Optimize your Infrastructure Rich, Web based experiences Hardens the OS and Protects Your Environment Better Security and Compliance Tools Network Access Protection Enhanced Scripting and Task Automation Modular and Extensible Platform Integrated Hypervisor Server Consolidation Power Savings Solid Foundation for Your Business Workloads

Web Solid Foundation for Enterprise Workloads Virtualization Internet Information Services 7.0 Efficient management and deployment tools Customizable platform with.NET extensibility Windows Media Services Advanced streaming and caching Windows SharePoint Services Powerful document and team collaboration Windows Server Virtualization Hypervisor-based virtualization platform High availability through Failover Clustering Terminal Services Gateway Access internal resources through the firewall Terminal Services RemoteApp Access and run remote applications locally Server Core Minimal installation option for better security and reliability Next Generation Networking New TCP/IP stack for improved scalability and performance Failover Clustering Easy to implement and flexible high availability Server Manager Role-based configuration, management and reporting Windows PowerShell Command shell and scripting language for task automation Windows Deployment Services Fast and efficient imaging of clients and servers Security Read-Only Domain Controller Increased security and delegated management for branch offices Network Access Protection Health validation and compliance checking Federated Rights Management Protected document collaboration ManageabilityManageability Reliability

Server Manager Product Installation Initial Configuration

New Command-line shell & Scripting Language Resources Improves productivity & control Accelerates automation of system admin Works with existing scripts Ships with Windows Server 2008 Easy for non-programmers Role management in future versions TechNet Script Center MyITForum.com Newsgroup and Web Forum Team Blog and Channel 9 Books from Manning, O’Reilly, Microsoft Press, Sapien Partners

Server Management and Windows Powershell

Optimized performance without loss Intelligent, automated tuning of TCP receive window size Better packet loss resiliency (e.g. wireless connectivity) Advanced congestion control for better throughput Automatically adjusts for maximum efficiency Faster network transfers, especially across WAN links Optimized use of available network bandwidth Reduced packet loss resulting in fewer retransmits

Heartbeat New Validation Wizard Support for GUID partition table (GPT) disks in cluster storage Improved cluster setup and migration Improvements to stability and security – no single point of failure Geographically dispersed clusters Active Node Passive Node

Streamlined installation means reduced attack surface Simplified administration through variety of tools Customization and extensibility through.NET Xcopy deployment and shared configuration Event logging and tracing for faster troubleshooting Application and health management for Web services

Impact of stolen DC to the Active Directory reduced By default, no users/computers passwords stored on RODC Read-only Partial Attribute Set can prevent application credentials from replicating to RODC Reduced attack surface to the Active Directory for a compromised DC Read-only state with unidirectional replication for AD and FRS/DFSR Each RODC has its own KDC KrbTGT account to provide cryptographic key separation Delegated DCPROMO reduces need for DA to TS into RODC Windows Server 2008 writeable DCs register SRV records on behalf of RODCs to prevent name squatting RODCs are workstation accounts Not members of Enterprise-DC or Domain-DC groups Very limited rights to write in Directory

Branch Hub Read Only DC Windows Server 2008 DC User logs on and authenticates RODC: Looks in DB: "I don't have the users secrets" Forwards Request to Windows Server 2008 DC Windows Server 2008 DC authenticates request Returns authentication response and TGT back to the RODC RODC gives TGT to User and RODC will cache credentials RODC

Determines whether the computers are compliant with the company’s security policy. Compliant computers are deemed “healthy” Policy Validation Restricts network access to computers based on their health Network Restriction Provides necessary updates to allow the computer to “get healthy.” Once healthy, the network restrictions are removed Remediation Changes to the company’s security policy or to the computers’ health may dynamically result in network restrictions Ongoing Compliance

1 Restricted Network MSFT Network Policy Server 3 Policy Servers e.g. MSFT Security Center, SMS, Antigen or 3 rd party Policy compliant DHCP, VPN Switch/Router 2 Windows Vista Client Fix Up Servers e.g. MSFT WSUS, SMS & 3 rd party Corporate Network 5 Not policy compliant 4 Enhanced Security All communications are authenticated, authorized & healthy Defense-in-depth on your terms with DHCP, VPN, IPsec, 802.1X Policy-based access that IT Pros can set and control Customer Benefits

Information AuthorThe Recipient AD RMS protects access to an organization’s digital files AD RMS in Windows Server 2008 includes several new features Improved installation and administration experience Self-enrollment of the AD RMS cluster Integration with AD Federation Services New administrative roles

Group Policy allows central encryption policy and provides Branch Office protection Provides data protection, even when the system is in unauthorized hands or is running a different or exploiting Operating System Uses a v1.2 TPM or USB flash drive for key storage Full Volume Encryption Key (FVEK) Encryption Policy

Windows Server Core New minimal installation option with only “core” components No GUI interface or graphical applications installed Subset of server roles and features available Manage remotely as you would any server

Windows Server Core

A Comprehensive Set of Virtualization Products, from the Data Center to the Desktop Server Virtualization Application Virtualization Desktop Virtualization Presentation Virtualization Assets – Both Virtual and Physical – Managed from a Single Platform Windows Server 2008 Virtualization

Greater scalability and improved performance x64 bit host and guest support SMP support Increased reliability and security Minimal trusted code base Runs as a Server Core role Better flexibility and manageability New UI/Integration with SCVMM VM 1 “Parent” VM 2 “Child” VM 3 “Child” HardwareHardware Windows Server 2003 Virtual Server 2005 R2 VM 2 VM 3

Internet Perimeter Network Corporate Network Remote/ Mobile User Terminal Services Gateway Network Policy Server Active Directory DC Tunnels RDP over HTTPs Strips off RDP / HTTPs Terminal Servers and other RDP Hosts RDP traffic passed to TS Internet

Terminal Server Run server-based applications locally Centrally manage applications Zero footprint client installation Run server-based applications locally Centrally manage applications Zero footprint client installation RDP 6.0 client required

Infrastructure OptimizationApplication Re-PlatformingExtending Core SystemsTraining and SupportSustain & Enhance

© 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.