At 09:31 PM 6/30/97 -0500, Vin McLellan <vin @
shore .
net> allegedly wrote:
Thanks for mail, Vin,
8< [snip]
> Though Microsoft (MSFT) says it doesn't plan to
> compete with firewall vendors, its plans to add
> firewall security features to the next version of its
> Proxy Server software could shake up the firewall
> software market.
<ROTFL>. Yeah, right. Just like M$ didn't *plan* to compete with
Novell, Netscape, etc. M$ doesn't really compete, they simply see
what someone else does well (like a market leader), puts these
functionalities into their own products & then they use their
marketing muscle to drive their product out the door & competitors
into the ground.
Personally, I am not at all impressed with M$'s predatory business
practices. I think they will keep pushing the limits of what is
right & legal to do and will probably get their clock cleaned by
the Justice Dept. or the FTC. Given their predatory practices,
I wouldn't be surprised if they were sniffing their own network
(MSN) for competitive info, or ideas for new projects. (Nothing
legally wrong with that - it *is* their own network). Note: I
didn't say they were doing it - I just said I wouldn't be surprised.
> The next version of Proxy Server goes into beta
> testing in July; it will include firewall features
> designed to block intruders on the Internet from
> getting onto a company's internal networks,
> Microsoft officials said. The features could hurt
> sales of firewall software for Windows NT in
> particular, and NT has been the market's hottest
> segment.
>
> The move should come as no surprise, says Rob
> Enderle, an analyst at Giga Information Group. It's
> been clear since Microsoft introduced its first
> version of Proxy Server that it would add firewall
> functions.
I think Rob is 100%correct. IMHO, the Proxy Server was just to
test the water to see how the market would respond. As people
are expecting M$ to come out with a firewall, I would say that
M$ will (once again) change its mind and wade into the market.
> Microsoft's decision could hurt makers of firewall
> software, such as Raptor Systems. In February
> Raptor announced a low-end firewall, called "The
> Wall," targeted at small and mid-sized companies.
> The Centri firewall from Global Internet.Com also
> targets that space; sometime Microsoft ally Cisco
> Systems announced last week it's buying Centri and
> Global Internet.Com's software group.
I see no immediate danger to major firewall vendors from M$. For
the most part, they already have a solid reputation on the market
& know how to design secure products. M$ doesn't have this
reputation yet (and will probably have to do a huge PR campaign
to try to restore confidence about their ability to deliver secure
products). The new kids on the block will probably fade away when
competing with M$.
M$ has two main disadvantages:
o They seem to be deficient in their ability to write secure TCP/IP
stacks.
o They seem to have problems in trying to write tight, clean, code
- an important prerequisite in writing a secure applications
such as firewalls.
INFOSEC PROGRAMMING DESIGN RULE #1
The larger the size of the code, the greater the probability that
the code will contain vulnerabilities which can be exploited.
Another thing. As time passes, & NT becomes more prevalent, the
hackers will redirect their efforts to NT and will start picking
it apart (like they have with other vendors). IMHO, I think it
is just a matter of time until we start seeing nonprived users
able to gain privs by exploiting vulnerabilities in individual
programs (buffer overflows, etc). Particularly sensitive are
those programs which perform prived functions on behalf of
non-prived users.
Best Regards,
Frank
The opinions of the author of this mail may not necessarily be
representative of the opinions of Fortifed Networks, Inc.
Fortified Networks, Inc. - http://www.fortified.com/
Expert (vendor-neutral) Computer and Network Security Consulting
Phone: (317) 573-0800 Fax: (317) 573-0817
Follow-Ups:
|
|
