Windows Vista Security Center

In a recent meeting with my colleagues Mike Burk, a Security Center Program Manager, and Austin Wilson, a Director from Windows Client Marketing, I had the opportunity to find out more about how and why the Windows Vista Security Center evolved.  If you've used Windows Vista, I’m sure you've noticed that the Firewall, Automatic Updating, Antivirus, Antispyware, Internet Security Settings and User Account Control settings are all located in one easily accessed place:  the Security Center.

Although the Security Center was originally introduced with Windows XP SP2, Windows Vista has improved on almost every feature found there.  A lot more "under the covers" features have been included for Windows Vista.  If any of these safeguards are out of date or in an unsecure state, the Security Center will warn you so that you can make adjustments or changes.

Some of the other improvements to the Windows Vista Security Center include:

  • Showing the status of software designed to protect against spyware (such as Windows Defender) that helps to keep your computer safe with the latest downloads and updates
  • Security settings for Internet Explorer 7
  • Notification if User Account Control has been changed or is no longer enabled   

The Windows Security Center can also monitor security products from other security companies and will show you if they're current with the latest virus definitions and other updates.

Windows Security Center monitors the following security components for Windows Vista:

Firewall

Windows Security Center monitors your system to see if you have a firewall installed and if it's the Windows Firewall or a firewall product from another company.

Many users prefer to use a couple of different firewalls with the hope that two are twice as good as one.  Yet, this is definitely not the case.  A secondary software firewall is not recommended, as it will usually cause more conflicts and problems than it prevents.  For example, exceptions must be set up for each firewall.  If there is a problem, which firewall is the one causing it? 

Most firewalls will disable any other firewall it discovers to avoid these types of issues.  The only exception to this is a hardware firewall in conjunction with a single software firewall.  A hardware firewall is still the best way to stop unsolicited traffic.

Automatic updating

Windows Security Center checks that the auto-update feature is enabled and is using the recommended settings.  If it's not enabled or configured differently than recommended, Windows Vista Security Center alerts you to that fact.

Antivirus

Windows Vista Security Center checks for antivirus software and warns you if your settings are not configured correctly.  If you prefer to run an additional antivirus application, the Security Center will give the status of both if the third-party application uses the underlying API that allows such reporting.

Another improvement over Windows XP SP2 is that Windows Vista can re-enable your antivirus program if it has been disabled.  Windows XP SP2 only warned you and required you to access the actual application to re-enable it.

Anti-spyware and other malware protection

In Windows Vista, newer features and the prevalence of spyware required additional refinements to the Security Center.  Windows Security Center now checks and reports if Windows Defender or another company's anti-spyware software is running.  When you're using both Windows Defender and third-party anti-spyware software, Windows Security Center will monitor definitions for both as well as warn you if there are any irregularities in your settings.

Unlike a secondary firewall or antivirus application, running a second anti-spyware program doesn't affect your computer's overall performance nearly as much.

Internet Security Settings

Internet Explorer 7 has its own security settings.  Windows Vista Security Center will alert you whenever these settings may be configured other than as recommended.  Windows Security Center makes it easy to change the settings back to their default state by providing a button you can use to restore the settings automatically; or, you can access the Control Panel to change them manually.

Although you may fall into the habit of thinking you're always secure whenever you're browsing with IE7, there may still be times when you've disabled a particular setting for one reason or another and then become distracted and forgotten you'd changed it.  Luckily, Security Center is there to remind you.

User Account Control

In order to help keep your computer safer, the User Account Control service should be enabled.  Window Security Center monitors the status of User Account Control and lets you know if User Account Control has been changed or disabled.  (You may have reason to disable it similar to the IE7 example above.)  You can restore User Account Control to its recommended settings with a single mouse click.

----- 

One of the challenges in developing the Windows Security Center was working with various ISVs (Independent Software Vendors) and figuring out the best methods for reporting an application's status to Security Center.  As users are becoming more security-aware, and malware producers become more proficient, users want more protection from malicious sites and users.  Windows Vista Security Center is there to help users keep their computers and data more secure.  One way of allowing for this is Security Center's standardized API "hook" that any ISV can use to report their application's status, even if the application has been newly installed or is invoked after boot-up.  In other words, there's no need for the user to check the status of each security product separately, as Security Center will track the status of all anti-malware and antivirus programs that make use of its standard API.

