MikeHunt
April 2nd, 2004, 03:15 PM
Test Center: Windows XP SP 2 Delivers Some Promised Security Ehancements
(URL: http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=49107)
By Frank J. Ohlhorst
CRN
5:09 PM EST Fri., Apr. 02, 2004
The highly anticipated release of Windows XP Service Pack 2 looms on the horizon, leaving many to wonder if operating system update will be a cure for many of the security ills surrounding Windows XP. Months in the making, Microsoft promises the new service pack--set to ship by the end of the second quarter--promises to better secure Windows XP from attacks, such as the Blaster worm and buffer overruns, while also reducing pop-up advertisements and spam annoyances.
The Test Center installed a release candidate copy of Windows XP Service Pack 2 (SP2) on several XP Professional systems and found it to offer useful security enhancements along with providing some additional functionality to the XP operating system.
One of the key enhancements is Microsoft's new Security Center, an application that unifies the various security elements found in Windows XP. Security Center offers a quick look at system security and recommends changes to help better protect the system.
This feature could be a real time-saver for solution providers, but watch out for the default settings offered by SP2 because they favor security over functionality. During the Test Center's evaluation, some firewall settings had to be modified for programs, such as PCAnywhere and some peer-to-peer file sharing, that require certain ports remain open on the PC.
Solution providers will find the interface offered by the new security center easy to use. Each option, such as firewall settings and automatic updates, are clearly labeled and offer context-sensitive help screens that will greatly reduce the learning curve associated with new security controls. Microsoft has reduced some of the 'technobabble' and offers plain English explanations of what each option promises to accomplish. That should help users become more security-conscious, while making things easier for installers.
Other security features found in SP2 include a pop-up blocker for Internet Explorer, monitoring of background downloads to prevent spyware installations, improvements to Outlook Express to help reduce spam and viruses, and a completely redesigned firewall.
Beyond the security improvements, solution providers will notice some ease-of-use enhancements, especially for wireless networking. Microsoft has simplified and improved the wireless control applet; it is now much easier to locate wireless networks and enable security options such as WEP.
SP2 also improves on the automatic update process. Automatic updates to the operating system are handled in a more logical fashion; users are now informed of what steps may be needed to apply patches, and the patches can be applied all at once or be individually selected. The updating process offers more information than previous versions of XP, describing in detail what problems an update will correct and how the changes may affect the system. The previous version of Windows update often left out that type of information. Those changes will help solution providers to better determine if an update will have the desired effects on a system and help with troubleshooting chores if an update goes awry.
Test Center engineers did notice a performance hit on each machine tested with SP2, but the slight reduction in performance is made up for by the enhanced security and options such as the pop-up blocker that saves time--and aggravation--when Web surfing. Other minor enhancements include disabling Windows messenger by default and enabling the Windows firewall automatically.
Installation was straightforward and well-documented but did take a significant amount of time. The install took almost one hour on a Sony Vaio notebook computer equipped with a 2GHz Pentium 4 M processor, 256 Mbytes of RAM, XP Professional with SP1. Other tested systems fared no better on installation speed.
During installation, users can view a document that specifies what changes the service pack implements. Solution providers should pay careful attention to the setup document that is displayed automatically during the installation process. It helps to highlight some possible incompatibilities with installed applications and drivers, most notably remote-access products and solutions.
Solution providers may have to research how SP2 will affect current installations and plan for a rollback of SP2 if problems are encountered. A backup before installation should be considered a requirement before installing SP2.
All things considered, Windows XP Service Pack 2 brings some much needed security to the XP operating system, but it is not a complete solution for protecting XP-based PCs from the ills of the Internet. Third-party firewalls, antispam solutions and antivirus solutions are still needed to properly protect PCs. Those solutions can be installed at the network level or handled by security suites such as those from Symantec, McAfee and Trend Micro to protect non-networked internet attached PCs.
Solution providers, for instance, will find that while the included firewall certainly improves security, it does not offer the robustness often found in either hardware or third-party firewalls.
In addition, SP2 does not offer a complete anti-virus solution. No virus signature scanning is included, and the spam filtering offers some basic features but can't compete with the advanced blacklists and heuristics offered by third-party vendors.
