Apr 30 2009

Windows Vista Comes of Age

Take a look at improvements to Windows Vista, available in the forthcoming Service Pack 2.

While researching this article I googled Windows Vista, searching for positive feedback, but it was surprisingly hard to find. Is Vista really that bad? Unanimously written off by the end-user community — and even by some IT pros, apparently — it’s hard to believe that an operating system that brings so many advantages to corporate IT is so unloved.

Many enterprises have held back on deploying Vista because of performance concerns, application compatibility and business value. But the bottom line is, Vista is simply better suited to business than any previous version of Windows — even without advances in the soon-to-be-released Service Pack 2, improved third-party drivers and a superior foundation.

Problems with device compatibility caused many of Vista’s initial woes. Drivers from well-known hardware manufacturers were either nowhere to be found or poorly written, resulting in performance and stability problems.

Since Vista’s launch, this situation has changed dramatically, and chances are you will be able to find high-quality drivers for most recently purchased hardware. According to Microsoft, as of June 2008, Vista supported 79,000 devices — 47,000 more than when first released. Testing drivers is crucial for successful deployment.

In Vista SP1, Microsoft reduced the number of User Account Control (UAC) prompts when creating new folders in protected locations and added a new Group Policy setting for disabling the secure desktop when UAC prompts for elevation. All the components that make up UAC — including the ActiveX Installer Service, file and registry virtualization and IE Protected Mode — can be customized using Group Policy, if the default behavior doesn’t meet your organizations needs.

Also in SP1, the BitLocker utility can encrypt volumes other than the system drive. Microsoft also added support for the Secure Socket Tunneling Protocol (SSTP), which works with Windows Server 2008 to provide users with reliable remote access using HTTPS.

Vista SP2 improves on the standard power-saving profiles, with energy savings up to 10 percent greater than SP1. This will definitely be of interest to notebook users and corporations implementing green initiatives, as SP2 also applies to Windows Server 2008.

Other notable additions in SP2 include the Feature Pack for Wireless, providing support for Bluetooth 2.1 and Windows Connect Now updates. Windows Search has been upgraded to version 4.0, which includes indexing of encrypted documents, extended Group Policy support and improved performance.

Application Compatibility

Since its release, an additional 200 enterprise applications have been deemed compatible with Vista, and further improvements are due in SP2. Even with all these gains, Vista introduced many architectural changes to the security model, driver framework and graphics engine, so there still may be compatibility problems with some applications. But the Application Compatibility Toolkit (ACT) can be used to resolve many of the problems that you are likely to encounter.

Microsoft Enterprise Desktop Virtualization (MED-V), a new component of Microsoft’s Desktop Optimization Pack (MDOP), works in concert with Virtual PC to run applications in a normal program window as opposed to presenting a complete virtualized XP desktop. MED-V can be used for applications that are not compatible with Vista or when there isn’t time for comprehensive testing. MED-V also includes the ability to deploy and manage virtual images in a client/server architecture.

Proven Security

Vista was the first operating system to be developed using Microsoft’s Secure Development Lifecycle (SDL). All 1,400 parts of the componentized OS underwent threat analysis during development. In conjunction with new security features, such as UAC, Vista has proved to be significantly more secure than Windows XP. During Vista’s first year, 36 vulnerabilities were patched, compared to 68 for XP. Microsoft’s latest Security Intelligence Report (SIRv6) shows that, between July and December 2008, Vista SP1 suffered roughly 60 percent fewer malware infections than XP SP3.

Internet browsers continue to be one of the main entry points for malware. SIRv6 shows that, under Vista, Microsoft software endured 35 percent fewer attacks than software running under XP, suggesting that improvements in Vista have made it harder for hackers to compromise the OS and Internet Explorer, thereby shifting their attention to third-party software.

The security improvements in Vista will benefit small and medium enterprises that don’t have a managed infrastructure. Organizations with a competent IT department will be able to lock down XP to provide some of the benefits that Vista offers.

More Reasons to Deploy Vista

Vista is more consistent and reliable than XP, with automated background tasks to aid performance and troubleshooting, the ability to collect event-log data and built-in Windows Defender. Reliability and performance monitoring tools are great for troubleshooting problems caused by unwanted system changes. The new Task Scheduler can automate repetitive tasks with more granular control than was previously possible. An extra 700 Group Policy settings, including restricting access to removable hard drives, give sysadmins better control.

New to Vista are component-based servicing, which provides more reliable patching, and deployment features including hardware abstraction layer (HAL) independence, making the OS easier to deploy and maintain than ever before.

Vista’s Backup and Restore Center uses a simple user interface to encourage small businesses and home users to backup their data on a regular basis. Complete PC Backup can be used to create complete disk images. The Previous Versions feature allows users to restore old versions of files from the desktop without calling the help desk.

Russell Smith is an independent consultant based in the United Kingdom who specializes in Microsoft systems management.