Microsoft Kicks Off Its Countdown to Vista

Vista includes a few amenities to which IT pros should warm, but is it enough to justify deploying it in corporate environments?

At press time, Microsoft Corp. was readying its delivery of Release 1 (R1) of its long-awaited Vista operating system. While Vista itself still isn’t slated to ship until early next year, its first release candidate (RC)—which is Microsoft’s first stab at Vista’s productized gold code—is a significant milestone.

Microsoft’s delivery of past desktop OSes has been a big deal, at least from IT’s perspective: Windows 2000 Professional was Microsoft’s most stable and manageable platform up to that time, with integrated directory services, improved storage management, and a new directory-centered, Kerberos-based security model. Its successor, Windows XP Professional, added additional management niceties on top of Windows 2000 Professional’s innovations, with support for Remote Desktop (to facilitate help-desk interactions), an integrated firewall—to help provide some limited protection against network-based attacks,—a system-restore utility, and support for advanced manageability features (such as volume shadow copy) that Microsoft delivered with Windows Server 2003.

What does Vista bring to the table for IT managers? Considerably more in the way of minimum system requirements, for one thing.

A basic Windows 2000 Professional install—with service packs and numerous IE updates—eats up about 1 gigabyte (GB) of hard disk space. Windows XP Pro ups the ante somewhat, clocking in at around 1.5 to 2.0 GB (depending on what options are installed) once Service Pack 2 and other updates have been applied.

As for RAM, Windows 2000 Professional called for a minimum of 64 MB of memory (with 128 MB recommended), while Windows XP requires a minimum of 128 MB (with twice that recommended). For Windows 2000 Professional, Microsoft recommended a Pentium 133 or higher microprocessor; while for Windows XP, the software giant specified a 300-MHz or faster 32-bit Pentium II/III (or AMD Athlon) microprocessor.

Vista, it appears, is a different kind of animal.

At a minimum, Microsoft disclosed in March, Vista will require an 800 MHz Pentium III or Athlon microprocessor, 512 MB of RAM, a 20 GB hard drive—with a whopping 15 GB of free space—and SVGA (800x600) graphics. In order to qualify for Microsoft’s “Vista Capable” branding program, however, candidate PCs must also be equipped with DirectX 9-capable video cards.

Like Windows XP—which shipped with a glossy new “Luna” interface—the Vista interface has been given an overhaul. Not surprisingly, Microsoft says that Vista’s “Aero” interface requires a “Premium Ready” PC, which must be outfitted with a 1 GHz 32-bit or 64-bit processor (at a minimum), 1 GB of system memory, and a graphics processor that has at least 128 MB of graphics memory. Add 40 GB of hard drive capacity (with the requisite 15 GB free space) on top of that, too.

Almost five years have passed since Microsoft delivered Windows XP. That’s an eternity in tech time, notes veteran industry watcher Rob Endlerle, a principal with consultancy The Enderle Group. Enderle says Vista’s minimum system requirements—which, in comparison with those of its predecessor operating environments, do seem excessive—are largely reasonable, at least by today’s standards, now that 1-GHz and faster processors have been shipping in volume for at least five years and hard drive capacities are surging every closer to the terabyte frontier.

“Vista does a much better job of using memory, so you’ll actually get a much higher performance pop on Vista if you increase the memory dramatically, because a lot of the bottlenecks—which still come from the hard drive—are mitigated by having more memory,” he argues.

It’s the Security, Stupid!

Notwithstanding its much bigger footprint, Windows Vista does include a few amenities to which IT pros should warm. Even so, industry watchers say there’s one key question: is there enough in Vista to justify deploying it in corporate environments?

On the plus side, Vista’s out-of-the-box security should provide a distinct improvement over its predecessors—even Service Pack 2-updated Windows XP systems. Enderle, for his part, says Vista’s out-of-the-box security experience compares favorably with that of Unix-based (or derived) operating environments.

“Vista’s much closer to a Unix experience in terms of security and management,” he observes. Isn’t there a chance that Vista’s more rigorous security model could complicate management in heterogeneous Windows client environments? In a word, Enderle concedes, yes—which is why Microsoft is advising corporate customers to deploy Vista in a phased approach, to business units, groups, or divisions entire.

“You could certainly degrade it down to a point where you can use certain tools, but you would probably be foolish to do so because you’ll miss all of the advanced security features. You don’t necessarily want a Vista machine and an XP machine sitting alongside by each other, so if at all possible, you should migrate a division at a time and a department at a time.”

There is plenty for IT to like in Vista. For one thing, the OS ships with a new feature—dubbed User Account Protection (UAP)—which modifies the means by which users can initiate system changes. This is one respect in which the Vista security experience is closer to that of the Unix model. In Windows XP (and even earlier), IT pros needed root-level (Administrator) privileges to perform routine IT tasks, such as software and device driver installations. Windows 2000 and Windows XP supported a stop-gap kludge—“RunAs,” which is similar to the Unix superuser mode—but Vista’s UAP capability ups the ante considerably. It alone should help mitigate—if not altogether eliminate—Vista’s exposure to malware and other attacks.

“It’s much more competitive with where the Mac OS currently is in terms of resistance to viruses and all kinds of malware. You can deploy now legitimately as a user in user mode as opposed to administrative mode, which prevents an entire class of exploits,” Enderle argues. One upshot of this should be improved stability and performance, he says: “Because it’s now got a much higher level of integrated resistance to viruses and malware, the system should not degrade over time. In traditional Windows XP [systems], as more and more things got installed over time without the users’ knowledge, it tended to degrade—[things like] performance [and] stability suffered. Windows Vista is much more resistant to these. The performance won’t degrade, the uptime is much better, it is much better in terms of managing things like battery and power, at the end of the day, across almost all vectors, it’s faster and more stable.”

Ditto for another important Vista modification: most device drivers are now loaded at the user level, not in kernel mode. “Windows Vista … includes many changes to the kernel, including the ability to run drivers as user-mode processes,” Greg Sullivan, lead product manager in the Windows Client division, told ESJ’s sister publication ENT earlier this year.

One upshot, Sullivan explained, is that driver crashes won’t necessarily bring down a system—user-level device drivers can be restarted just like any faulting application—which should improve application availability and system uptime, too. Other security improvements include support for “BitLocker” disk encryption (which makes it possible to encode the Windows volume, and which requires a 48-digit key in order to decrypt system data). BitLocker encryption is one Vista addition that’s designed expressly for enterprise customers: it’s available only in the Enterprise and Ultimate editions of Vista.

Elsewhere, Vista’s revamped firewall blocks both incoming and outgoing traffic. (Its predecessor blocked only incoming packets).

So will a bevy of security enhancements—many of which, skeptics can rightly argue, Microsoft should have implemented years ago—be a sufficient enough enticement for corporate buyers? Enderle thinks so. Besides, he says, Microsoft and its OEM partners have a trump card of sorts to play.

“The advice for corporate buyers pretty much across the board is to migrate Vista in on new hardware. Upgrading existing hardware with Vista, while you certainly can do it, and they have in previous generations gone down that path, as we discovered with Windows XP, it is much more cost effective to phase [a new operating system] in on new hardware,” he argues.

“So if you’re spending money on new hardware, [Microsoft] will say, you might as well get the best benefit for it. You might as well get Microsoft’s most secure OS to date.”

comments powered by Disqus