You need updates from Norton in order to use NIS with XP SP2.
If you speak with their help desk they will also suggest you download the
MSI Installer. DON"T bother.
With SP2 most of NIS will be redundant. You will need Anti-Virus.
When you turn on a new PC or an old one with SP2 freshly installed you have
to go through a security wizard.
The first thing it does is to recommend that you turn on Automatic Updates.
You can still leave it off, just as you can walk through a bad part of town
flashing a roll of bills, but it's on you if you do.
The user is then sent to the new Security Center, a central place for
managing security settings in Windows and some third-party security software.
From here, you can manage the Windows Firewall (formerly known as the
Internet Connection Firewall or ICF) as well as third-party firewalls and
anti-virus products.
In many ways, the most important security change in SP2 is on the Security
tab of Internet Properties, or rather what is not on it. There is no longer a
My Computer zone to edit; it has been locked down. Many security experts have
complained about the My Computer zone for some time, as it has been used as a
conduit for a large number of attacks through Internet Explorer.
It's always been possible to lock down the My Computer zone but with SP2, by
default, attackers will no longer be able to use "cross-zone" scripting bugs
to trick IE into executing code.
The big deal is the firewall: If you had been running Internet Connection
Firewall version 1, you would be immune to Blaster and lots of other attacks,
but you probably turned it off because it interfered with applications.
The new Windows Firewall is much better and more like third-party
firewalls—and it's on by default. Is it as good as prominent third-party
firewalls from companies such as Zone Labs and Sygate? No, and I don't think
Microsoft would claim it.
This is a good example of how Microsoft has been forced into the security
business. It's in a classic damned-if-you-do, damned-if-you-don't position.
If it provides a good firewall as part of Windows, then it's using its
"monopoly power" to foreclose a third-party market.
If it doesn't, then it's providing an insecure operating system. The trick
is to make Windows Firewall good enough that users can run it without
problems, while still leaving a clear competitive advantage for third
parties.
What is better with those from 3rd parties? The biggest one is that
Microsoft claims its firewall is much more sophisticated about outbound
protection, which means protection against outbound communication by
potentially unauthorized software on your system.
Windows Firewall does have some protection against this, but it also comes
configured with exceptions for some prominent applications, such as Internet
Explorer. Doubtless there will be many testing stories soon looking at the
practical differences in real-world use.
Manageability can be another big difference. Windows Firewall will be
manageable through group policies in Active Directories, but other firewalls,
such as the Sygate Secure Enterprise personal firewall, have much more
powerful management features and are not tied into Active Directory—although
AD integration is good for a lot of people.
