1
Windows Server 2008 &
2008 R2 Overview


Tony Krijnen                 Daniel van Soest
IT Pro Evangelist            IT Pro...
More Control   Increased Protection    Greater Flexibility




    Spend Less        Hardens the OS         Quickly Respon...
Technology Investment Areas
          Virtualization                       Management                                  Web...
Agenda
      More Control       Increased       Greater Flexibility    Better Together
                         Protection...
More Control



                   Increased    Greater Flexibility   Better Together
                   Protection
  Spen...
Managing Windows Server 2008




                           NEW!
                                  Best Practise Analyzer
...
Server Manager




8
Server Core Architecture
                                                                  Server Roles
                .N...
Server Core: The Lean, Mean,
Server Machine!




        Hard Disk
                    Memory
                            ...
Server Core




11
PowerShell
        Improved Command-line shell & Scripting Language
                            Improves productivity & co...
The Difference is OBJECTS!
 Get-Process | Where { $_.handles –gt 500 } | Sort handles | Format-Table

                Comm...
PowerShell 2.0          NEW!




          New Features                    Integration
      Graphical PowerShell         ...
Windows Remote Management

                              WMI
                              WS-MAN
                Internet...
PowerShell & WS-
     Management




16
Managing Your Web with IIS
          Secure HTTPS

                Internet                      XML

                    ...
Key Changes to IIS 7.5 in R2

      NEW!




             ASP.NET on Server Core           New IIS Manager Modules


     ...
Internet Information Services




19
Increased
                        Protection


     More Control                       Greater Flexibility   Better Togeth...
Multiple layers of protection
  Reduce size of
  high risk layers
  Increase #
  of layers
                               ...
Service Hardening
• Services now have a SID
 (S-1-80-<SHA-1 hash of logical service name>)
  ACL’s have been set on these ...
Changes in SVCHOST structure
     Windows XP SP2 / Server 2003 R2                                   Windows Vista /
      ...
BitLocker Drive Encryption

       Protect servers and laptops

       Protects data while system is offline
             ...
Recovery of data with broken hardware

      22



1
1                        4   5             6




           3
       ...
Bitlocker™ Views?




26
Network Access Protection
                                                                        Policy Servers
         ...
NAP Benefits
Feature           Support                       Benefit
Built-in client   Windows Vista, Windows XP     • No ...
Network Access Protection




29
Branch Office Benefits


                                          RODC
           Main Office            Branch Office

 ...
Greater Flexibility



     More Control   Increased                          Better Together
                    Protecti...
Provided by:

Hyper-V Architecture                                                                          OS
           ...
What is Microsoft Hyper-V Server?
      Microsoft Hyper-V Server 2008         Windows Server 2008 Hyper-V
                ...
HVconfig




        Automatic startup at login
        Easy setup utility for server configuration
        Localized in 1...
Hyper-V 2.0 Live Migration
     Configuration
                                                         NEW!




          ...
Cluster Shared Volumes (CSV)                           NEW!




                             SAN



Communication
Network ...
Live Migration




37
Windows Server 2008
16 LP Server
Windows Server 2008 R2 Core Parking
16 LP Server                    NEW!
Terminal Services = Remote Desktop Services
NEW!                           Improved                    Improved

         ...
TS Gateway In Action
  RDP hosts can now be put behind firewall
  HTTP/S used to traverse firewall
  AD/NPS/NAP checked be...
Remote Desktop Services




43
RDS & VDI – An Integrated Solution

  RDS-based                                         Hyper-V-based
Remote Desktop      ...
Centralized Desktops: TS vs. VDI
                                   Terminal Services (Sessions)   VDI (VMs)
Technology Ma...
Better Together



     More Control   Increased    Greater Flexibility
                    Protection
                   ...
Remote Access for Mobile Workers




           Office                   Home            Office                      Home
...
Branch Office Network Performance




      Application and data access over WAN   Caches content downloaded from file
   ...
Windows Server Roadmap
                                               R2




                                        2008
...
tony.krijnen@microsoft.com   danielvs@microsoft.com
50
Upcoming SlideShare
Loading in …5
×

