Norton Secures the Perimeter
With Microsoft quietly slipping into their backyard, security vendors may be caught in a prisoner's dilemma: making rational decisions in anticipation of Microsoft's next move. Symantec has released a beta of its upcoming consumer antivirus solution, Norton AntiVirus 2005 (NAV), that incorporates what Symantec has dubbed "Internet Worm Protection". While worms are a growing menace, there is a catch; Norton's Internet Worm Protection component suggests that users disable Windows XP's Windows Firewall.
A Symantec spokesperson told BetaNews that the feature (Internet Worm Protection) is not a firewall, and that it has added this functionality to provide users with an extra layer of protection against what it deems, "one of the most prevalent threats on the Internet."
"A true firewall solution includes both inbound and outbound protection as well as intrusion detection technology," said the spokesperson. "Users need all three forms of protection, antivirus, firewall and intrusion detection, in order to be adequately protected from the full range of today's Internet security threats. For the vast majority of users, Symantec's Norton Internet Security should be the product of choice to safeguard their computer systems."
Despite Symantec's claims, product documentation reveals that NAV monitors incoming IP traffic, the behavior of outgoing network traffic, and searches for and responds to malicious network traffic. Furthermore, Symantec has stated that the Internet Worm Protection found in NAV 2005, "functions similarly to the Windows Firewall found in Service Pack 2."
While users can run both Windows Firewall and NAV simultaneously, Symantec recommends disabling Windows security features to avoid experiencing a noticeable degradation in performance.
With Windows Firewall, Microsoft has sharpened the elbows of Windows XP's built-in firewall; once rudimentary and unable to scan outgoing traffic. Likewise, many users were unaware of the firewall's existence.
"According to Jupiter Research consumer surveys, 67 percent of Windows XP households say that they have a firewall installed. While that might seem like a high number, consider that 100 percent of Windows XP users have a built-in firewall, yet at least one third are unaware the software is there," said Joe Wilcox, a senior analyst with Jupiter Research.
While Windows Firewall is notable, Windows XP Service Pack 2 also introduces the Windows Security Center which is a control panel interface geared toward making Windows security features more intuitive and accessible to end users. The interface display dialogs that alert users whenever "Security Essentials" such as firewalls, automatic updates, and virus protection are not turned on.
Microsoft insists that it has enabled opportunities for third party developers to offer additional functionality to that offered by Windows Firewall through the Windows Security Center.
"Third party firewall products that ship with many PCs will still be required in many environments, because Windows Firewall and many third-party firewall solutions offer different functionality," said a spokesperson.
While Microsoft continues to work closely with vendors to create policies and technologies that secure the Windows computing environment, it has done some legwork of its own. Under the auspice of its Trustworthy Computing initiative, Microsoft acquired the assets of the antivirus vendor GeCAD Software June of 2003.
Later on that summer, Microsoft began a second round of testing for its PC Satisfaction Trial. PC Satisfaction included an unusual mix of services that broke the bounds of Microsoft's traditional product offerings. These services included an antivirus scanning engine provided by F-Secure, a self-updating firewall, programmatic backups and automated software updates from Windows Update.
Some of the interface elements and lessons learned from the PC Satisfaction trial found their way into Windows Security Center.
The test itself had repercussions, triggering unease within Microsoft's community of developers. At the time PC Satisfaction was announced, a vendor who asked to remain anonymous remarked, "Interesting thing; they were asking us a bunch of questions months back about AV (i.e. DAT file update method, how frequently should an AV company update DATs, etc.) and we thought it was due to our partnership. Then, lo and behold, out pops PC Satisfaction. Coincidence?"
Going into next week's worldwide partner conference in Toronto -- where Microsoft plans to tout Windows security as a "competitive advantage" -- vendors have incentive to capitalize on the software giant's growing commitment to security, but due to their own perceptions, some will undoubtedly view Microsoft's growing portfolio of security assets as reason for unrest.
"Microsoft's decision to include a firewall in Windows XP caused rumblings back in 2001, particularly considering the then ongoing U.S. antitrust trial. Now, responding to recent worms, Microsoft is exposing more functionality, which might not sit well with third-party vendors," said Jupiter's Wilcox.