Microsoft Corp.'s latest operating system, Windows 2000, goes far beyond incremental improvements over Windows NT. Aimed toward high-end computing emphasizing reliability, scalability, and cost benefits compared to other OSes, this business platform offers a variety of security features under "one roof."
Windows 2000 leverages those security features available in Windows NT by adding several features enhanced by its new Active Directory (AD) service. Founded on public-key cryptography, this OS includes the Kerberos version 5 authentication protocol for network authentication, public-key certificates for authentication, secure sockets layer (SSL) 3.0 secure channels, and data integrity and privacy standard protocols through CryptoAPI for public networks. Also included is a smart card log-on interface; IP security protocol (IPSec) authentication, data integrity, and encryption; and a certificate services module for creating a certification authority to manage the public-key infrastructure. The catch? Plan to spend time on corporate security planning, to invest in Windows 2000 training to deal with components such as Active Directory, and to dedicate resources to create detailed parameter settings validating many security-related features. To Microsoft's credit, it postponed launching Windows 2000 for over 18 months to avoid delivering bugs--a common abnormality bewailed by most IT managers. (Rumor had it that over 63,000 bugs were found in the beta versions.) This time around, the company took the heat and invested more resources and time to avoid many of the installation and operational problems apparent in most new software. The same investments were made in the OS's security components.
- Expect new security holes continually. Hey, it's a dark world out there filled with folks looking for a thrill (i.e., if they don't have a life, online action looks GOOD). In other words, don't expect to install security controls and then forget updates until the next version.
- It's not just software that creates superior e-security; administrators and staff make the difference.
- Expect additional security flexibility and complexity in future versions and plan for resources to keep current on threat protections.
- Don't expect Microsoft to solve security threats before they arise; unfortunately it's a reactive world. While Microsoft is known for dragging its feet with known problems, Internet-related software security threats have convinced the company to increase security center staff (http://www.microsoft.com/security/default.asp) to handle the burgeoning flow of online break-ins.
- Prepare a realistic and detailed computer, networking, and communications security plan that can AND WILL be implemented.
- Expect loss risk to increase dramatically with e-commerce.
Windows 2000 Server's Active Directory component creates a "domain administrator," who assigns system rights to other administrators and users, thus restricting or enabling network access to various resources. AD facilitates management of network components, including network and system devices, applications, and users.As a network object database, AD is a focal point for centralized administation, but it's also a key component for software programmers to consider in the development cycle. Systems administrators can perform such tasks as remotely installing Windows 2000 Professional on clients, and the IntelliMirror feature allows users to access their data, settings, and applications on different machines. A word of caution: Systems administrators tasked with security MUST be trained on AD for effective implementation. Detailed security planning is mandatory to develop effective security, even with AD training. While AD does not create security mechanisms per se, it is the central authority to establish, maintain, and modify security parameters. In other words, AD enables a far more efficient and integrated security system. While user authentication has been overhauled in Windows 2000 through AD, both server versions continue to support Windows NT LAN Manager authentication protocol for legacy clients. With Kerberos 5 authentication protocol support, which is designed to enable two parties to exchange private information across an open network by assigning a unique key/ticket to each user that logs into the network, tickets embedded in messages identify the sender of the message. An unfortunate weakness in this approach is use of a time stamp encrypted with a hash of the user's password, normally a poor selection considering the short and easily remembered passwords normally chosen by users. Thankfully, Windows 2000 can enforce more challenging passwords. Its protocol offers single sign-on across systems, including non-Windows 2000 servers (assuming Kerberos 5 installations or trusted certificate authorities). The system can mitigate this weakness by either assigning random passwords or denying simple, user-based entry codes. Microsoft Windows 2000 offers a wide range of security features. The learning curve and knowledge maintenance requirements, however, are substantial. Still, it offers organizations the ability to greatly improve online security. // Dr. Martin Goslar Ph.D. is principal analyst and managing partner of E-PHD.COM, an e-security analysis and intelligence firm. He is on the editorial board of the International Journal of Electronic Commerce and can be reached at Comments@E-PHD.COM.