My main priority for the division is to deliver on our commitments on trustworthy computing. Most people think of trustworthy computing as security, but another thing that I feel particularly passionate about is simplicity and reliability. By that, I mean for us to do a better job making the operational attributes of the servers easier in both managed and unmanaged environments. We need to a better job making servers more predictable, simpler and capable of delivering reliable, high performance. There seems to be a lot of confusion about .NET in the IT world. How will .NET improve the daily grind of the network and system administrator?
Microsoft has made a deep bet on Web services. That's what the buzz is all about. Visual Studio.NET is the tool that allows developers to develop next-generation applications. Windows .NET server is the platform you will use to deploy and operate the .NET applications and Web services.
If you think about what .NET constitutes relative to the server, there's the Common Language Runtime, which is the engine that does the managed code that is baked into Windows. NET server. From there you have strong support for XML, UDDI server, SOAP support, and IIS 6.0, which provides a new, fault-resistant architecture with app isolation.
IIS 6.0 goes hand-in-hand with ASP.NET, the next generation of active server pages providing a class of support for Web server applications in a managed environment.
So for the IT audience, in answer to the question 'how does my life get better with .NET?' -- the answer is that there are a bunch of operational attributes that will improve with managed code. You have more control over how code is executed and processed. It has a language diagnostic mechanism. It has profiling.
To an IT person, that means higher quality code executed on their servers. It means more control over them. And then you plug that in with ASP.NET and IIS 6.0 for higher and more resilient server performance.
Will this be a separate server?
It will be part of Windows server. I do expect there will be a different server. We haven't figured out the final distribution yet. From a conceptual model, that's how it will work. Will customers have to pay more money for it? The answer is no. What can customers expect in the way of improved security from the code freeze on .NET Server?
We took 8,000 people who deliver functionality to Windows. NET server -- developers and testers -- and trained them on security, on how intrusions happen and how they could be attacked in their specific areas. We got them in conference rooms and had them brainstorm and work through issues of how their particular components could be attacked in their specific areas. Then we had them step through the code afterwards. This is what I call 'security by design.' A second area of emphasis is what I call 'security by default.' We are being much more aggressive about locking features down and having users turning them on when they need them. Then there is 'security by deployment.' This is the process by which we make patches and updates readily available. What do you see as consider as your biggest competitive threat?
I think the combination of Linux and IBM is our biggest challenge. A few years ago, it was very fashionable to say that the pure-play Linux companies were going eat us for lunch and that Linux was a high scale offering. That hasn't happened. I do worry about Linux as an Intellectual Property vacuum cleaner. They haven't yet demonstrated any rich application platform, but Linux has done a pretty good job cloning innovation. It's something we need to pay attention to. And the fact that IBM is pushing it hard, certainly lends credibility to it. I believe our value proposition is better than IBM riding the perception wave of Linux. We have to make sure value proposition is clear and that we provide better value. The industry benchmarks are showing that the degree of scale that we are delivering is challenging. We're in the top 10, but Linux isn't there. Unix and Windows are now on par for scalability and reliability. The difference is price. I feel very strongly about the value proposition we are offering on the basis of cost-per-transaction. If it's not resonating with customers, we need to do a better job. It certainly is a management nightmare to implement all the fixes and patches that come over the transom. How will this change?
I believe that customers shouldn't have to lift a finger to get an update from us. When we see a problem, we will deliver patches that are documented in terms of what changed and what we see as the security risk. For example, at the customer's site, there will be a corporate update server. So when we find a problem, we figure out what has to change, make the code change, test it, document it, and tell the customer what has changed and how to test it, because that will give the customer ideas on how it will work in their environments. Some 30% of respondents to a SearchWin2000 survey said they are looking more seriously at alternatives to Microsoft than they were a year ago. What's your response to that?
I feel very bullish about our prospects going forward on a couple of different dimensions. We are the only OS vendor that is gaining significant use in share year over year in a down market. A recent Morgan Stanley CIO study highlighted that Windows 2000 deployments are very high on their priority list. Your customers believe in us as an R&D shop. The companies and shareholders are very committed to this R&D budget that we have for higher-performance, more secure, more scalable, and more reliable products, and I have a business model and an R&D budget to continue to drive that forward.
Bill Veghte oversees the development and marketing of the Microsoft Windows server operating systems. He was previously Vice President of Microsoft's Embedded/Appliance Platform group. Veghte joined Microsoft in 1990 as a product manager on Microsoft Office.