TECH ED - Microsoft buys users time with extension

User reaction was generally upbeat after Microsoft Corp. announced last week that it plans to extend the support phase for business and developer products to a minimum of 10 years.

The support policy, which took effect Monday, updates the timetable that the software maker set in October 2002. The old plan called for five years of mainstream support and two years of extended support. Under the updated policy, there will be a minimum of five years of mainstream support followed by five years of extended support.

"It is very welcome news. The big challenge we face is the logistical issue of upgrading 30,000 devices across more than 5,000 locations. It is a huge undertaking," said Ron Cook, vice president of technology, strategy and operations at RadioShack Corp. "When we have to do an upgrade solely due to the product ending its support life rather than technical reasons, it is a big expense. The extra support time will allow us to schedule upgrades for the right reasons."

But the new mainstream and extended support policy will apply only to software released during the past five years, said Peter Houston, Microsoft's senior director of servicing strategy. He said that he is not aware of any exceptions being made. He also noted that the new plan won't cover Windows NT 4.0 Server or Exchange 5.5. The extended support period for those two products is due to expire at the end of this year.

The mainstream support phase provides for no-charge incident support, support for warranty claims and hot-fix support, as well as paid per-incident support and support charged on an hourly basis. Extended support essentially includes the paid options -- with the exception of security hot fixes, which are still free during that phase.

"Since their 10-year support does not include anything I am running, it really is very useless to me," said David Curran, manager of IT at CE Franklin Ltd. in Calgary, Alberta. He said 60% of his company's Windows servers run NT, including those with Exchange 5.5.

Some customers who have yet to migrate off older products may consider paid extension options from Microsoft or third-party vendors, unless they decide to run the products unsupported.

Several users said they have been forced to keep older versions of Windows and other Microsoft products as a result of application dependencies involving software built by third-party vendors.

However, Houston said older products are "not as serviceable" due to advances in software development technologies and methodologies. Houston added that products shipping eight to 10 years ago were designed well before many of the most serious security-threat models had surfaced.

"We have been working with customers for quite a while to get them to migrate off of NT because we have concerns over our ability to provide security for NT 4," he said. "We believe that NT 4 has reached the point of architectural obsolescence."

Houston said Microsoft "would be sending the message that we thought we could secure" NT 4 if the company retroactively applied the new 10-year support policy. "We believe that would not be responsible for us to give that false sense of security," he said.

The next step

Several users expressed support for Microsoft's decision, announced at the Tech Ed 2004 conference here in Las Vegas, and noted that they have been working to complete migrations off of NT Server.

"For us, information security is more important than extending the NT life cycle," said Bob Dutile, an executive vice president in IT at Cleveland-based KeyCorp. "We prefer working off a more secure core code base and concur with Microsoft that replacement of NT has been the superior option. We expect to continue to lower our cost of managing patch administration as we complete our replacement of NT."

"While it would be better for them to extend it to the 10 years that they are for everything else, I understand their concerns around security," said Diane Bunch, senior vice president of information services at the Tennessee Valley Authority. She said the TVA has migrated 70% of its NT servers to Windows 2000 and is working on the rest.

Some users questioned Microsoft's rationale. Jon Dell'Antonia, vice president of IT at OshKosh B'Gosh Inc. in Oshkosh, Wis., said he found Microsoft's explanation "curious, [given] the amount of patches and holes exploited in the current products." He added that although NT probably is less secure than newer Windows versions, it's also rare that viruses target it and older desktop operating systems.

Dell'Antonia said it would have been preferable if Microsoft had extended support for NT. His company has 600 cash registers running NT Workstation and 150 stores running NT Server. On the other hand, he said, it's no shock to see support end, since Microsoft is merely "doing what they said they were going to do."

Dennis Callahan, CIO at The Guardian Life Insurance Company of America in New York, said he has no quibble with migrating the company's NT servers, considering the aging operating system's "obvious" security weaknesses.

But Callahan added that he finds Microsoft's "willingness to extend support to fix their security bugs for a fee to be inconsistent with both the newly announced policy and their stated reason for not extending the new policy retroactively to NT."

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments