On Vista, feds wait and see
Several agencies issue moratoriums on upgrades while OS undergoes testing
- By Jason Miller
- Mar 18, 2007
The Army's Kevin Carroll
Henrik G. de Gyor
Microsoft Corp.'s Vista operating system includes several new security and collaboration features'two things agencies could use'but that still hasn't convinced many in the government to install it any time soon.
CIOs and network administrators are far from sold on the need for or benefits of Vista, or of Office 2007 and Internet Explorer 2007. In fact, the Transportation Department, the Army and now the National Institute of Standards and Technology have put an 'indefinite moratorium' on Vista installations. The Interior Department is giving serious thought to a moratorium, according to a draft memo obtained by GCN.
The Transportation and NIST decisions were first reported by Information Week.
Interior is considering telling its bureau CIOs and other IT managers that 'Windows Vista operating system [will] be restricted to testing in controlled, off-line environments. However, it is equally important that the Department begin preparing for eventual deployment of this new operating system.'
Interior also likely will mandate that newly purchased desktop and notebook PCs that come with Vista must meet minimum OS requirements (for an eventual upgrade), but that Vista must be uninstalled before connecting to the network.
In its memo, Transportation said there is no 'compelling technical or business case for upgrading to these new Microsoft software products. Furthermore, there seem to be specific reasons not to upgrade.'
Other agencies have decided on a cautious approach to Vista implementation.
Molly O'Neill, Environmental Protection Agency CIO, said she hasn't thought much about moving to Vista. The General Services Administration is not considering moving to the new operating system before 2008, an official said. And Scott Charbo, the Homeland Security Department's CIO, said his agency has been one of many federal test beds for Vista, but doesn't think it will be an early adopter.
Charbo said he hopes to complete his agency's move to Vista by 2009, and is budgeting and doing other things to prepare for that move now.
Still, Patrick Svenburg, Microsoft's Windows Client Solution Specialist, said there are a number of agencies preparing to move to Vista in the short term. Svenburg, however, could not offer more specific details about how many or which agencies are actively moving to Vista. He said it is the company's policy not to disclose information about its federal clients.
'Most agencies have an enterprise agreement with Microsoft and under that agreement they have upgrade rights to software we produce,' he said. 'There is no cost to move to Vista.'
Svenburg said he expects agencies to go through a deliberate decision process before moving to Vista. 'It is a classic IT engineering process. You must have a solid business case, do your due diligence and scope out potential issues,' he said. 'And you don't rule out technologies until it is done. What DOT put out is no different than what any commercial organization would do.'
Many agencies are waiting for testing to be completed before they move to the new OS.
'NIST's information technology staff is evaluating whether general NIST software applications will work effectively with Windows Vista and whether the software meets the full range of NIST's computer security needs,' a NIST spokesman said. 'Once this evaluation is complete, NIST expects that general use of Window Vista will be allowed on NIST networks.'
Meanwhile, the Army is waiting for the Air Force's evaluation of Vista against its standard desktop configuration before implementing it.
'We are expecting the Army's Small Computer Program office to implement it as early as August,' said Kevin Carroll, head of the Army's Program Executive Office for Enterprise Information Systems. 'We will get a gold master copy from Microsoft and we will give it to our manufacturers to test for us as well.'
Paul Rochester, the CEO of PS'Soft of San Mateo, Calif., a developer of IT asset management and lifecycle software, said before anyone moves to a new OS, they must decide which PCs can be upgraded.
Rochester recommended that agencies develop a 'map of their IT assets to determine what is Vista-capable and what is not, and then roll out the upgrades.'
He warned that costs associated with migration could soar as high as 20 percent to 30 percent if the implementation is poorly planned.
CIOs are not interested in new hardware or software unless it is going to pay the bills right away. Vista will be deployed based on the merits of virtualization, security and manageability capabilities, he added.
To help agencies make their decision, NIST issued a Vista configuration checklist in November and will hold an IT security day in April with a specific session on Vista security (GCN.com/743).
The configuration checklist 'reflects the content of the consensus baseline security settings document developed by the National Security Agency, the Defense Information Systems Agency and NIST,' the Web site said.
Svenburg said when agencies are considering moving to Vista, they should heed a few basic facts about the new OS.
'Vista was rearchitected with security in mind,' he said. 'We are offering full-volume encryption with BitLocker so if a laptop is stolen or misplaced, someone couldn't access the hard drive without the encryption key.'
He also said Vista is easier to deploy and retain a standard desktop configuration.
'We also improved the start- up times, the way you view and share information with Share Point portals and document management,' Svenburg said. 'We also built in firewall and malware protection.'GCN senior technology editor Rutrell Yasin contributed to this story.