Stirling Beta 2 Unveiled for Enterprise Security

• By Jabulani Leffall
• 04/20/09

Microsoft on Thursday announced the beta 2 release of "Stirling," which is the code name for an integrated suite of enterprise security solutions based on the company's Forefront products. The beta can be accessed at Microsoft's TechNet site here.

The actual planned release of the Stirling product was delayed by Redmond until at least the first half of 2010, according to the Forefront team.

In addition to the Stirling beta, Microsoft announced a new marketing concept for enterprise security called "business ready security." The concept has three parts, according to Douglas Leland, general manager of Microsoft's Identity and Security Business Group, in a Microsoft-published Q&A. It entails system-wide data and identity security. Next there is simplified compliance management. The last part concerns extending interoperability with non-Windows systems.

Figuring prominently in the business ready security concept is Microsoft's user access technology, code-named "Geneva," according to Leland. Formerly known as "Zermatt," Geneva is an identity-management technology that Microsoft first unveiled in October.

Leland also touted the security development lifecycle methodology used to create Microsoft's software products as part of Redmond's overall enterprise security push.

On top of the Stirling announcement, Microsoft also launched Forefront Online Security for Exchange on Thursday. Leland described it as "the first of our Forefront Online services" being rolled out.

Microsoft has scheduled part of the Stirling suite to appear in the fourth quarter of 2009. Those products will include "Forefront Server Security for Exchange and Threat Management Gateway (the next generation of ISA Server)," according to the Forefront team. Other parts of the suite, such as the management console and client security, have been pushed to the first half of 2010.

The overall delay for Stirling may have been caused, in part, by the sheer scale of the project, according to Don Retallack, research vice president for systems management and security at Directions on Microsoft.

"[Stirling] is an ambitious project that is supposed to be something that's going to tie client as well as server security together and allow them to compete with the top dogs in the antivirus game -- the Symantec's and the MacAfee's, who obviously aren't on that list of third-party collaborators," Retallack said.

Microsoft's current third-party collaborators include RSA, Juniper Networks, Brocade, Kaspersky, TippingPoint, Imperva, StillSecure, Q1 Labs, Guardium and Sourcefire. Those vendors are supporting a "security assessment sharing" feature in Stirling. Security assessment sharing captures data from third-party applications through the Forefront management console.

The whole third-party question, Retallack said, could have been one of the reasons for Stirling's delay, along with user concerns about local control of Microsoft's "real-time dynamic response" for security updates.