Windows

General discussion

Locked

Ed Bott's Microsoft Challenge, 11/16/00

By ebott ·
Microsoft has begun serious testing of its next Windows version, code-named Whistler, which is due for release sometime in 2001. Microsoft's product managers have told me they're still designing the product and they're actively seeking feedback. So I'm asking for your helpo in putting together a Whistler wishlist. This week, I'm focusing on tools and system utilities for power users and network administrators. What sort of utilities do you want to see included with the next version of Windows? Antivirus software? Firewall programs? If you've got a favorite third-party utility that deserves to be integrated into the OS, here's your chance to make your case. Be specific, and be sure to include solid reasons for your choices.

This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Comments

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by wsmoth In reply to Ed Bott's Microsoft Chall ...

So far, there has been a lot of nice ramblings about what people want, but only a few truely usable suggestions.

Well, here is mine, take it as you will.

I would like to see a way for mobile users to participate in a Primary domain (domain A) and several secondary domains (domain B, domain C, etc) without having to leave one domain to join another.

This could be incorporated into the "Hardware Profiles" currently in use in Windows 2000 Professional and Windows NT 4.0 Workstation as a operational variable.

Incorporating this and allowing the user to choose their profile at startup would give a mobile user the ability to connect to different domains depending on their location without having to reconfigure their network settingsevery time.

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by EastExpert In reply to Ed Bott's Microsoft Chall ...

1) Integrate Support Tools right into the system. Reason: Hate to assemble the system from pieces. Why not integrate it into the familiar Add/Remove Windows Components.
2) Personal Firewall capabilities: Ability to easy block out the unneeded traffic, (I know there's a Packet Analyzer in Server version, but what about a Workstation connected via cable?), dynamically filter various ports, tune up logging, filter log results. May be designated as a part of ICS and likes. (So it doesn't install when not using Internet).
3) Antivirus? Great idea; WindowsUpdate.com as the source of weekly virus DB updates. McAfee's DB is not the most extensive. Provide antivirus updates along with software/driver updates. The most powerful virus DB I know of is, I think, AVP from Central Command (www.avp.com) - detects even newest Russian trojans. Include adaptive algorithms for searching unknown YET viruses by behavior, not only by pattern.
4) Include command-line analogs of MOST unix-like utilities. MS already gave us nslookup, tftp client. Please go on.
* And vice versa: Network Admin GUI diagnostics/info utility named CyberKit (www.cyberkit.net), very well done, has all those ping/tracert/whois/nslookup/time client/port scanner REALLY DOES deserve to be integrated into Whistler - it's SO useful for a network admin. It's rather small, too. (#1 TO THE WISH LIST!)
5) Registry Fixes? Regedit must be able to do this in command line already. Not only export/import the whole registry. Should work in ANY mode.
6) MFT Defragmentation. Page File defragmentation. Make them into standard DEFRAG (which already does the great job).
7) Resolution switching? Isn't that what QUICKRES was designed for?...

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by EastExpert In reply to Ed Bott's Microsoft Chall ...

Not new features but actually suggestions:
Optimize existing MMC Snap-Ins for RRAS, Active Directory Users&Computer Management, and others probably too.
* Live Examples: RRAS/NT4 Administration tool is easy to use even thru Dial-Up. RRAS2000 Snap-in is five minutes to load up. This SUCKS. (it doesn't need to download attributes DB EACH TIME!!!).
* Or try refreshing AD Users&Computers with 1000 users loaded in. Deleting/Re-Inserting list items takes damn long, overloading CPU meanwhile. What about Disable Refreshing in list while it has to load/unload?
* Avoid unnecessary leafs in Snap-Ins (like AD snap-ins) that don't have anything to display in right view window. They only consume memory and step on the brakes while the interfaceis loading.
All the Snap-Ins Should Be Optimized a Lot.
9) Allow RRAS users to be managed via Command-Line. NETSH lacks the caps to extensively display/MANIPULATE users on a RRAS/2000 NAS. Over a 14,400 bps connection RRAS GUI isn't possible to run (it must update the GUI, too!)

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by bmott In reply to Ed Bott's Microsoft Chall ...

To answer the question directly, I require at least a seven character passwords with at least one numeric character and one capitalized character and force users to change their passwords every 3 months.

But there are other options available to ensure at least moderate security. It boils down to this, most companies approach security by restricting access to specific resources when they should be allowing access to needed resources. Security has multiple layers and passwords are the last line of defence. If all other criteria are met, the password is the last attempt to verify authenticity. By only permitting access to your resources when they are needed, you are denying access in any other circumstance, by default. No administrator should ever allow full access to their systems to every IP address. It's quite obvious that remote administrative access should only be allowed from the IP addresses handed out by the ISP of the administrators and if you really want to be technical about it, there's no reason why an administrator working remotely shouldn't have a static IP address. It is silly to limit security to a password.

Anyone looking to protect their network should be looking at solutions like packet filtering, intrusion detection and logging. With these implemented, it is possible to control access by IP address and port number. It can protect against fraggmented packets, IP spoofing, redirects an DoS attacks. If that is insufficient, an intrusion detection system can actively monitor connections and alert "suspicious" activity to allowed IPs and ports. In the event your system is compromised, syslog files stored remotely can indicate what took place and help you secure that hole. Passwords are justthe tip of the iceberg

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by bmott In reply to Ed Bott's Microsoft Chall ...

Unfortunately, I posted the answer to the wrong question. Please excuse my mistake!

Collapse -

Ed Bott's Microsoft Challenge, 11/16/00

by ebott In reply to Ed Bott's Microsoft Chall ...

The question was auto-closed by TechRepublic

Related Discussions

Related Forums