Evaluate Weigh the pros and cons of technologies, products and projects you are considering.

Microsoft security tools vs. third party

Many administrators are more likely to stick with Microsoft security tools because of their obvious integration advantages. But how do Microsoft products stack up against similar third-party tools. Contributor Serdar Yegulalp examines the functionality of some popular Microsoft security tools.

For a long time, the running joke has been that "Windows" and "security" didn't belong in the same sentence. Thankfully, this has started to change, and Microsoft is not only beginning to create and include more aggressive defenses within Windows itself, but it's also drawing attention to existing products that handle security. Here are three of the company's major security product categories, with insights into what each has to offer. I've also included a competing non-Microsoft product.

Desktop firewalls
One of the most obvious points of comparison is how the Windows Firewall, the firewall software that is now an integral part of both Windows XP and Windows Server 2003, stacks up against third-party firewalls. The fact that it ships with Windows means it's that much easier to enable, and its protection is very tightly integrated into the operating system. Instead of merely blocking or allowing ports, you can configure it to work per-application and per-interface. Plus, it supports both inbound and outbound filtering. Lastly, because it's a standard Windows component, it can be passively configured through an .INF file at install time.

That said, the program's flexibility is limited. Per-interface configurations can only work by port, not application (unless a given interface only supplies a specific range of network addresses), and there's no way to assign specific firewall configurations to individual users or to specific time slots. It isn't hard to find a more powerful desktop firewall for Windows -- Zone Labs LLC's ZoneAlarm, for instance, is a highly regarded suite with a free trial version and many companion products -- but for immediate, interim protection, Windows Firewall will work as a stopgap.

ISA Server vs. third-party firewalls
ISA Server is one of Microsoft's products that holds its own very favorably against third-party offerings. This isn't just because of tight integration with Windows Server and Windows environments in general (since it is, after all, a Microsoft product), but it has other key features as well. For one, ISA Server operates both as a firewall and as a number of other products such as a VPN server. Second, ISA Server, being a software product, has one advantage over hardware firewalls: It's far easier to try out before you commit to a purchasing decision.

The downside with ISA Server, for many people, is the price tag: It may be more than most people might need at $6,000 per processor. It may also be utter overkill -- maybe it has more features than you really plan to use. If you don't need something at ISA Server's level or scope of protection, you can certainly consider a less robust product. But, if you've obtained ISA Server through, for instance, a Small Business Server Premium Edition license, then it doesn't hurt to try making use of it and seeing if it's a fit for your work. (A free 120-day trial version is available for those who want to try it hands-on in a relatively unrestricted way.)

The most recent addition to Microsoft's security products, a desktop antispyware product named (appropriately enough) Windows AntiSpyware, has quickly shaped up to be a fine contender for many of the commercial and freeware antispyware products out there. The application's still in beta, but it already has the polish and finesse of a finished product. If you're reluctant to use a beta product in any form, you can try it out provisionally or work with one of its proven competitors such as Spybot Search & Destroy or Lavasoft's Ad-Aware.

In addition to scanning for threats, AntiSpyware's advanced features match what's available in many of its competitors. It can restore spyware-crippled installations of Internet Explorer to their factory settings, it provides real-time protection against various threats and it can report back information about detected potential problems to Microsoft for further analysis (which you can always opt out of). It also has a "System Explorers" section that lets you spelunk many of the common areas infested by spyware -- IE's Browser Helper Objects, or the Windows HOSTS file.

As expected, Microsoft security products' ability to integrate distinguishes them from their third-party competitors. In some situations, administrators may look to third-party solutions to increase functionality and reduce cost, but some Microsoft products, particularly antispyware, compare favorably to competitors.

Serdar Yegulalp
wrote for Windows Magazine from 1994 through 2001, covering a wide range of technology topics. He now plies his expertise in Windows NT, Windows 2000 and Windows XP as publisher of The Windows 2000 Power Users Newsletter and writes technology columns for TechTarget.

Dig Deeper on Endpoint security management tools

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.