Windows Server2008 R2 Overview (1)

1,368 views

Published on

Windows Server 2008 & R2 (part 2)
Tony & Daniel

Ráðstefnan 2009

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
1,368
On SlideShare
0
From Embeds
0
Number of Embeds
12
Actions
Shares
0
Downloads
0
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

Windows Server2008 R2 Overview (1)

  1. 1. 1
  2. 2. Windows Server 2008 & 2008 R2 Overview Tony Krijnen Daniel van Soest IT Pro Evangelist IT Pro Evangelist tony.krijnen@microsoft.com danielvs@microsoft.com
  3. 3. More Control Increased Protection Greater Flexibility Spend Less Hardens the OS Quickly Respond Time on and Protects Your to Changing Everyday Tasks Environment Business Needs 3
  4. 4. Technology Investment Areas Virtualization Management Web Hyper-V™ 2.0 Power Management IIS 7.5 & Integrated Extensions Live Migration AD Administrative Center .NET on Server Core Remote Desktop Services PowerShell 2.0 Configuration Tracing Best Practices Analyzer Service-Oriented Architecture Solid Foundation for Enterprise Workloads Scalability and Reliability Better Together with Windows 7 >64 Core Support Direct Access Componentization Branch Cache DHCP Failover Enhanced Group Policies DNSSEC BitLocker on Removable Drives 4
  5. 5. Agenda More Control Increased Greater Flexibility Better Together Protection Spend Less Hardens the OS Quickly Respond Improve Users Time on and Protects Your to Changing Productivity with Everyday Tasks Environment Business Needs Windows 7 Server OS Hardening Virtualization Direct Access Manager Network Remote Branch Cache Server Core Access Desktop PowerShell Protection Services IIS 7.5 Branch Office 5
  6. 6. More Control Increased Greater Flexibility Better Together Protection Spend Less Time on 6 Everyday Tasks
  7. 7. Managing Windows Server 2008 NEW! Best Practise Analyzer AD, DNS, TS, Cert, IIS 7
  8. 8. Server Manager 8
  9. 9. Server Core Architecture Server Roles .NET NEW! ASP.NET TS IAS Web Server Share Point Powershell v2 Server Core Server Roles Server With WinFx, Shell, Tools, etc. AD DNS DHCP File Print WVS IIS Server Core GUI, CLR, Shell, IE, Security, TCP/IP, File Systems, RPC, plus other Core Server Sub-Systems Media, OE, etc. 9
  10. 10. Server Core: The Lean, Mean, Server Machine! Hard Disk Memory Processes Patches * Windows Server 2008 Server Core Windows Server 2008
  11. 11. Server Core 11
  12. 12. PowerShell Improved Command-line shell & Scripting Language Improves productivity & control Accelerates automation of system admin Easy-to-use Works with existing scripts Community Model 12
  13. 13. The Difference is OBJECTS! Get-Process | Where { $_.handles –gt 500 } | Sort handles | Format-Table Common Windows PowerShell Parser Cmdlet Get-Process Where Cmdlet Cmdlet Sort Cmdlet Format Windows PowerShell Pipeline Processor 13
  14. 14. PowerShell 2.0 NEW! New Features Integration Graphical PowerShell Active Directory Administration Center Improved Security IIS Portability Power Management New cmdlets One-to-many remote management using WS- MGMT 14
  15. 15. Windows Remote Management WMI WS-MAN Internet Administrator 15
  16. 16. PowerShell & WS- Management 16
  17. 17. Managing Your Web with IIS Secure HTTPS Internet XML AppHost.config Administrator Shared Manage Remotely Config XML Shared App Hosting Site Owner App Web.config Web Farm 17
  18. 18. Key Changes to IIS 7.5 in R2 NEW! ASP.NET on Server Core New IIS Manager Modules Integrated PowerShell Provider Configuration Logging & Tracing Integrated FTP and WebDAV Extended Protection & Security 18
  19. 19. Internet Information Services 19
  20. 20. Increased Protection More Control Greater Flexibility Better Together Hardens the OS and Protects Your 20 Environment
  21. 21. Multiple layers of protection Reduce size of high risk layers Increase # of layers Service Service Segment the … 1 D services Service Service … D D Service 2 A Service 3 Service B D Kernel Drivers D User-mode Drivers D D D
