Microsoft's Security Play

2:15 PM -- Did you know Microsoft sells a network firewall? The ISA Server, really more of a proxy for Exchange servers, has been around since the late 1990s. Yet, the software giant's entry into that market didn't wipe out the market -- Check Point, Cisco, and Juniper/Netscreen are just fine, thank you.

So why are security vendors like McAfee and Symantec worried about Microsoft's entry into their markets? They have no choice. When an 800-pound linebacker like Microsoft plows its way onto a field such as host-based security, the existing players understandably get nervous and defensive. With its obvious brand recognition and desktop dominance, Microsoft could wipe out their market share. If they sit back and wait, they're toast.

No one doubts Microsoft is dead serious about becoming a player in security. It's offering the key tools with Forefront, and Vista offers more OS security than ever, although some of Microsoft's competitors say it went too far with its restricted access to the kernel. Some vendors are even welcoming Microsoft onto the team because its presence gives security some much-needed mainstream PR, especially with home PCs increasingly falling prey to botnets and other malware.

The real question, though, is what should you, the enterprise IT pro, do? You're probably in the process of mapping out your eventual upgrade to Vista (and Longhorn), and weighing your options in how you'll secure your desktops and servers into the future. If you decide to entrust your host security to Microsoft, you're probably wondering what you'll have to give up. What are the risks, especially when many of Microsoft's initial security features are a year or two behind other vendors'? Where will you need to fill in with third-party tools? And just how many of those third parties will escape Microsoft's big foot in the market?

We've been pondering these questions, too, and over the next few weeks we'll be addressing them with a series of articles on Microsoft's security play. We launched the first installment on Monday, where we explored what happens if Microsoft's upcoming Vista and Forefront security products don't support your legacy Microsoft and legacy non-Microsoft apps. (See The Vista-Forefront Security Two-Step.)

In coming weeks, we'll also take a look at what hackers think about Microsoft's security technology and strategy, and what new and undiscovered vulnerabilities and exploits they might be working on. Has Microsoft truly raised the bar for hackers?

Meanwhile, Microsoft's ISA Server today enjoys a tidy niche proxy market and eventually may become an SSL VPN product, Microsoft watchers say. In that case, at least, the software giant didn't wipe out the market just by entering it. Over the next few weeks, we'll offer some insight on whether Microsoft will "own" the host-based security business -- or end up on the back burner.

— Kelly Jackson Higgins, Senior Editor, Dark Reading