RealTime IT News

Microsoft Brings Exchange Security Online

Microsoft this week introduced a new security offering for its cloud-based computing initiative, directed toward providing increased security for its hosted e-mail service. It's a first step in providing versions of its Forefront security products in the cloud.

"[T]oday we are introducing Forefront Online Security for Exchange, a Microsoft Online service, which protects e-mail from spam and malware," Douglas Leland, general manager of Microsoft’s identity and security business group, said in a statement.

It was one of several related announcements the company made Thursday around its Forefront security products, which also includes the beginning of the second beta of its upcoming enhanced security suite.

The move expands use of Microsoft's Forefront Security for Exchange to be one of the services customers can order up under Microsoft's emerging cloud-computing strategy which, in turn, is a part of the company's larger vision of "software-plus-services."

One of the main goals, however, is to provide a more unified service offering for Online services customers, and part of that is rebranding some of the products to better match Microsoft's marketing vision.

"This is the first of our Forefront Online services to complement our software-based Forefront offerings," Leland added.

Additionally, Microsoft announced the start of the second beta test of its Forefront security suite -- codenamed "Stirling." The first beta test of the suite began this time last year.

The Stirling suite includes upcoming versions of the company's Forefront-branded Client Security, Server Security, Edge Security, and Access products along with a unified management console.

"We're on track to release Stirling in the first half of 2010," JG Chirapurath, director of Microsoft's Identity and security group, told InternetNews.com in an interview.

At the same time, Chirapurath said Microsoft has renamed a key identity product from Identity Lifecycle Manager to Forefront Identity Manager, and it won't end there.

"We are taking the Forefront brand and expanding it across all of our identity and security products," Chirapurath added.

Microsoft (NASDAQ: MSFT) first introduced the Forefront brand nearly three years ago. It also began offering Exchange messaging as a hosted service about the same time.

In February, the company began the second beta of its Web anti-malware security product Forefront Threat Management Gateway (TMG). It also shipped Service Pack 1 (SP1) for Forefront Security for Exchange Server at that time.

Thursday's announcement extends the use of the Exchange security package to Microsoft's hosted Exchange Online service, one of several services the company has built around its server offerings such as SharePoint Online.

Adding Forefront Security for Exchange Online, the Stirling suite, and extending the brand is meant to reinforce Microsoft's message of both providing security in depth as well as working across disciplines to provide the best possible security.

"By considering identity and security as two sides of the same coin we are aligned with how customers think about the problem," Leland's statement said.

Meanwhile, Microsoft is also beta testing a project codenamed "Geneva" that Leland refers to as "a set of technologies that make it dramatically easier for customers to build security-enhanced access into software and hosted services."

Geneva will provide what's called a "claims-based access platform."

"With the announcement of Microsoft codenamed Geneva claims-based access platform, developers and their customers can now simplify user access with a single model that's open and interoperable," according to a statement on the Geneva site.

So what's happening here?

"It's mostly a name change at this point," Rob Helm, research director at Directions on Microsoft, told InternetNews.com. "Microsoft wants to take on competitors like Symantec by expanding the market into the realm of things like identity management that the security vendors can't match," Helm added.

As for the integration of security and identity, Helm sees one important benefit as being able to provide IT with a "one button" ability to perform security and identity management when, for example, a company lays someone off.

"It's particularly important when so many people are getting fired. When they leave, they lose all of their permissions for everything," Helm said.