  22. 22. Service Hardening • Services now have a SID (S-1-80-<SHA-1 hash of logical service name>) ACL’s have been set on these SID’s !Note: Check with your 3rd party application providers if they limit their services. Services are taken out of the LocalSystem security context
  23. 23. Changes in SVCHOST structure Windows XP SP2 / Server 2003 R2 Windows Vista / Windows Server 2008 Account Services Account Services LocalSystem Wireless Configuration RemoteAccess LocalSystem WMI Perf Adapter App Management System Event DHCP Client Firewall Restricted Automatic updates Wireless Configuration Notification W32time Secondary Logon Network Connections Rasman (netman) LocalSystem BITS 6to4 browser COM+ Event System Themes Task scheduler 6to4 NLA Rasman RemoteAccess Help and support Rasauto TrkWks Rasauto Task scheduler Shell Hardware Error Reporting WMI TrkWks Detection Cryptographic Services Themes Network Service DNS Client browser Removable Storage Telephony ICS Server WMI Perf Adapter Fully Restricted Windows Audio DHCP Client W32time Automatic updates Error Reporting WMI Workstation Network Service Cryptographic Services PolicyAgent App Management ICS Network Restricted Telephony Nlasvc Secondary Logon BITS Network DNS Client Local Service System Event Notification COM+ Event System Network Connections Service No Network Access Shell Hardware Detection Local Service SSDP Local Service Windows Audio Event Log WebClient TCP/IP NetBIOS helper Workstation Fully Restricted TCP/IP NetBIOS helper WebClient Remote registry Remote registry SSDP 23
  24. 24. BitLocker Drive Encryption Protect servers and laptops Protects data while system is offline BitLocker Ensures boot integrity Group Policy configurable NEW! Bitlocker To Go 24
  25. 25. Recovery of data with broken hardware 22 1 1 4 5 6 3 3 7a 7b 7B 8 8 7D 7d 7c 7C 7e 7E
  26. 26. Bitlocker™ Views? 26
  27. 27. Network Access Protection Policy Servers e.g. Patch, AV 3 1 2 Not policy compliant 4 Fix Up Servers e.g. Patch MSFT NPS Restricted Windows Network Client DHCP, VPN Policy Switch/Router compliant 5 Corporate Network 27
  28. 28. NAP Benefits Feature Support Benefit Built-in client Windows Vista, Windows XP • No need to deploy/license 3rd party client • Updates via WUS / WSUS / SMS Flexible DHCP, VPN, 802.1x, Terminal • Works with today’s & tomorrow’s networks enforcement Services, Server and Domain • Enables risk-benefit trade offs isolation 3rd party All major switch / router / Customers can use any network or security infrastructure enforcement firewall / VPN vendor Health SMS, WUS, SecurityCenter, • Seamless integration with Windows infrastructure assessment 3rd party • Works with any AV, patch or endpoint security solution User experience Integrated with Windows Polished look and feel tailored for the customer Vista glass. Branding environment supported. Management Integration with SMS, AD, Complete policy based administration and operation Group Policy and MOM for client, server and service operations
  29. 29. Network Access Protection 29
  30. 30. Branch Office Benefits RODC Main Office Branch Office Server Core PowerShell, WinRS, WinRM BitLocker Read-Only Domain Controller Role Separation Restartable Active Directory Virtualization Branch Caching
  31. 31. Greater Flexibility More Control Increased Better Together Protection Quickly Respond to Changing 31 Business Needs
  32. 32. Provided by: Hyper-V Architecture OS ISV / IHV / OEM Microsoft Hyper-V Microsoft / XenSource Parent Partition Child Partitions VM Worker Processes Applications Applications Applications Applications WMI Provider User VM Service Mode Windows Server Windows Server Non-Hypervisor Xen-Enabled Linux 2008 2003, 2008 Aware OS Kernel Windows Linux VSP Windows Kernel Kernel VSC VSC IHV Drivers VMBus Kernel VMBus VMBus Emulation Hypercall Adapter Mode Windows hypervisor Ring -1 “Designed for Windows” Server Hardware
