Want CNET to notify you of price drops and the latest stories?

NSA offers Vista installation tips

Spy agency provided input for a Microsoft document with tips on how to use the operating system securely in larger organizations.

Joris Evers Staff Writer, CNET News.com
Joris Evers covers security.
Joris Evers
2 min read
Microsoft got input from the National Security Agency for a document with tips on how to use the Windows Vista operating system in larger organizations.

The National Security Agency Information Assurance Directorate reviewed the Windows Vista Security Guide and provided comments that were incorporated in the published version, according to Microsoft. The U.S. Department of Commerce's National Institute of Standards and Technology, NIST, had a similar role, Microsoft said.

"Feedback from these agencies as well as enterprise customers informed Microsoft's development of a security configuration guide to aid governments and other large organizations in deploying and configuring Windows Vista to meet their specific security and privacy needs," a Microsoft representative said in an e-mailed statement Tuesday.

Neither the NSA nor any of the other agencies, however, had a special role in the development of the actual Vista operating system, Don Armstrong, a senior program manager for Microsoft's Government Security Program, said by phone. But they were free to provide feedback on Vista throughout the beta process, just like any other testers, he said.

"They did not participate in the code development of Vista, they just had input in the security guide," Armstrong said. In total, nine agencies in five countries participated, he said.

To contribute to the installation guide, the NSA tested Vista by putting systems running the operating system under attack, according to a report in The Washington Post Tuesday. The NSA had two teams--one tried to break in, while the other tried to configure Vista securely, the newspaper reported.

Vista Readiness Advisor

Microsoft first published its Windows Vista Security Guide in November, on the same day that it wrapped up work on Vista

. A new version of the document was published last week after an error was discovered in the earlier release.

The online guide is meant for organizations planning to use Vista in a domain with Microsoft's Active Directory service. It provides instructions and recommendations designed to help strengthen the security of desktop and laptop computers running Vista in such a setup, Microsoft said.

The Windows Vista Security Guide is available for download at no cost.