We're big fans of Microsoft "Stirling" around here. We've been running it in a parallel production network for a while now and are mightily impressed with the security and visibility it provides for our network. With "Stirling", I don't have to deal with multiple consoles to get views of my network security and I also get a single management interface to configure security and incident response policies.
"Stirling" was supposed to be available before the end of the year. Indeed, I was planning on getting it all put together on production networks before Christmas.
Unfortunately, it looks like we're going to have to wait a bit longer before that happens. Why? The Forefront Team Blog mentions a couple of major issues responsible for the delay:
- Forefront Client Security 2.0 and Forefront Security for SharePoint won't be available until the first half of 2010
- The Forefront "Stirling" console won't be ready until the first half of 2010
We knew there was going to be a good chance that there would be some delays. There are a lot of products in the "Stirling" security suite, and a delay in any one of those products would lead to a delay of the entire solution.
That's exactly what happened. However, it's worth the wait. This is a tremendous product that will change the way many of us "do security", so it's critical that it's done right. Indeed, many of us around here consider Forefront "Stirling" to be a game changer, finally solidifying Microsoft as a key player in the computer security marketplace. Couple "Stirling" with hardware upgrades to the new "Nehalem" (Intel Microarchitecture) based Xeon 5500 series processors and you'll definitely be "putting the hurt" on the bad guys.
However, the other teams on the "Stirling" project aren't going to just sit around twiddling their thumbs. They're going to use this time to enhance the product by:
- Expanding on the Security Assessment Sharing (SAS) feature, so that more 3rd party products can participate in the information sharing that this feature provides
- Increase their investments in the Dynamic Signature Service, which will be used on the client side to help protect against Zero-Day attacks
For more information on the delay and what the Forefront Team has in mind, check out their blog post on this subject over at:
Thomas W Shinder, M.D., MCSE
Sr. Consultant / Technical Writer