Looking Ahead to Windows Server 2008
Windows Server 2008, previously known as Windows Server "Longhorn" is scheduled to be released by the end of this year. It remains to be seen whether it will actually make it, but even if it does not, a brand new server operating system will arrive in a matter of months. Now is the time to start absorbing new features and improvements so you will be ready to deploy Windows 2008 when the time comes.
|Whether it arrives on servers this year or next, the newest version of the Microsoft operating system will offer scads of new features and fine-tuned favorites.|
Let's begin this crash course in Windows 2008 with a look at improvements to server virtualization. Virtual Server 2005 has been replaced with what's called "Windows Server virtualization" or WSv for short. One of the most exciting features of WSv is dynamic processor addition. This is extremely powerful because it means you can shift CPU resources on the fly to virtual hosts that need them most. WSv also allows you to dynamically add/remove network adapters and virtual hard drive files (.VHD files).
Other highlights of WSv include the ability to host supported Linux operating systems, memory page file sharing among virtual hosts, PXE boot on virtual hosts, and hot backup of hosts using volume shadow copy. WSv also enables virtual hosts to see and use data on the parent OS. For large environments with an assortment of IT groups running various services, WSv will make life easier by adding the ability to delegate control of virtual hosts to sub-administrators. Finally, if you enter the clustering arena, then you will have the ability to use "Live Migration." This feature allows live virtual machines to be moved among different parent operating systems in the cluster with little or no downtime.
"Server Core" provides an installation of Windows Server 2008 without a graphical user interface (GUI) or the ability to run applications. The crowd is roaring on this one because we can finally install Windows server without a bloated GUI. The following subset of services can run on Server Core:
- Windows Server virtualization (WSv)
- Dynamic Host Configuration Protocol (DHCP) server
- Domain Name System (DNS) server
- File server
- Active Directory Directory Services (AD DS)
- Active Directory Lightweight Directory Services (AD LDS)
- Windows Media Services
- Print Management
Note that WSv is one of the available services under Server Core. This is extremely powerful because it will allow us to mimic the model that a VMware ESX server uses for free! There is no need for a GUI on the base OS when all it is doing is hosting virtual servers.
Next up are the improvements to Terminal Services. A nice little feature, which comes with Vista as well, is the ability to use the remote desktop client in conjunction with a spanned monitor desktop. Don't get too excited though because the maximum combined resolution for all monitors is 4096 x 2048, and it doesn't support vertical spanning. This will probably prove to be more useful for a Vista desktop than for managing servers; nonetheless, it is there if you want it.
Terminal Services also includes a new feature called the "TS Session broker." This is supposed to provide a simpler alternative to functionality previously handled by Microsoft Network Load Balancing. It allows end users to be directed to the least used terminal server. "TS Easy Print" is designed to make local/network printers available through a terminal services session without needing drivers installed on the server side. A new feature called "RemoteApp" allows a terminal server hosted application to appear on a user's desktop as any other local program would appear. "TS Web Access" allows users to launch terminal server applications from a Web page. Last but not least, are some improvements to terminal server licensing.
Active Directory (AD) has been given some attention in Windows 2008as well. A new and more comprehensive wizard has been created for promoting domain controllers. We can also restart AD Domain Services without rebooting the entire server. Perhaps the most interesting addition to AD functionality is the new Read Only Domain Controller (RODC). This feature will probably be most useful at remote sites where central IT control is limited. The RODC does not permanently store passwords but can cache credentials used by users at that location. It can also provide read-only AD integrated DNS. Finally, the RODC has the handy ability to provide administrator access to the server without giving access to any other domain controllers. This is great for remote administrators that might need to patch the server but don't need additional domain access.
Internet Information Services (IIS) 7 has several nice improvements in Win2k8. First, it has been re-designed with modular components. This makes it easy to strip out pieces that aren't needed for a reduced attack surface. Second, IIS 7 has been given a new management interface that operates via HTTP/SSL. Remote administration will be more secure because there will be no need for punching additional holes through a firewall. The new interface also allows for delegation of rights to sub-administrators, a feature that will be particularly useful for large environments hosting multiple sites with different owners. Finally, IIS 7 claims to give more detailed error messages, and now includes support for PHP!
The Windows firewall has been vastly improved; it now supports filtering of incoming and outgoing packets. Microsoft has also merged IPSec configuration with Windows firewall configuration in a new MMC snap-in called Windows Firewall with Advanced Security.
Long-awaited improvements to the Event Viewer are also in Windows 2008. Highlights include more granular event logging and the ability to "subscribe" to events on other servers. By subscribing to events on other servers they can be propagated to a central location.
That's it for now, of course there are many more updates that had to be left out for brevity. Other nice enhancements that may be worth further research on your own include:
- Certificate Services
- SMB 2.0
- TCP/IP stack
- Network Access Protection
This article was originally published on Enterprise Networking Planet.