Mike Talon is a technology professional living and working in New York City. Having worked for companies from individual consult firms through Fortune 500 organizations, he’s had the opportunity to design systems from all over the technological spectrum. This has included day-to-day systems solutions engineering through advanced Disaster Recovery and Business Continuity Planning work. Currently a Subject Matter Expert in Microsoft Exchange technologies for Double-Take Software, Mike is constantly learning to live life well in these very interesting times.