Ever wonder where Microsoft got the code name for its upcoming Windows Vista release? According to Lily Delos Rios, VP of Product Delivery at Symantec, the code name Longhorn grew out of two then-current project code names: Whistler and Blackcomb. Whistler and Blackcomb are two mountains near the popular Whistler, British Columbia, ski community. The project named Whistler became Windows XP, and Blackcomb was to be an even more ambitious new operating system. When it seemed that Blackcomb was too ambitious, Microsoft decided it needed something in the middle, something between Whistler and Blackcomb. In the real world, there's a saloon located between the two mountains, and that saloon's name is Longhorn.
You might wonder why I'm starting a column about Microsoft by repeating an anecdote from someone at Symantec. This week at the Symantec Vision conference in San Francisco, several top-level Symantec executives were openly challenging Microsoft on security
. Despite considerable press coverage of the emerging Google vs. Microsoft battle
, the way they were talking, you'd think Symantec was Microsoft's only competition.
In the real world, there's a saloon located between the two mountains, and that saloon's name is Longhorn.
In a room full of Symantec Veritas customers, an informal, nonscientific poll revealed that none of the IT managers expected to deploy Windows Vista in their organizations within the first three months of its release. Worse, only a handful thought it likely that they'd deploy Windows Vista within the first six months. Microsoft is betting the farm on Windows Vista in the enterprise market; Microsoft makes a majority of its software sales through enterprise agreements, and most of the features in Vista are aimed toward these high-end customers.
One new feature in the Enterprise versions of Windows Vista will be an imaging tool, allowing IT managers to create a model workstation that will deploy that image onto new PCs as they come online. The advantage, says Microsoft, is that you can edit the image to include the latest security patches from Microsoft so that your image is always the latest and greatest. That's hardly news to IT managers who have been using Symantec's Norton Ghost for years. As one IT manager told me, "Why would I bother to learn Microsoft's tool when I already know Ghost?"
Vista's like an onion
Bottom line, Symantec is the only security vendor positioned to take on Microsoft.
With Windows XP Home and Windows XP Professional, Microsoft attempted to have one platform for both its enterprise and home users. With Windows Vista, that simple concept gets more complicated. Microsoft has an everything-including-the-kitchen-sink version that will be called Windows Vista Ultimate, and, as suggested, it will have every possible feature. For the corporate office, however, Microsoft is planning an enterprise agreement-only version called Windows Vista Enterprise, which drops the Media Center package but keeps the Bitlocker hard drive encryption feature. For small businesses, Microsoft is planning a retail version called Windows Vista Business, which drops the Media Center and Bitlocker but keeps the tablet PC support and IIS for Web site creation. Finally, the version that you and I will find on most new PCs beginning sometime in 2007 will be called the Windows Vista Home edition, which includes the Media Center but drops tablet PC support, Bitlocker, and IIS, among other networking and administrative functions unnecessary to the average solo PC user. Sometime in the next two weeks, Microsoft will unveil another build of its Windows Vista operating system, and this release should be public and perhaps for the first time be broken out into specific versions of the operating system.
Of course there is a downside to Microsoft designing Windows Vista primarily for the enterprise audience, and some bad security decisions have already been made that will trickle down throughout the entire operating system series. I'm particularly upset by Microsoft's recent announcement that its new outbound firewall filtering will be disabled by default
. Now you'll have to enable it yourself, which most users are loath to do. Microsoft bowed to pressure from its Enterprise, but, since this operating system is still in beta, there's plenty of time for the geniuses in Redmond to reverse that decision, at least on the Windows Vista Home edition. Whither third-party security?
Last week, a report from the Yankee group suggested that Windows Vista-embedded security features will knock out third-party security apps
, especially the firewall and antispyware vendors. I first addressed this question in a column in January
, and I still think third-party firewall applications will continue to thrive, whether or not Windows Firewall's outbound protection is enabled. In the post-Windows Vista world, I do think third-party antispyware vendors will have a hard time justifying their existence against the free version of Windows Defender. One area where third-party security vendors will definitely succeed against Microsoft will be in stopping phishing and identity theft.
Within the last year or so, Symantec purchased many smaller security companies
, beefing up its portfolio in authentication and fraud protection. Within the 2007 consumer versions of Norton security apps, expect to see new behavior-blocking technology it bought from WholeSecurity. Here, I think Symantec's technology will be much more robust than Microsoft's diluted antiphishing technology within Windows Vista. Wider ripples in the pond
Maybe it really is becoming a Microsoft vs. Symantec security universe. My ZDNet colleague David Berlind thinks security vendor McAfee
and others are threatened by Microsoft. David cites McAfee's CEO Gene Hodges, who, after first giving a fairly rosy picture of McAfee's future, quickly jumped ship. Another sign of McAfee's market desperation is its recent foray into Apple Mac OS X security. Elsewhere, David mentions the departure of Fred Felman, formerly of ZoneAlarm, more recently with the antispyware vendor Tenebril. David quotes Felman as saying of the security industry today, "It's beat." That's news to me because the last time I spoke with Felman, a couple of months ago, he didn't sound all that impressed with either the firewall or the built-in antispyware plans for Windows Vista.
Bottom line, Symantec is the only security vendor positioned to take on Microsoft. To counter Microsoft's new Windows Live OneCare managed support service
, Symantec will be rolling out Genesis later this year. Look for the two software giants to continue to be in lockstep, announcing similar security product features and services
in the coming years. I would hate to see McAfee fade away and for desktop security to come down to just two vendors, but that's been the pattern with Microsoft for years: narrow the market and be one of the two survivors. Will Microsoft emerge as a dominant security vendor in the next few years? Talk back to me.