Microsoft .NET: Jumpstart for Systems Administrators and Developers

Without a doubt, Microsoft has undergone a huge change in attitude toward security following an announcement in 2001 that all product feature development would cease for six months while the product groups reviewed the security aspects of their products.
Scalability has always been an issue for Microsoft, as they start to penetrate enterprise-level applications. The ability for the software to grow inline with business requirements is one of the first issues raised by corporate IT departments. Windows NT was introduced a few years ago with the objective of providing the first scalable platform from Microsoft. Over the years, the platform has inevitably been enhanced, and with Windows 2000 we see a scalable enterprise operating system from Microsoft.
As you would expect, .NET comes with a lot of security built into the underlying framework. The security in .NET is based upon the concept of managed code, with the security of the code being looked after by the (CLR see Chapter 3). Managed code is checked to ensure that it is type-safe, so that incorrectly calling a method declared as accepting an 8-byte value will reject a call from anything larger as not being type safe. This verification process also ensures that code executes using flow transfers to method entry points or other well-known locations rather than some random location.
The CLR does allow unmanaged code to run, but it will not manage any of the security of the application, and specific permissions need to be granted to allow...