  33. 33. What is Microsoft Hyper-V Server? Microsoft Hyper-V Server 2008 Windows Server 2008 Hyper-V (HVS) (Windows Role) Microsoft Hyper-V Server Hyper-V Windows Windows Windows Windows Windows Parent or Linux or Linux Parent or Linux or Linux Partition Partition Windows hypervisor Windows hypervisor Hardware Hardware Clustering NEW! Quick & Live Migration! 33
  34. 34. HVconfig Automatic startup at login Easy setup utility for server configuration Localized in 11 languages 34
  35. 35. Hyper-V 2.0 Live Migration Configuration NEW! Host 1 State Host 2 Blue = Storage Purple = Networking Shared Storage
  36. 36. Cluster Shared Volumes (CSV) NEW! SAN Communication Network VHD VHD VHD Distributed File Resiliency Access for Hyper-V Easier Storage Management
  37. 37. Live Migration 37
  38. 38. Windows Server 2008 16 LP Server
  39. 39. Windows Server 2008 R2 Core Parking 16 LP Server NEW!
  40. 40. Terminal Services = Remote Desktop Services NEW! Improved Improved Full Fidelity TS & VDI – an Improved user RemoteApp & integrated solution experience Desktops Hyper-V support for RemoteApp & Desktop True multiple monitor virtual desktops Connections support Single discovery & RemoteApp & Desktop Multimedia Support & publishing & Web Access Bi direction audio infrastructure SCVMM Integration & RD Gateway Security 2D and 3D remoting for Support Improvements DirectX Platform Improvements New API, Connection Broker Extensibility, Dynamic CPU Allocation, IP address virtualization, Best Practices Analyzer, Full MSI support
  41. 41. TS Gateway In Action RDP hosts can now be put behind firewall HTTP/S used to traverse firewall AD/NPS/NAP checked before connection allowed New Remote Desktop Connection AD/NPS/NAP client required Vista RDC TS Gateway (TS) client AD / NPS / NAP checked User initiates HTTP/S connection to established to TSG RDP over HTTP/S TS Gateway RDP 3389 to host Terminal Servers or XP/Vista User browses to TS Web Access TS Web Access Internet DMZ Internal Network
  42. 42. Remote Desktop Services 43
  43. 43. RDS & VDI – An Integrated Solution RDS-based Hyper-V-based Remote Desktop Remote Desktop NEW! Remote Desktop Connection Broker Virtual Machine Management (SCVMM) RDS TS Web Gateway Access
  44. 44. Centralized Desktops: TS vs. VDI Terminal Services (Sessions) VDI (VMs) Technology Maturity Proven Emerging Scalability Higher ratio of users/server Lower ratio users/server Isolation/Security Remote User Experience Protocol-dependent Protocol-dependent User Flexibility User is running as a user User can have full rights Application Compatibility Windows Server OS Windows Client desktop Availability of Skilled IT Staff High (TS experts) Low (VM experts)
  45. 45. Better Together More Control Increased Greater Flexibility Protection Improve Users Productivity with 46 Windows 7
  46. 46. Remote Access for Mobile Workers Office Home Office Home Difficult for users to access corporate New network paradigm enables same resources from outside the office experience inside & outside the office Challenging for IT to manage, update, Seamless access to network resources patch mobile PCs while disconnected increases productivity of mobile users from company network Infrastructure investments also make it easy to service mobile PCs and distribute updates and polices 47
  47. 47. Branch Office Network Performance Application and data access over WAN Caches content downloaded from file is slow in branch offices and Web servers Slow connections hurt user Users in the branch can quickly open productivity files stored in the cache Improving network performance is Frees up network bandwidth for other expensive and difficult to implement uses 48
  48. 48. Windows Server Roadmap R2 2008 Service Pack Two 49
  49. 49. tony.krijnen@microsoft.com danielvs@microsoft.com 50

×