Microsoft aims to rally the industry around its new network access protection (NAP) architecture and related set of APIs for the next Windows Server, even as it prepares two enhanced security frameworks for future Windows releases.
At its Worldwide Partner Conference in Toronto, Microsoft said it plans to establish NAP as an industry standard. The technology, previously described by some executives as Active Defense technology, is designed to give end users secure access to the corporate network and IT administrators a way to set policies and detect the "health" and security configurations of incoming PCs, laptops and handhelds.
Looking beyond NAP, the software giant also is developing two major security enhancements for Windows, including Next Generation Authentication and Authorization (NGNZ) and Application Security (AppSec) frameworks, sources familiar with the plans said.
The momentum behind NAP is already substantial. More than 25 security, firewall, patch management and networking ISV partners--including Symantec, Trend Micro, Citrix, Shavlik and Juniper Networks--announced support for the NAP architecture and application programming interfaces (APIs) planned for the next Windows Server upgrade, code-named R2 and due out in late 2005.
Though Cisco Systems was noticeably absent from the list of NAP-supporting ISVs, Microsoft hinted that a deal is close. Microsoft is in "deep negotiations" with the networking giant on a variety of security areas, including quarantine, VPN, wireless and wired technology, said Steve Anderson, a product marketing manager in Microsoft's Windows Server group.
To realize the benefits of cloud-native software, an application must actually be cloud-native—designed to run in the cloud, interacting with disaggregated cloud services, fully manageable as code—to deliver the expected benefits.
By combining resources and expertise, the AI-Enabled ICT Workforce Consortium will offer a blueprint for how industries can adapt to an AI-dominated future.
IT leaders should heed the guidance of cybersecurity insurance providers who think businesses should prioritize security education, incident preparedness, regular internal audits, and ongoing vulnerability scanning and patching.
