The new changes to Microsoft Windows 2008 Servers
A quick look at the major features in the Windows 2008 server line: the original, the 2008 R2 released last October, and an upcoming R2 SP1 version
Microsoft has some new additions to its Windows 2008 Server line, but sadly it needs to have a better naming convention to make it easier to keep track. If you haven't looked at this operating system since it was introduced in February 2008, now is the time to get closer and try it out.
The chart below summarizes the major features that are found in the three versions of the OS: the original, the 2008 R2 version that was released last October, and an upcoming R2 SP1 version that is expected later this month or next.
|2008 Server||2008 Server R2||2008 Server R2 SP1|
|Release date||Feb 2008||Oct 2009||Apr/May 2010 (est.)|
|Web server||IIS 7.0||IIS 7.5 Powershell and WebDAV integration||N/A|
|Virtualization||HyperV (in 64-bit versions only)||Live migration Dynamic storage additions||RemoteFX, Dynamic Memory|
|Additional modules||System Center Configuration Manager 2007||Forefront Unified Access Gateway 2010||N/A|
|Endpoint Protection||Bare bones Network Access Protection||Multiple health validators||N/A|
|Remote Access||N/A||DirectAccess, VPN improvements||N/A|
|Built-in firewall||Basic||Multiple policies mapped to multiple NICs||N/A|
The first version of Windows Server 2008 had notable improvements in its Web server and hypervisor, respectively Internet Information Server (IIS) and HyperV. HyperV was the beginning of including a free hypervisor, just as long as you purchased a 64-bit version of 2008. Microsoft also began using a minimal default installation package, so to provide a more secure way to deploy 2008 without IT admins having to de-install unused features that would present more of a security threat. That practice continues with the newer versions too. What this means is that you can setup a 2008 server that just does one task very quickly, and have more control over what else gets placed on the machine.
There are many noteworthy features in R2, with the most noticeable a pretty new look like the interface in Windows 7 for taskbars and menus. But under the covers, R2 is very different than the first version of Server 2008. In particular, there are enhancements to virtualization and security technologies that are worth taking a closer look.
HyperV now has some competitive features when compared to Citrix and VMware. In particular, you can live migrate virtual machine instances, which means you can move VMs while they are running from one server to another, making them more resilient and available. You can also dynamically change the virtual disk storage allotment on running machines, again making these VMs more flexible. HyperV is still not as flexible or manageable as its competition but these will help it become more useful in the data center, particularly when virtualizing Windows servers and desktops.
R2 also adds enhancements to its Network Access Protection endpoint security routines, making its health validation more flexible and robust (see screenshot below).
Earlier 2008 versions were more difficult to validate the endpoint system healthiness, requiring separate health policy servers for different health validation configurations. Now a single server can be used to specify multiple configurations to match particular circumstances, so that PCs on your LAN have to match criteria that are different from users connecting via remote access or occasional laptops that are brought in by consultants. Health checks can test to see if the firewall is enabled, look for current anti-virus and anti-spyware signatures, and whether automatic updates are enabled. Adding to these improvements is a better built-in firewall. Earlier Windows Server versions could only have a single firewall policy active at any given time. If you had a server with multiple network adapters installed, this made for awkward configurations. In R2, you can have a different firewall policy mapped to each adapter.
There are enhancements to the Microsoft's Forefront Unified Access Gateway 2010, too. This product was announced earlier this year and requires R2 to run. The Gateway has many features such as integrated access to SharePoint and Exchange, and can provide a portal to various Web applications. It will require IPv6 across your enterprise, which could be a problem for those organizations that have not yet rolled this protocol out.
The built-in IIS Web server has also seen some improvements in R2 as well. Its core has been hardened to make it more resistive to security breaches. Like the main Windows Server itself, the new IIS v7 carries a minimal installation to reduce the potential for attacks. There is better integration with the PowerShell commandlets, to make for scripted applications that take advantage of the Web server, and there is also better integration with .Net processes too. There is a new management interface that goes along with the Web server.
The final element of R2 is a new remote access mechanism that it calls DirectAccess. It is only for Windows 7 (Ultimate or Enterprise only) clients and has a long list of additional requirements too. While this has limited utility for shops that are running other operating systems, it shows the beginnings of how Microsoft wants to gain a toehold in this market. Perhaps more useful is that Microsoft has updated and enhanced its VPN support in R2. This makes it easier for users to roam across the enterprise without having to re-enter their authentication credentials when users traverse different networks or wireless access points.
Moving on to the SP1 version, there were several announcements last month from Microsoft that point towards even further enhancements to the Windows Server line. They use technology that they acquired from Calista Technologies in 2008, what they are calling RemoteFX and Dynamic Memory. These are aimed at improved virtual desktop infrastructure (VDI) performance. VDI is the ability to use virtual machines to store a desktop image and have it run just the keystrokes and screens on a remote desktop. This can save money on support costs, since each desktop is essentially a clone that is being managed inside a data center.
Part of the issue with VDI is that graphics-rich desktops were sluggish in redrawing the screen over the remote connection, and would show either choppy video or out-of-synch audio, particularly on congested network connections. Microsoft's own Remote Desktop Connection software wasn't much of a performer and the RemoteFX technology will help speed things up by virtualizing the graphics processors that are part and parcel of any modern desktop. Other VDI vendors, most notably Citrix, have announced support for RemoteFX in their product lines. While it is too early to tell whether this will catch on, it is a good indication of how serious Microsoft is in the VDI space and will be a welcome addition to the Windows Server lineup when it comes out.
As you can see, it is tough to keep track of the different 2008 Windows Server versions without a scorecard. These are all great improvements to make Microsoft's server the basis of many powerful and robust applications.