Microsoft is looking to bring some unity and clarity to its Forefront family of enterprise security and identity products the week before the RSA security conference.
Doug Leland, the General Manger of Microsoft's Identity and Security Division, has been on a road show with press and analysts for the past couple of months to explain Microsoft's evolving strategy in this space. After chatting with him, here are my five top take-aways about what Microsoft has planned for Forefront:
1. Microsoft plans to turn Forefront into not just a family of products, but a developer platform, too. Security and identity need to be embedded and not treated just as a bolt-ons to existing solutions, Leland said. Microsoft is still working out the details of what its combined security and identity stack will look like, but some of the core elements are already known. At the base-level, Microsoft is building on top of existing protocols, like LDAP. Above that, it is opening up the Identity Lifecycle Manager programming interfaces and its security assessments to interested third-party coders. And on top of that, Microsoft is exposing its "Geneva" federated-identity framework (formerly known as "Zermatt").
2. Forefront is part of Microsoft's cloud strategy on a couple of different levels. Microsoft starting to roll out cloud-based versions of its Forefront wares, starting with the just-announced Forefront Online Security for Exchange. But Geneva -- which now is the codename for both the Zermatt framework and the next version of the Active Directory Federation Service (ADFS) identity service itself -- also is part of the Azure Services framework, specifically the .Net Services piece, Leland said. (So Geneva is/was part of the Zurich layer of Microsoft's Azure cloud platform. Sometimes Microsoft's codenames really do tell a story....)
3. Beta 2 of Stirling is out. Stirling, the next version of Microsoft's integrated Forefront suite (plus a unified management console) is running behind schedule, as Microsoft revealed a couple weeks ago. Microsoft released a public Beta 2 of Stirling today, April 16.
The final release of Stirling isn't slated until late 2009/early 2010 (with various components of it arriving throughout that period), however, which is a year later than Microsoft anticipated. When it finally ships, Stirling will be branded with the Forefront name... just like all of its family of enterprise identity and security products are starting to be. (Identity Lifecycle Manager is now known as Forefront Identity Manager, for example.) 4. Morro -- Microsoft's consumer-focused replacement for Windows Live OneCare -- is being developed by the Forefront team. Yes, it is being marketed by the Windows client team. But it's the Forefront team supplying the core antivirus/antimalware engine that will power Morro. And it is the same engine that powers Forefront Client. (It's not correct to assume Morro is a stripped-down version of Forefront client, however, Leland said.) There's no new information on when to expect Morro. Leland said Microsoft is still saying to expect the new, free service to ship in the second half of 2009 and declined to provide any further details regarding if/when a beta will be released. Microsoft is hoping that by getting Morro on all consumer PCs, especially those whose users may not have the money or interest to run antivirus/antimalware software, that it will be able to better secure the entire Windows ecosystem, Leland reiterated. 5. The People-Ready marketing campaign at Microsoft is (unfortunately) still alive. Microsoft is talking about its Forefront strategy as being all about "Business-Ready Security." That's a little more descriptive than "People-Ready," but not by much....