REDMOND, Wash. Jan. 23, 2003 Microsoft Corp. today detailed security innovations in Windows® Server 2003 that will help customers create a more secure, connected infrastructure. The security innovations in Windows Server 2003 offer customers a flexible security experience, providing both a more secure out-of-the-box foundation and extensive technologies to help customers build, deploy and manage more secure solutions. Microsoft has made engineering design changes, adjusted settings to help deliver security by default, and delivered new features and technologies that enhance security for the Windows platform.
“Windows Server 2003 was designed and built with enhanced security as a top priority,”
said Bill Veghte, corporate vice president of the Windows Server Division at Microsoft.
“Security is obviously a paramount concern for customers, and the new functionality we are delivering in this release will make it easier to create secure infrastructures. Windows Server 2003 delivers the best of both innovative new features, as well as a platform that has been engineered for security.”
“Microsoft is making significant progress in fulfilling customer commitments as outlined in the Trustworthy Computing initiative,”
said Chris Christiansen, an industry analyst with IDC.
“Windows Server 2003 demonstrates that Microsoft made security one of its top priorities, while improving the performance and ease of use for the underlying operating system.”
Architected to be Secure by Design, Secure by Default and Secure by Deployment
Windows Server 2003 is engineered with enhanced components that are based on new security design practices. These components deliver innovations where security was the principal design objective. Some examples of how Windows Server 2003 is more secure by design include the following:
Internet Information Services (IIS) 6.0 has been redesigned to allow worker processes running applications or Web services to execute using a low-privilege user account, reducing potential attacks by restricting network access.
Common Language Runtime (CLR) software engine helps to ensure a safe computing environment by reducing the number of bugs and security holes caused by common programming mistakes.
Windows Server 2003 provides customers with a more secure foundation out of the box, to help them build solutions that reduce potential areas for attack in the server. The product will be shipped to customers in a locked-down state, with more than 20 services turned off by default or running with reduced privileges to help IT administrators run the most secure configurations. A few examples of how Windows Server 2003 is more secure by default include the following:
IIS 6.0 will ship turned off by default in Windows Server 2003.
Internet Explorer technologies in Windows Server 2003 will have a default security setting of High.
Password security has been strengthened so that users cannot log on remotely using any account with a blank password. This reduces the potential of remote network attacks due to poor password practices.
Windows Server 2003 contains a range of new and enhanced features to provide customers with flexibility and choice in deploying a more secure Windows Server platform. These innovations help customers meet business needs without compromising security by making it easier to manage and maintain more secure configurations. Customers can now confidently expand corporate network access to end users and third parties such as partners, vendors and customers. Among the new features that make Windows Server 2003 more secure in deployment are the following:
Public Key Infrastructure Services (PKI) have been significantly enhanced to provide customers with a simple certificate infrastructure to improve security in IPSCC-based VPN and network communications, wireless authentication using 802.1x, smartcard logon, encrypted file system, and other services.
Protected Extensible Authentication Protocol
(PEAP) offers encrypted password-based authentication to enhance the security of wireless connections. PEAP is a flexible security alternative for customers who need wireless productivity but cannot devote the resources needed to deploy a full PKI infrastructure.
Authorization Manager provides role-based authorization within applications, which makes it faster and easier for system administrators to manage end-user access to Web services.
Continued Commitment to Delivering Security and Innovation
Building on Windows Server 2003, Microsoft will provide additional resources to help customers achieve optimal security on the Windows platform. Over the next six months, Microsoft plans to introduce several additional security resources for customers. One deliverable scheduled for this summer will be the Secure Configuration Wizard, an add-on technology for Windows Server 2003 that will automate the configuration of servers for optimal security based on server roles. In addition, Microsoft will expand its existing offering of Patterns and Practices, providing new prescriptive guidance on issues such as identity management infrastructure and mobile access infrastructure, to help customers deploy and operate a secure Windows Server 2003 environment.
About Windows Server 2003
Windows Server 2003 is a comprehensive, integrated and secure infrastructure designed to help customers reduce costs and increase the efficiency and effectiveness of IT operations. Building on Windows 2000 family strengths, the new server platform helps customers extend existing resources while laying the foundation for building a new generation of connected applications that improve business productivity. More information is available at http://www.microsoft.com/windowsserver2003/ .
Founded in 1975, Microsoft (Nasdaq
) is the worldwide leader in software, services and Internet technologies for personal and business computing. The company offers a wide range of products and services designed to empower people through great software any time, any place and on any device.
Microsoft and Windows are either registered trademarks or trademarks of Microsoft Corp. in the United States and/or other countries.
The names of actual companies and products mentioned herein may be the trademarks of their respective owners.
Note to editors : If you are interested in viewing additional information on Microsoft, please visit the Microsoft®
Web page at http://www.microsoft.com/presspass/ on Microsoft’s corporate information pages. Web links, telephone numbers and titles were correct at time of publication, but may since have changed. For additional assistance, journalists and analysts may contact Microsoft’s Rapid Response Team or other appropriate contacts listed at http://www.microsoft.com/presspass/contactpr.asp.