I want to briefly salute some of the security improvement represented by these products. This is not a comprehensive list, and I will certainly dig into some of these in more detail later, but it should give you a good idea:
Windows Server 2008
- Building on the solid WS2003 security record, which was a huge step forward from Windows 2000. As a tribute to 2003, please check out http://www.loneserver.com, a fun site about the last WS2003 in use in the MSCOM server network.
- Architectural and defense-in-depth protections similar to those lauded in Windows Vista, such as ASLR, Services hardening, and general benefit of the latest generation of the SDL.
- Server Core
- Network Access Protection. Policy driven health checks of machines before they are granted full network access.
SQL Server 2008
- Built upon the incredible security record of SQL Server 2005, which has had zero vulnerabilities in the database code since it launched over 2 years ago.
- Transparent encryption and improved security policy management capability
Visual Studio 2008
- Latest generation of security source code scanning tools
- New T-SQL Static code analysis
- Linq (nothing to do with security, but it rocks!)
Regards,
Jeff