By Jo Ticehurst, VNU
Net
Windows 2000 is not secure enough to use on internet connected
servers, according to a senior security analyst at Gartner.
John Pescatore said that companies should wait until the end
of next year before running the operating system on web
servers.
“I would not recommend Windows 2000 for internet connected web
servers today,” he warned. “The operating system has a major
increase in security over Windows NT but it is still just out of
the box. It has a lot of embedded components that are not
sufficiently tested.”
Pescatore explained that Microsoft’s operating systems reach a
state where security is “good enough”, then drop again following
the discovery of a new series of bugs contained in the next
version.
“Windows 2000 will be more stable by the end of next year after
a few more service packs have been released and the flow of what
are relatively serious bugs is cleared up,” he said.
“Most commercial versions of Unix, such as HP-UX and Sun
Solaris, have reached a good enough level of security and are safe
enough to use on the internet. If you have the skill set, then Unix
is the safe choice today,” he added.
Pescatore also claimed that “managed” Linux will become the
most secure option in the next five years.
“There are two forms of Linux: one which is random, where the
code is available on the web for all, [and one] which is managed,
from companies such as Red Hat. Well managed open source testing
can make software more secure, faster. By 2005, managed Linux will
be the most secure operating system,” he said.