SP2 will be available as a download or on a CD-ROM for a small fee.
(URL: http://www.crn.com/sections/BreakingNews/dailyarchives.asp?ArticleID=49107)
By Frank J. Ohlhorst
CRN
5:09 PM EST Fri., Apr. 02, 2004
The highly anticipated release of Windows XP Service Pack 2 looms on the horizon, leaving many to wonder if operating system update will be a cure for many of the security ills surrounding Windows XP. Months in the making, Microsoft promises the new service pack--set to ship by the end of the second quarter--promises to better secure Windows XP from attacks, such as the Blaster worm and buffer overruns, while also reducing pop-up advertisements and spam annoyances.
The Test Center installed a release candidate copy of Windows XP Service Pack 2 (SP2) on several XP Professional systems and found it to offer useful security enhancements along with providing some additional functionality to the XP operating system.
One of the key enhancements is Microsoft's new Security Center, an application that unifies the various security elements found in Windows XP. Security Center offers a quick look at system security and recommends changes to help better protect the system.
This feature could be a real time-saver for solution providers, but watch out for the default settings offered by SP2 because they favor security over functionality. During the Test Center's evaluation, some firewall settings had to be modified for programs, such as PCAnywhere and some peer-to-peer file sharing, that require certain ports remain open on the PC.
Solution providers will find the interface offered by the new security center easy to use. Each option, such as firewall settings and automatic updates, are clearly labeled and offer context-sensitive help screens that will greatly reduce the learning curve associated with new security controls. Microsoft has reduced some of the 'technobabble' and offers plain English explanations of what each option promises to accomplish. That should help users become more security-conscious, while making things easier for installers.
Other security features found in SP2 include a pop-up blocker for Internet Explorer, monitoring of background downloads to prevent spyware installations, improvements to Outlook Express to help reduce spam and viruses, and a completely redesigned firewall.
Beyond the security improvements, solution providers will notice some ease-of-use enhancements, especially for wireless networking. Microsoft has simplified and improved the wireless control applet; it is now much easier to locate wireless networks and enable security options such as WEP.
SP2 also improves on the automatic update process. Automatic updates to the operating system are handled in a more logical fashion; users are now informed of what steps may be needed to apply patches, and the patches can be applied all at once or be individually selected. The updating process offers more information than previous versions of XP, describing in detail what problems an update will correct and how the changes may affect the system. The previous version of Windows update often left out that type of information. Those changes will help solution providers to better determine if an update will have the desired effects on a system and help with troubleshooting chores if an update goes awry.
Test Center engineers did notice a performance hit on each machine tested with SP2, but the slight reduction in performance is made up for by the enhanced security and options such as the pop-up blocker that saves time--and aggravation--when Web surfing. Other minor enhancements include disabling Windows messenger by default and enabling the Windows firewall automatically.
Installation was straightforward and well-documented but did take a significant amount of time. The install took almost one hour on a Sony Vaio notebook computer equipped with a 2GHz Pentium 4 M processor, 256 Mbytes of RAM, XP Professional with SP1. Other tested systems fared no better on installation speed.
During installation, users can view a document that specifies what changes the service pack implements. Solution providers should pay careful attention to the setup document that is displayed automatically during the installation process. It helps to highlight some possible incompatibilities with installed applications and drivers, most notably remote-access products and solutions.
Solution providers may have to research how SP2 will affect current installations and plan for a rollback of SP2 if problems are encountered. A backup before installation should be considered a requirement before installing SP2.
All things considered, Windows XP Service Pack 2 brings some much needed security to the XP operating system, but it is not a complete solution for protecting XP-based PCs from the ills of the Internet. Third-party firewalls, antispam solutions and antivirus solutions are still needed to properly protect PCs. Those solutions can be installed at the network level or handled by security suites such as those from Symantec, McAfee and Trend Micro to protect non-networked internet attached PCs.
Solution providers, for instance, will find that while the included firewall certainly improves security, it does not offer the robustness often found in either hardware or third-party firewalls.
In addition, SP2 does not offer a complete anti-virus solution. No virus signature scanning is included, and the spam filtering offers some basic features but can't compete with the advanced blacklists and heuristics offered by third-party vendors.
SP2 will be available as a download or on a CD-ROM for a small fee.