Microsoft delays Stirling to better develop behavioral detection

by Steve Ragan - Apr 7 2009, 17:30

Microsoft has said it will push back the release date on 'Stirling', the codename given to the new integrated security suite presently under development. Stirling is a suite of tools designed for network protection, endpoint protection, messaging, and collaboration from a centralized management console. It was expected to arrive in the first half of 2009.

The change means the Stirling code will see its initial release during the fourth quarter of this year alongside the launch of Forefront Server Security for Exchange and Forefront Threat Management Gateway (the new ISA Server). The management console will arrive in 2010, along with Forefront Client Security 2.0 and Forefront Security for SharePoint.

According to Microsoft, one of the reasons behind the delay is the addition of interoperability with third-party security solutions. In response to testing comments and customer requests for the feature, Microsoft developers are planning to increase their focus on Stirling’s Security Assessment Sharing (SAS).

“SAS correlates security events from different Forefront products and third party solutions, enabling administrators to quickly investigate and remediate security events. We will provide information about interoperability partners in the near future,” outlined a post on the Forefront team blog.

“Additionally, we are investing significantly in a behavior-based technology called Dynamic Signature Service to help deliver more comprehensive endpoint protection for zero day attacks.”

Microsoft offers that DSS will complement the Stirling suite's “advanced heuristics, dynamic translation, and real time application scanning for kernel level Malware,” with a tailored approach to on-demand threat mitigation.

Want regular updates from The Tech Herald? Follow us on Twitter.

Around the Web