Features - Enterprise Data Insights:

MICROSOFT FUELS ADOPTION OF ENHANCED STORAGE SECURITY

Microsoft Corp recently announced its commitment to drive enhanced storage area network (SAN) security through the adoption of the Microsoft Windows Server platform. To address SAN customers' need for simplified and enhanced security management of users and devices, Microsoft is teaming with storage partners for the adoption of the Internet Engineering Task Force (IETF) standard Remote Authentication Dial-In User Service (RADIUS) protocol, which is implemented in the Internet Authentication Service (IAS) component of Windows 2000 and the upcoming Windows Server 2003. Microsoft is working with SAN fabric vendors such as Brocade Communications Systems Inc, McDATA Corp and QLogic Corp to broaden industry usage of its RADIUS implementation and integrate it into the Microsoft Active Directory directory service to provide enhanced enterprise security.

The IETF working group ANSI T11 acknowledges the need for a mandatory protocol for switch security and recommends RADIUS as an essential component for enhanced security. RADIUS, an IETF-standard protocol, is widely used today for authenticating, authorizing and auditing users and devices in a network to previously defined permissions, based on existing enterprise policy. The use of RADIUS in Windows Server for SAN security enables customers to integrate with existing enterprise security and to more easily implement a security model for users and devices.

"RADIUS is a desirable element in a complete security strategy because it serves as a trusted third party, providing access control, authentication and authorization across the IT infrastructure," said Robert Snively, chairman of the INCITS Technical Committee T11. "The INCITS Technical Committee T11 is actively extending the security capabilities of Fibre Channel SANs to include authentication mechanisms that can be integrated with a RADIUS environment."

"Microsoft is playing an important role by proactively working with the industry to drive enhanced and simplified storage security management," said Charles Stevens, corporate vice president of sales and marketing for the Enterprise Storage Division at Microsoft. "Today, we are working with industry partners, SAN fabric vendors like Brocade, McDATA and QLogic, to broaden industry usage of established protocol RADIUS and promote best practices for stronger security implementation and management of SANs."

Microsoft's Support of RADIUS

Internet Authentication Service is Microsoft's implementation of the IETF-standard RADIUS, a widely adopted protocol, in Windows 2000 and the upcoming Windows Server 2003. IAS through RADIUS standard protocol and domain integration with Active Directory helps administrators centrally manage network access policies based on group membership, time of day, type of access and more. With both standard and vendor-specific action support, IAS can push access controls to a broad variety of network access methods. IAS also simplifies access management and enhances network security.

About the Microsoft Enterprise Storage Division

Founded one year ago, Microsoft's Enterprise Storage Division was formed to bring greater focus to Microsoft's customers' increasingly complex storage requirements. The division is focused on three primary objectives: to make Windows a better platform for storage, to catalyze the industry to develop innovative storage solutions, and to bring to market Microsoft storage products.

Additional information on Microsoft's storage offerings can be found at www.microsoft.com/storage/.