| MS Windows Server 2008 - State of the Software |
|
|
|
||
|
|||
| Teaching Models - Return on Investment | |||
| Technology Driven Classrooms | Classroom Management Systems | ||
|
|
|
|||
|
Microsoft Windows Server R2
|
MS Windows 2000 Server and Windows Server 2003 together have been accounting for about 60% of the worldwide server operating system market. In order to compete with the high-end UNIX distributions, Microsoft will need to deliver an improved security model and patch management economies of scale in Windows Server 2008. If security issues continue to plague Windows Server 2003, it will almost certainly have an adverse impact on customer deployment plans for Windows Server 2008. |
 |
MS Windows Server 2008 R2 builds on the management structure of MS Windows Server 2008, expanding existing technology and adding new features to enable IT professionals to increase the reliability and flexibility of their server infrastructures. New virtualization tools, web resources, management facilities and Windows 7 integration help save time, reduce costs, and provide a platform for a dynamic and efficiently managed data center. IIS: Internet Information Services and Windows PowerShell version 2 provide both improved control and flexibility for meeting customer business requirements.
Microsoft Windows Server 2008 has been rolled out slowly at most Fortune 1000 companies, government municipalities, and healthcare providers. The majority of the migrations are scheduled to be performed in 2010. SYS-ED in conjunction with Computer Education Technique Technology Partners have been working with clients to deliver smooth MS Windows Server 2008 migrations inclusive of and internetworking with UNIX and Linux-variant servers and workstations.
Clients' have provided positive feedback on MS Windows Server 2008 in the following areas:
1 - Improved network performance which takes advantages of multi-gigabit networks and controlling network traffic.
2 - Enhanced security and network access protection for ensuring that any computer connecting to the network adheres to organizational policy.
3 - Control over remote infrastructure with enhancements to Active Directory, including streamlined management.
4 - The Server Management Console provides a single unified tool for managing a server's configuration, displaying status, and managing roles.
5 - Improved scripting for automating common tasks and controlling system administration.
6 - Virtualization for secure access to internal applications through firewall-friendly ports.
7 - Windows Server 2008 with Hyper-V virtualization technology increases system availability for production server consolidation, disaster recovery, and end-to-end management of dynamic data centers.
8 - Windows Server 2008, RC 2 provides additional functionality when used with MS Windows 7 clients: storage, security, and management.
Editions of MS Windows Server 2008
MS Windows Server 2008 is available in five primary editions.
| Windows Server 2008 Edition | Description |
| Standard | Provides built-in and enhanced web and virtualization capabilities. Tools are provided for improved server(s) control and streamlining configuration and management tasks. Security features have been improved. |
| Enterprise | Provides an enterprise-class platform for deployment of applications. Clustering and the capability to dynamically add processors has been added. The consolidation of identity management serves to improve security. Virtualization provides the capability to economize and streamline infrastructure costs. |
| Datacenter | Provides for large-scale virtualization on small and large servers; it scales from 2 to 64 processors. Clustering and dynamic hardware partitioning capabilities are provided. Infrastructure costs can be streamlined by consolidating applications with unlimited virtualization licensing rights. |
| Web Server | Designed as a single-purpose web server for the deployment of web pages, web sites, web applications, and web services. It is integrated with IIS, ASP.NET, and the Microsoft .NET Framework. |
| Windows Server 2008 for Itanium-Based Systems | Designed and optimized for large databases, line of business, and custom applications. It provides both high availability and scalability for up to 64 processors. |
| Windows HPC Server 2008 | Designed for HPC: high-performance computing and built on the Windows Server 2008, 64-bit technology. It has the capability for scaling to thousands of processing cores and includes management consoles for monitoring and maintaining system health and stability. Job scheduling interoperability and integration between Windows and Linux based HPC platforms is provided. Batch and SOA: Service Oriented Application Workloads are supported. |
Two of the highly touted new capabilities are the RODC - read-only domain controller and server roles. The RODC hosts a read-only copy of the Active Directory database and the administrator can determine which accounts will be replicated to the DC, and replication is unidirectional. In conjunction with the new BitLocker technology, RODC will allow deployment of DCs at smaller sites. Microsoft has developed the Server Core to provide a lean server operating system that would allow specific server functions to run without all the overhead of the GUI. Installation of roles such as DHCP: Dynamic Host Configuration Protocol, DNS, file services and print server will be done completely from the command line. Significant enhancements and new features have been made to the Core server roles in Windows 2008 Server. In addition Windows Server 2008 consolidates a number of previously separated administrative consoles. In Server Manager, there is a central wizard-driven interface for installing and uninstalling server components along with a number of management functions.
Improvements to the Windows Server 2008 featureset include:
| Feature | Description |
| Active Directory Certificate Services | New features have been added to Windows Server 2003. |
| Active Directory Domain Services Auditing | Provides for tracking changes to Active Directory objects and attributes. |
| Active Directory Lightweight Domain Services | The new version of the Active Directory Application Mode product. |
| Active Directory Rights Management Service | Windows Rights management product gets new features such as delegation of administration, a new MMC interface, and integration with Active Directory Federated Services. |
| Application Server | Provides an environment that allows applications to run. Features include IIS, .NET Framework v 3.0 and 2.0, ASP.NET, COM+, Message Queuing and WFC: Windows Communication Foundation. |
| Clustering Services | The clustering services and administrative interface has been improved. |
| File Services | This is the new backup program; it does not support tape devices. Tape drivers are still available and can be used by third-party tape devices, including Microsoft's Data Protection Manager. |
| Fine-Grained Password Policies | A granular password policy to be applied to specific sets of users that supersedes the policy set in the domain level Group Policy. FGPP is defined as an attribute in the AD and not implemented through Group Policy. |
| Group Policy Settings | There are over 2500 configurations which can be implemented by the administrator. |
| Network Policy and Access Services | Includes network services such as VPN, RADIUS and dial up servers as well as routers and 802.11 wireless access. |
| Restartable Active Directory Domain Services | Active Directory can be turned off, tasks can be performed offline, and then Active Directory can be turned back on without a reboot. |
| Snapshot Viewer | A deleted object can be viewed in multiple disk snapshots and then the determination can be made as to which one to restore. |
| Streaming Media Services | This role can be used to deploy streaming digital media content and manage Windows Media servers. |
Shortcomings in MS Windows 2008 Server have been addressed. The standard approach in widespread use is to create a perimeter around a network with firewalls and IPS systems. However, if penetration occurs to the outer perimeter, then access is obtained to the internal network. This means that the operating system authentication would be the remaining authentication security preventing access to data.
MS Windows Server firewall has been augmented with three new features:
| Feature | Description |
| Bi-directional filtering | Bi-directional: outbound and inbound traffic can be filtered. |
| IPsec integration | The firewall rules and IPsec encryption configurations are integrated into a single interface. |
| Rules configuration | Firewall rules can be created for the MS Windows Active Directory service accounts and groups, source/destination IP addresses, protocol numbers, source and destination TCP/UDP ports, ICMP, IPv6 traffic and interfaces on the Windows Server. |
An MMC snap-in is used to configure the firewall.
CETi Technology Partners are researching and evaluating whether the MS Windows Advanced firewall provides protection comparable to host-based firewalls.
