This translates into the use of system cache as part of the memory allocation algorithms inherent in the VA memory space approach to managing memory in Vista. In addition, memory manager now relies on kernel page tables that are loaded at system initiation and allocated on demand. This saves a significant amount of system resources including a minimum of 1.5MB on Intel x86-based systems and up to 3MB on PAE-based systems. The resource savings are exponential when applied to 64-bit systems, where up to 2.5GB of memory can be saved through this approach to memory management. Microsoft also continued this approach to the definition of the boot sequence on systems with large registries, predominantly found on 32-bit based Intel systems. The options on this specific Memory Managers include turning on or off the option of using a 3GB switch, which is essential for larger systems used for multipath network configurations.
Memory Manager's primary design goal was to map VA memory space to physical memory, regardless of location or relative access characteristics. This necessitates in many larger Vista configurations reliance on the MMC to coordinate I/O process routines.
TCP/IP has been the foundation of networking within all Windows operating systems since their inception of Windows NT, and with each release Microsoft continually refines and augments their interpretation of this standard. Windows Vista is a major refresh of the TCP/IP protocol stack with support added for a dual Internet Protocol (IP) layer architecture. Much has been written about this dual IP approach to the TCP/IP layer architecture as it supports both IPv4 and IPv6 standards at two levels of the TCP/IP stack including the Transport and Framing Layers. Both IPv4 and IPv6 are supported in the default configuration of the Vista operating system. Microsoft also chose to include modifications to the TCP/IP command interpretation for improvement to secured HTTP connections with the HTTP.SYS enhancements, support for Internet Protocol security (IPsec) and several enhancements to the Windows firewall. As here had been security breaches in the past relative to Windows Sockets, Microsoft chose Vista as the Windows version to make these modifications as well. Quality of Service (QoS), a major concern for many companies given the use of server and site loading by hackers to shut down sites, is also now implemented in Vista. Enhancements to Server Message Block 2.0 (SMB), WinINet, Network Device Interface Specification (NDIS) 6.0 and 6.1 support, and enhancements to peer-to-peer networking all have been integrated into the network management functions of Vista.
As Microsoft defined security as the primary design objective of Vista, this area has received the most attention from a development and continual testing and validation standpoint internally before Vista was launched. Previous operating systems including Windows 2000 and Windows XP had been susceptible to malware attacks; therefore Microsoft concentrated on developing entirely new approaches to countering these threats to Vista. The integrated web browser, Internet Explorer is designed to sense and block malware before it's loaded onto a systems, which is a major improvement over the previous operating systems' nonintegrated approach to security on this specific threat.
Additional security features include User Account Control, a much-needed change to user authentication and security logic which gives users the flexibility of changing their own settings to the point of not comprising security of their systems. This was designed specifically to address the needs of system administrators and it departments, who would find users would change settings on their systems to allow an application to run, yet would significantly increase the risks of it also becoming infected with a virus. Second, Microsoft has also created an architectural layer in their operating system which is given the name Windows Defender (Melber, 47). The purpose of the Defender layer of Vista is to evaluate and classify software as it is being installed to see if it is also trying to modify or destroy other applications at the same time. Defender acts as a security auditor, watching the specific installation of applications to ensure all other aspects of the operating system are safe (Melber, 46). The most discussed new series of features involve modifications to the firewall, specifically the support for bidirectional traffic and support for outbound filtering in peer-to-peer networking environments. The catalysts for these additions to the firewall have been driven by the rise in social networking traffic companies are experiencing and the resulting peer-to-peer development requirements. Microsoft has taken features from its NTFS file system and created the Windows Service Hardening, which blocks the extent of changes that any given malware or security threat can make to any part of the operating system or its applications. Network Access Protection is an extension of the Windows Service Hardening (Melber, 47), with the intent being the prevention of internal network attacks by systems that do not meet the specific security parameters necessary to gain access. Microsoft coordinated with hardware and disk drive manufacturers and created an encryption approach that relies on firmware or electronics on system motherboards and on disk drives to provide encryption of entire disk volumes. Called BitLocker encryption (Lamb, 3), this approach encrypts the contents of an entire disk drive and protects it from being hacked into by anyone without 128-bit or higher encryption.
Beginning with Windows NT and included in the design of every operating system Microsoft has developed since, multi-threaded memory and pre-emptive multitasking have been inherent in the core structure of the operating system. Multi-threading support within Win32 API-based applications is optimized for the number of processors in a given system, which is a primary factor in Intel building motherboards with dual slots for microprocessors. This has especially been the case in low-end workstations and servers, yet is becoming increasingly common in high performance desktops as well. Vista's processor power management is a result of this progression, supporting multiprocessor systems including optimization for logical thread and multiple core support, making it possible to save power consumption while attaining high levels of multi-threaded application performance. Vista also supports versions 2.0 and 3.0 of the Advanced Configuration and Power Interface (ACPI) specification as well. Processor management includes coordination of performance state transitions across processors and the elimination of previous generation processor throttling used in Windows 2000, Windows Server 2003 and XP. Microsoft also made the decision to include more processor device drivers in the baseline configurations than has been the case in the past, in addition to improving the C3 entry algorithm for processor security and system-level configuration management.
From the initial development of Task Manager in Windows NT, Windows 2000 and Windows Server 2003, Microsoft has attempted to provide memory, processor, and process identification (pid) control and reporting to users and administrators. What has been missing is the ability to see how processes interact with and pre-empt each other in multithreading and memory performance. These shortcomings lead to the development of the Vista Process Explorer, which tracks process performance and the influence of each other in terms of performance. Process Explorer tracks all running Dynamically Linked Libraries (DLLs) that are performing on a system at any given point in time. Just as previous generation Task Managers tracked the Commit Charge (memory use), Physical Memory, Kernel Memory, Paging, and CPU and I/O performance, the Vista Process Explorer also does the same. The Vista Process Explorer also shows the memory usage and memory mapping for each DLL file running.
One of the major complaints of Task Manager is that it is unreliable in quitting or ending specific tasks, and often requires the system to be completely rebooted in situations where multiple processes are being cancelled. The Vista Process Explorer is a 32-bit based application and supports its own threading, which unlike Task Manager which ran in shared 16-bit threaded mode with other operating system processes, would often attempt to pre-empt operating system functions and cause the entire system to quit working. Process Explorer also supports at the Administrator level the ability to set shell scripts and XSLT style sheets to produce system by system statistics of performance of each system on a network. This is very valuable for administrators who have the responsibility of keeping systems across their entire networks working properly.
Microsoft's approach in the development and launch of the Vista operating system has been to focus on the most critical unmet needs in their consumer and commercial, enterprise and government customer bases first, and that is the need for increased security. Pervading the device, file, network, processor and process management areas of Vista is a foundational element of security; on which each of the subsystems for these areas rely on. Performance improvements specifically in the areas of processor power management and process management have been significant, based on accumulated knowledge from Windows NT, Windows 2000 and Windows 2003 Server experiences the company has learned from.
Danny Bradbury. "Microsoft's new window on security. " Computers & Security