Check out mdbg.
Ever have one of those situations where you need to debug a .NET application on a machine that doesn’t have Visual Studio installed? I stumbled across mdbg this week and couldn’t believe how lucky I was.
Computer security can be a scary thing. If you just have a quick question, feel free to drop Dan a line.
Read it here, from Micrsoft’s own Windows Security team. Prominently mentioned are three technology and feature areas where JW Secure has considerable integration experience:
Leading up to the RSA security conference, which started yesterday in San Francisco, Microsoft has gradually been exposing its new security marketing strategy to the world. The new strategy is called Business Ready Security (that’s the best introductory link I’ve found so far).
There’s no question in my mind that Microsoft has an unrealized opportunity when it comes to end-to-end security and stealing security and compliance market share from CA, EMC, and Symantec. How will Microsoft start to capitalize on that opportunity? First, by integrating with its main enterprise asset – Active Directory.
All of the scenarios here – endpoint security, email security, network compliance and health, identity management, strong authentication, etc – can and should be managed via Active Directory. It should be the go-to repository for identity and authorization information, and it should be the go-to repository for management and configuration. This is the first key for achieving interoperability across product lines, and for driving down IT deployment and lifecycle costs, which is something that many customers have been complaining that the existing players in the security market (e.g. CA and Symantec) haven’t been doing well. Tight integration with AD for products coming out of Microsoft should just be a no-brainer; if customers don’t have AD installed, make ’em get it first.
However, there’s a second aspect of AD integration that’s less obvious and that even Microsoft has been getting wrong. It’s one thing to have a single repository for identity and policy information; it’s another thing to have a consistent interface look-and-feel – call it the IT user experience – across every product and tool, for managing that information.
What do IT people think of when they want to manage AD? An MMC snap-in! It’s not always pretty, but it’s what everyone has been trained to use. But look at the management interface for Forefront 1.0. Or for Identity Lifecycle Manager. Those management interfaces are web-based. That’s not a problem in and of itself, nor is the root problem even that not every product uses MMC for management. The problem is that not every product has a consistent management interface.
The customers I’ve spoken with regarding the end-point security market, for example, expect all of the top-tier vendors to pretty much have feature parity. The differentiation is in how easy the product is to deploy and manage.
Along with tight AD integration, a consistent management UX is Microsoft’s best competitive tool in the security market. Don’t make the IT guy learn a new interface for every (or any) product. And if you’re not going to use MMC, consider that you have a huge installed base of those snap-ins already, plus legions of IT people to re-train.
Ok, so, integration with AD is one thing. What’s the second step? It’s a no-brainer: you have to actually ship the new security products – get them developed and ready for the market – and that just hasn’t been happening quickly enough.
When I was staffing the Forefront booth at TechEd last year, several attendees came up to me who had never heard of that brand (i.e. Forefront). When I told them what it is and what it does, a frequent response was, “Oh right – we looked at that, but it’s not yet on par with eTrust,” or etc. Their next question: when is the next version of Forefront shipping so we can take another look? Answer: we don’t know.
Big companies tend to move slowly – they have a lot to lose, lots of cogs to turn – that’s just the nature of the beast. But Microsoft would pose a bigger, more immediate threat to the aforementioned existing competitors in this space if it could turn the “get the products out the door” crank more quickly. Forefront Stirling and Identity Lifecycle Manager 2 both should have shipped last year. If that had happened, the new Business Ready Security realignment would have momentum behind it, along with real credibility, and the buzz would directly influence purchasing decisions. Competitors would be running scared.
Thus, I conclude that there’s huge potential for Microsoft here, but they’ve put the cart before the horse. First step: give the products a consistent management experience. Second step: ship them. Third step: spin up the re-energizing marketing campaign. Fourth step: count the truckloads of money.
See the Cloud Backup project site on CodePlex. There’s a link to the developer specification document on the “Home” page. That doc has a down & dirty Win32-based GUI mock-up that was done using Visio, along with two pretty Expression/WPF-based mock-ups that created from that. Feedback is welcome on that GUI – we expect to start writing the code next week.
For developers writing applications for, or porting applications to, Windows Mobile – be sure to install the Security Configuration Manager from the tools\security subdirectory of the WM SDK (under Program Files).
It’s a Win32 application that connects to a docked phone and allows you to manage security-related settings such as RAPI policy and trusted certificates.
Regarding the latter – trusted certificates – don’t be surprised, as I was, when your expensive VeriSign codesigning certificate isn’t trusted on WM. Check out the Mobile2Market program to understand why (not saying I agree with it, but there it is).
Check out the upcoming Tech Days 24-hour virtual event, sponsored by Microsoft. It’s a one-day marathon of technology presentations and demos, all via LiveMeeting (i.e., online). And it’s free! Should be interesting.
I submitted a demo proposal for our Biometrics Approval Workflow project, although I think I may have missed the deadline. We’ll see …
Check out the upcoming Tech Days 24-hour virtual event, sponsored by Microsoft. It’s a one-day marathon of technology presentations and demos, all via LiveMeeting (i.e., online). And it’s free! Should be interesting.I submitted a demo proposal for our Biometrics Approval Workflow project, although I think I may have missed the deadline. We’ll see …