As it gets closer to the release of Vista and Longhorn Server, there’s the expected drum beating for new features, many of which are often overlooked in light of the glitzy new Aero UI. One such feature is a completely rewritten networking stack. Paul F. Roberts at eWeek reports on some resulting new functionality that Microsoft is talking up:
Microsoft Corp. is banking on enhancements to what it has dubbed the fundamentals to entice enterprises to upgrade to the next version of Windows, known as Vista.
Microsoft will use the RSA Conference in San Jose, Calif., in February and the company’s TechEd conference in Boston in June to demonstrate and evangelize the security enhancements in Vista and its upcoming “Longhorn” version of Windows, said Mike Schutz, group product manager for Microsoft’s Windows Server Division, in Redmond, Wash.
One focus of those presentations will be IPSec, a venerable protocol used for securing message data at the network layer as well as for authenticating the source of data packets sent over networks.
Traditionally, IPSec has been used for Virtual Private Network (VPN) connections from remote users through the enterprise firewall, but Microsoft suggests it would be useful to use it to isolate sections of the enterprise from each other.
In Vista and Longhorn, IPSec is used to do both domain isolation—which blocks untrusted connections to domain members—and server isolation—which restricts traffic to trusted domain members and user groups—according to Microsoft.
Windows 2000 Service Pack 4, Windows Server 2003 and Windows XP SP 2 currently support server and domain isolation, but it will be much easier to deploy the technology with Vista and Longhorn, Hameroff said.
Fulton County (Georgia) government is a pilot customer that thinks it’s useful, but a Gartner analyst is doubtful this has general applicability.
There’s more on the new stack here and here, but the biggest objection I see is that these features seem to be very Microsoft-centric in that they require both Microsoft clients and servers. You’ll likely be out of luck in a heterogeneous environment.