As an additional security measure protecting Windows Vista users, before a third-party antivirus or anti-malware application can be included in (i.e., tracked by) Windows Security Center, the company producing it must be formally approved by Microsoft.  In order to accomplish this, that company must be under NDA (non-disclosure agreement) and in good standing with the community.  If you are using a third-party program that makes use of Windows Security Center, it should be designed to inform you if it uses its own end-user warning system rather than making use of the Security Center notification feature.

As you surely know, it's a whole new ballgame when it comes to computer and Internet security.  Regardless of how, where or for what you use your computer, I suggest you visit this link to learn more about Windows Vista Security Center and security in Windows in general.

Tags: , ,

Comments

  1. Sebastian_Foss
    Posted on: August 07, 2007 at 11:52PM  
  2. Major Trumpet
    Posted on: August 08, 2007 at 4:20AM  

    The most annoying thing about the NEW security center over XPSP2 is..

    The inability (or obviousness of the option) to switch off notifications for only one "problem".

    In XPSP2 you can un-tick notification for firewall warnings.. in Vista.. you cant.. you either have "Yes warn me.. " or "no dont warn me.." and the icon only warning.

    On MOST of the machines I am asked to set up.. and even after explaining what UAC does .. I am asked to switch it off.

    But it then pops up the warning box.. so the only option I have is to switch that off too! Which then no longer warns them about other security vectors..

    In XPSP2 I could just un-tick one of the warning options.

    Thats my grumble over :)

    Tom

  3. Zoltan
    Posted on: August 08, 2007 at 6:29AM  

    You are right! This new security center is alittle bit confusing!

  4. carusen
    Posted on: August 09, 2007 at 7:09AM  

    You can find a very useful tutorial about the Windows Vista Security Center - how to configure it or disable it here:

    http://www.vista4beginners.com/Windows-Vista-Security-Center

  5. netdawg
    Posted on: October 22, 2007 at 4:47PM  

    Hi Folks,

    It seems essentially impossible to ping a Windows Vista machine from within a home network.  This is the root cause for being unable to map a network drive from one Vista machine to another (or from XP to Vista).

    I have already done the set my network to "private" and turned off firewall (I am behind a router, which I can see from both machines in question...and can map network drive from vista to xp but not within the two vista machines I own).  

    First post from me.  Just wondering where I may post this to create a thread that helps out users...just googling this topic (cannot ping vista) will demonstrate that this is a common problem.  

    As you can see from

  6. Gilesh
    Posted on: March 26, 2008 at 4:02AM  

    Hi.

    I have just installed Vista Ultimate and have a problem with the windows update section in the security center. It's not working properly and I can only see the sign of the green line moving and that's all.

    How can this be fixed?

  7. Diane@Workkeys
    Posted on: May 21, 2008 at 3:27PM  

    I work for a software help desk and I have several customers that do not have the Enable Protected Mode option on the Security screen.  What is causing this?

  8. Brenda Dickinson
    Posted on: October 14, 2008 at 4:38AM  

    Hi, In windows Vista, (all new to me) when in my emails, a box "Windows Security Logon" always pops up and prompts me on every email address I use, how do I get rid of this pop up?

    Its the Credential Manager single sign on

    please help, thanks

  9. J.Allyn
    Posted on: January 19, 2009 at 9:43PM  

    This is a Microsoft web page with a lot of great resources (webcasts, podcasts, etc.) about Widows Vista's security features.

    www.microsoft.com/.../technetvista.aspx

Trackbacks

  1. Posted by: The Security Wizard on August 10, 2007 at 3:04PM

    Nick White from the Windos Vista Team Blog has interviewed Mike Burk, a Security Center Program Manager,

Recent Posts

Tags

View more
© Copyright 2009 Microsoft Corporation. All Rights Reserved.   |   Privacy Statement