Home » Andrew Bond, Industrial Automation Insider
Andrew Bond, Industrial Automation Insider
07/06/2010Windows 2000 Users Face End-of-Support Challenge
Microsoft Extended Support and Security Updates for Windows 2000 expire this coming July (2010). That will only be of passing historical interest to the IT, business and home computing world, which has probably lost count of the number of Windows releases it has enjoyed or been subjected to in the past decade, but as Torsten Rössel, director of Business Development with Phoenix Contact cyber security subsidiary Innominate points out, for industrial users, who may well have large numbers of systems still running under the venerable operating system, the end of this particular era poses a significant challenge.
In fact, says Rössel, Microsoft has stuck with Windows 2000 a good deal longer than with some of its earlier offerings. The life-cycle policy for business and developer products currently provides for five years of mainstream support, which ended in 2005 and a further five of extended spport up to this coming July, with security updates available for the full 10 years. By contrast, support for Windows 95 expired in December 2001, while that for Windows NT 4.0 lasted eight years to June 2004, as did that for Windows 98 which ended in July 2006.
And don’t get the idea that the need for security updates has diminished with time. Microsoft issued a total of 36 of relevance to Windows 2000 in 2008 of which it classified 19 as being in the highest "Critical" category and 16 as "Important," while the 2009 total was actually higher at 48 of which no less than 31 were Critical and a further 16 Important. Moreover, according to Rössel, at least one additional breed of malware appeared in each month of 2009 and required a new version of the Windows Malicious Software Removal Tool which comes with the other monthly system updates. Among the malefactors were the Conficker worm and the Waledac and Bredolab Trojans which laid unprotected systems open to a plethora of malware and spyware hosted on servers mainly in Russia and China. Clearly, with the expiration of Extended Support, Windows 2000 systems will be wide open to future threats.
In the IT world the obvious solution would be to upgrade to the new operating system as a matter of course. Upgrades in the industrial world, however, often have unintended consequences. Not only are new licenses costly, but also new versions of Windows often require new hardware and infrastructure. Most important, particularly in areas such as pharmaceuticals and food and beverage, new or upgraded systems will require approval by the appropriate regulatory authority.
One possible alternative to upgrading might be to isolate Windows 2000-based systems entirely from the external environment but, as Rössel explained, this is now almost impossible. Systems will almost certainly need to communicate with other nodes on IP-based networks and with the outside world. Effective isolation can, however, be achieved through a "defence in depth" approach based on industrial firewalls such as Innominate’s own mGuard offerings. Using "Stealth Mode" technology, these devices are completely transparent and automatically assume the MAC and IP address of the equipment to which they are connected, eliminating the need for additional addresses or for changes to the existing network configuration and providing protection in accordance with centrally configured rules.
Nor is such an approach confined to the protection of Windows 2000-based systems approaching the end of formal support. mGuard has also been used to protect Windows 95, Windows 98 and Windows NT systems in the automotive industry and elsewhere, as well as to protect systems based on more recent versions which, while still covered by Extended Support, are regarded by their users as "non-patchable" because of the risk of patches leading to unforeseen consequences or requiring resubmission of the solution for regulatory approval.
Great Moments in Process Automation History
Take a broken soda fountain machine, a car a.c. unit, flavor mixes, water and CO2, add inventiveness; you get America’s favorite frozen drink.
Smart Grid: Independent Testing Of Rossi's E-Cat Cold Fusion Device Shows Positive Results
Forbes magazine's tech contributor Mark Gibbs writes that independent testing of Andrea Rossi's E-CAT Cold Fusion Reactor has positive results.The implications of the possible commercialization of cold fusion power sources are incredible.
Compressor Controls: Saudi Aramco Buys First GE Compressor Control Systems
Saudi Aramco has purchased advanced compressor control technology from GE for the Haradh GOSP-1 facility in Saudi Arabia's Eastern Province.
SANS Control Security Training Coming to Houston
SANS Institute will hold ICS Security Training event on June 10-15 in Houston
ISA Training Through June in Houston
Technician training, engineering survival and SIS boot camps for condensed, intense, comprehensive educational experience.
Past Time to Upgrade Your DCS?
Upgrading Your DCS: Why You May Need to Do It Sooner Than You Think
Metso Provides New Heating Solution for Finnish Utility
Finland's largest pellet-fired heating plant produces environmentally friendly energy in Tampere
NIST Releases Initial Cyber Security Framework Comment Analysis
The National Institute for Standards and Technology has released an initial analysis of the hundreds of comments by industry and the public they have received on the Obama Administration's "Improving Critical Infrastructure Cyber Security" executive order.
K-BIM Consortium Selects Siemens' Parasolid for New AEC Applications
-BIM, a consortium of commercial, academic and government organizations wants the new application suite to help create a national standard for building information management (BIM)
Friday p.m. Wrap-Up:This Week on ControlGlobal and Elsewhere
Some of the week's biggest stories in process automation
- All news »
Access the entire print issue on-line and be notified each month via e-mail when your new issue is ready for you. Subscribe today.
- Featured White Papers