Microsoft was scheduled to release its new Windows Server 2008 operating system, codenamed “Longhorn”, at the beginning of Q3 2007. I am bristling with anticipation for the next quarterly software maintenance release, which should be arriving in a few days, for Microsoft Business Partners. To satiate my curiosity, though, I downloaded the Windows Server 2008 Beta 3 Release and created a virtual machine so I could get a jump on familiarizing myself with this new edition of Windows. That journey will be presented later in a series of papers on this website.
As experience has proven, it is a good idea to wait a period of time before adopting a new operating system into your environment; however, by the same token, there is an impetus to move along with the flow and stay current. By doing so, you mitigate problems and risks associated with maintaining older software versions. Thinking back some years, Windows NT 4.0 Server was a good release in its day compared to the other Microsoft Windows Operating Systems. Though not always friendly, it did tend to be more stable than its peers. With the release of Windows 2000 the Microsoft community was introduced the X.500 standard by the implementation of Active Directory. Windows Server 2003 and Server 2003 R2 expanded the capabilities and functionality across the enterprise, with gains in performance, security, and efficiencies over its predecessor.
As I feel that most Technical Overviews of a product venture into the realm of “information saturation”, I have made a list of five “fast-gain” features of Windows Server 2008 which I feel will be most beneficial to medium and large-sized businesses from a perspective of security, management, performance, and reducing TCO (Total Cost of Ownership).
So what benefits await us moving forward into Windows Server 2008? Let’s take a look.
Windows Server Core Installation
This is a cool new installation option because it mitigates security vulnerabilities by shrinking the attack surface on a machine providing less opportunity for exploitation by hackers. Rather than building a domain controller and turning off whatever services your organization has deemed “risky”, why not just install a server core without all of the optional fluff? The core installation presently supports the following features for installation:
- File & Print Services
- Active Directory Domain Service and Lightweight Directory Services
- Server Virtualization
Another feature to this server build is that over its life-cycle it will require less updates and software maintenance meaning that it may advantageous for bandwidth deficient locations.
Read-Only Domain Controller (RODC)
At first glance, this was reminiscent of NT 4.0 BDCs and I was perplexed, but then the impetus started coming into focus. If a physical machine in a remote office is compromised, this build of a domain controller reduces further risk of security compromise as no changes can be made to the user accounts in Active Directory from that machine.
Terminal Services Gateway (TS Gateway)
Do you have applications at your Datacenter which you need to distribute to remote offices and/or laptop or home users and you don’t want to require the overhead of a VPN or third-party software? Microsoft Terminal Services, in conjunction with IIS 7.0, can now provide remote application delivery across the web. I think what I like best about this capability is the fact that Microsoft patches and security updates should be able to be applied without compromising the delivery systems.
Server Virtualization (WSv)
Windows Server 2008 can natively provide a virtual machine (VM) environment without the necessity of third-party software. This functionality allows one physical box to be divided-up logically into many individual server instances utilizing the same virtualized hardware platform. Rather than supporting and maintaining multiple physical servers, virtualization allows the consolidation of the IT footprint in an effort to reduce direct and indirect IT operating expenses. Server virtualization also leverages attached network infrastructure such as storage-area networks for a lower TCO. Supported guest operating systems are Microsoft Windows and Linux.
Network Access Protection (NAP)
Network Access Protection empowers Administrators to create policy-based client machine “health requirements” which could include stipulating OS patching requirements, software installation requirements, and required configuration settings. If a client machine is brought onto the network and it fails to meet the requirements, further action may be defined regarding how these rogue machines are to be addressed.