.

[an error occurred while processing this directive]

 

Features - July 1999 - W2K is on the way

Sushi Nair gives us her reasons for welcoming Windows 2000
.

Not infrequently I get organisations me why they should care about Windows 2000. There can be no doubt that it is crucial for every organisation to have a plan for this new operating system and so I will outline the reasons here.

  1. Delegation of Authority – The Active Directory allows for delegation of authority. In Windows NT 4 the Administrator is all-powerful and the only way of limiting the power of an administrator is by creating a separate domain. Creating numerous domains decentralises security and complicates your infrastructure. In fact Gartner’s number one security concern with Windows NT is the domain structures. The Active Directory however will bring the ability to delegate control down to a property level, i.e. Help desk Level One can only change passwords, telephone numbers and address information.
  2. All BackOffice products will be released 120 days after the release of Windows 2000 to take advantage of the Active Directory. If you wish to upgrade to IIS 5 to take advantage of the increased performance, or some of the features of Platinum (the new version of Exchange), then you will have to implement Windows 2000.
  3. Replication – Sites take on a new meaning in the Windows 2000 arena. It allows the creation of sites and each BackOffice product uses the site infrastructure created by Windows 2000. Sites use connectors just as they do in Exchange and replication between sites can be scheduled and costs can be applied between links. By placing two domain controllers in separate sites, replication of the Active Directory can be controlled in much the same way public folder replication can be controlled within Exchange. Two domain controllers, which are part of the same directory tree but are in different domains, can be connected using an SMTP connector (this means a permanent connection is not required). This results in the global catalogue, which is an index to the Active Directory to be kept up to date even if there is no permanent connection. This allows a global address book for the whole organisation.
  4. NetBIOS – NetBIOS is not an efficient method of communication. NetBIOS is traffic intensive and requires a non-standard name resolution method. The standard methods of resolving NetBIOS names are broadcast and WINS. Microsoft has decided to drop WINS in favour of DNS, which provides corporates with one method of name resolution. NetBIOS as a protocol will gradually be dropped from products as they are upgraded for Windows 2000.
  5. IP Security – TCP/IP was conceived with the sole desire to provide connectivity. The protocol suite was built without any form of security. IP- Sec is a standard to provide security and is supported within Windows 2000. This provides protocol level security to prevent session stealing and protocol attacks.
  6. User Account Security – The most common method of hacking user accounts (beyond social engineering) is exploiting the weakness of storing user accounts within the registry. Windows 2000 moves user account information into the Active Directory.
  7. Notebooks/ Laptops – Windows NT has not supported laptops and notebooks well. It lacks support for power management and plug and play. Both of these are rectified within Windows 2000, plus support for FAT 32 allows Windows 95/98 to be easily upgraded to Windows 2000. The most likely platform for Windows 2000 to start to make its debut is laptops and notebooks. Windows 95/98 is woefully insecure and security conscious companies are already testing Windows 2000 on laptops. Microsoft has also improved the briefcase concept. Users did not find the briefcase easy to use or to conceptualise, it was largely used by technical people. Windows 2000 allows folders to be marked for offline use and the user gets the same view of the file system off-line as they do when they are connected to the network. The laptop will synchronise when it is connected to the network. This is an easier method for laptop users to work with documents at home.
  8. The File System – NTFS is a more secure file system than FAT but it can still be easily exploited. Tools such as NT Recover and NTFS DOS allow a hacker to easily read and copy information from an NTFS drive. Windows 2000 ships with the ability to encrypt files, this facility will make it difficult for an authorised user to read your data.
  9. Application Management – Windows 2000 has focused on lowering the total cost of ownership as one of its goals. Built into Windows 2000 is the ability to easily deploy applications to users’ desktops. Seagate’s Winstall ships on the Windows 2000 Beta CD and is used to create MSI files. Winstall is used to take a ‘before’ snap shot, the application is then installed and an ‘after’ snap shot is taken. The changes resulting from the application installation are stored in an MSI file. The application can now be assigned to a user or a department, which means that it will be displayed on the users start menu. When the user clicks on the application on the menu, the application will install itself. This technology supports auto-repair in the case of a user accidentally deleting a required DLL and upgrades.
  10. Microsoft wants you to upgrade. Do not mistake Microsoft’s investment in companies upgrading to Windows 2000. I have listed just a few reasons but the power and might of Microsoft will give corporations more reasons to upgrade as the release date approaches. It will begin by shipping installed on desktops and laptops. In order to benefit from new BackOffice products and applications Windows 2000 will be introduced. Don’t allow it to make its way through the doorway by stealth, plan its entrance and derive the real benefits of the Active Directory and Windows 2000.