STPP lets enterprises build a stronger wall against intruders

Microsoft products are the choice targets of many security attacks, and the prevalence of Microsoft products in corporate IT environments means that system security is of utmost importance to every enterprise. Through its Strategic Technology Protection Program (STPP), Microsoft has committed to help enterprises attain a higher level of security.

Microsoft's two-phase intent with STPP is to help customers secure their systems, then help them keep their systems secure. Microsoft immediately delivered on STPP's first phase by offering free virus-related telephone support (866-727-2338) and distributing the Microsoft Security Toolkit on CD-ROM and through download from Microsoft's Web site. To help customers keep their systems secure, Microsoft plans to conduct security-related training events and make security updates for products more manageable.

STPP can help systems administrators stay on top of security concerns. I installed the Security Toolkit CD-ROM provided with the Windows & .NET Magazine Lab's TechNet subscription on some supporting servers in the Lab to test the processes and tools available through STPP. I found that the toolkit will help organizations keep their data secure. The toolkit accurately identified and appropriately updated system components. The commonly executed fixes for the servers in the Lab's environment included the Microsoft Internet Information Services (IIS) 5.0 Security Update and Windows Media Player update from the Microsoft article "Windows Media Player .ASF Processor Contains Unchecked Buffer" (http://support.microsoft.com/default.aspx?scid=kb;en-us;q308567). The toolkit executed the IIS Lockdown Wizard and installed the Windows 2000 Critical Update Notification utility.

Critical Update Notification automatically checks for the availability of updates to your OS and lets you install them. Administrators face constant challenges in balancing daily tasks with the need to be proactive about security. For this reason, automating security updates makes a lot of sense. Critical Update Notification is the Security Toolkit's most compelling component because of the relatively hands-off manageability it affords.

Microsoft recommends that you install the Security Toolkit on every desktop and server in your enterprise. Although the toolkit is deployment-friendly, it still requires that you manage security from each server and desktop in your enterprise. A centralized distribution and control model would best serve management of security patches and update mechanisms.

Due in second quarter 2002 (but unavailable when I wrote this column) is Windows Update Corporate Edition, a new component of STPP that will leverage Active Directory (AD)—based networks to provide easier update management. This new solution lets an organization create an intranet-hosted Windows Update server that can synchronize its contents with information on Microsoft's public Windows Update service. Administrators control which updates download to the intranet server and which computers can download individual updates from the intranet server. In AD environments, the rules governing client behavior will be based on Group Policy; in non-AD environments, rules will depend on registry settings.

STPP shows that Microsoft is addressing the security of its OSs. I'll continue using Critical Update Notification on Internet-connected systems in the Lab, but I look forward to the administrative relief in Windows Update Corporate Edition.