In particular, you can live migrate virtual machine instances, which means you can move VMs while they are running from one server to another, making them more resilient and available. You can also dynamically change the virtual disk storage allotment on running machines, again making these VMs more flexible. HyperV is still not as flexible or manageable as its competition but these will help it become more useful in the data center, particularly when virtualizing Windows servers and desktops.
R2 also adds enhancements to its Network Access Protection endpoint security routines, making its health validation more flexible and robust (see screenshot below).
Earlier 2008 versions were more difficult to validate the endpoint system healthiness, requiring separate health policy servers for different health validation configurations. Now a single server can be used to specify multiple configurations to match particular circumstances, so that PCs on your LAN have to match criteria that are different from users connecting via remote access or occasional laptops that are brought in by consultants. Health checks can test to see if the firewall is enabled, look for current anti-virus and anti-spyware signatures, and whether automatic updates are enabled. Adding to these improvements is a better built-in firewall. Earlier Windows Server versions could only have a single firewall policy active at any given time. If you had a server with multiple network adapters installed, this made for awkward configurations. In R2, you can have a different firewall policy mapped to each adapter.
There are enhancements to the Microsoft's Forefront Unified Access Gateway 2010, too. This product was announced earlier this year and requires R2 to run. The Gateway has many features such as integrated access to SharePoint and Exchange, and can provide a portal to various Web applications. It will require IPv6 across your enterprise, which could be a problem for those organizations that have not yet rolled this protocol out.
The built-in IIS Web server has also seen some improvements in R2 as well. Its core has been hardened to make it more resistive to security breaches. Like the main Windows Server itself, the new IIS v7 carries a minimal installation to reduce the potential for attacks. There is better integration with the PowerShell commandlets, to make for scripted applications that take advantage of the Web server, and there is also better integration with .Net processes too. There is a new management interface that goes along with the Web server.
The final element of R2 is a new remote access mechanism that it calls DirectAccess.