Presentation is loading. Please wait.

Presentation is loading. Please wait.

Technical Overview. SecurityWebVirtualization Solid Foundation for Your Business Workloads Windows Server 2008 pillars Reduces costs, increases hardware.

Published byRoberta Thomas Modified over 9 years ago

Similar presentations

Presentation on theme: "Technical Overview. SecurityWebVirtualization Solid Foundation for Your Business Workloads Windows Server 2008 pillars Reduces costs, increases hardware."— Presentation transcript:

1 Technical Overview

2

3 SecurityWebVirtualization Solid Foundation for Your Business Workloads Windows Server 2008 pillars Reduces costs, increases hardware utilization, optimizes your infrastructure, and improves server availability Delivers rich web- based experiences efficiently and effectively Provides highest levels of protection for your network, your data, and your business Most flexible and robust Windows Server operating system to date Provides the most versatile and reliable Windows platform for all of your workload and application requirements

4 Management Reliability Solid Foundation Windows Server Manager PowerShell Windows Deployment Services Server Core Next Generation Networking High Availability Clustering Most Flexible and Robust Windows Server Operating System to Date

5 TechNet ScriptCenter Exchange Server 2007 Terminal Server WMI, Registry, Hardware, etc. Community-Submitted scripts MyITForum.com Windows PowerShell New Command-line shell & Scripting Language Futures Improves productivity & control Accelerates automation of system admin Easy-to-use Works with existing scripts Will ship in Windows Admin GUIs layered over PowerShell One-to-many remote management using WS-MGMT Solid Foundation

6 7

7 Server Manager Product Installation Initial Configuration Managing Windows Server 2008 Solid Foundation

8 Windows Server Core Only a subset of the executable files and DLLs installed No GUI interface &.NET managed code installed Less disk space and management required Can be managed with remote tools (MMC, RDP) Solid Foundation

9 8

10 Complete Redesign of TCP/IP Inspection API WSK WSK Clients TDI Clients NDIS AFD TDX TDI Winsock User Mode Kernel Mode Dual-IP layer architecture for native IPv4 and IPv6 support Improved Network Performance Troubleshooting Improved performance via hardware acceleration and auto-tuning Greater extensibility and reliability through rich Windows Filtering Platform APIs Completely manageable through Group Policy Next Generation TCP/IP Stack (tcpip.sys) IPv4 802.3 WLAN Loop- back IPv4 Tunnel IPv6 Tunnel IPv6 RAW UDP TCP Solid Foundation

11 Windows Firewall w/ Advanced Security Combined firewall and IPsec management

12 8

13 Failover Clustering Heartbeat New Validation Wizard for server, storage & network testing Support for GUID partition table (GPT) disks in cluster storage Improved cluster setup interface Quorum resource: no longer single-point-of-failure IPv6 support Geographically dispersed clusters: accross subnets, no VLAN needed Active Node Passive Node Solid Foundation

14 Windows Deployment Services Rapidly deploy Windows operating systems Updated and redesigned version of Remote Installation Services (RIS) Server components Client components: WinPE Management components Windows Vista Windows Server 2008 Solid Foundation

15 Reliability and Performance Monitor Combines functionality of previous stand-alone tools Tracks system changes Provides new functionality Solid Foundation

16 Deliver Rich Web-based Experiences Efficiently and Effectively Internet Information Services 7.0 Windows SharePoint Services Web Windows Media Services

17 Web IIS 7.0: a robust Web & Application Server Enhanced security and reduced attack surface Administration: UI & APPCMD & shared configuration Delegation & true application XCOPY deployment Highly customizable Advanced troubleshooting Windows Communication Foundation (WFC) Windows Activation Service Windows Communication Foundation (WFC) Windows Activation Service

18 13

19 Optimize Your Infrastructure and Improve Server Availability Terminal Services RemoteApp Terminal Services Gateway Windows Server Virtualization Virtualization

20 Virtualization Technologies Windows Server Virtualization Server Virtualization Presentation Virtualization Application Virtualization Desktop Virtualization Management Virtualization

21 Windows Server Virtualization Greater Scalability and improved performance x64 bit host and guest support SMP support Increased reliability and security Minimal Trusted Code base Windows running a foundation role Better flexibility and manageability New UI/Integration with SCVMM VM 1 “Parent” VM 2 “Child” VM 3 “Child” HardwareHardware Windows Server 2003 Virtual Server 2005 R2 VM 2 VM 3 Virtualization

22 Application Virtualization Application Isolation Dynamic Streaming System Center Integration Software as a Centrally- managed Service Available through… Virtualization

23 Virtualization Investments ManagementInfrastructureApplicationsInteroperabilityLicensing Create agility Better utilize server resources Partner with AMD and Intel Ease consolidation onto virtual infrastructure Better utilize management resources Support heterogeneity across the datacenter OSP (Open Specification Promise) VHD Accelerate deployment Reduce the cost of supporting applications Deliver cost-effective, flexible and simplified licensing Royalty Free VHD format A Multi-level Approach Terminal Services Virtualization

24 Terminal Services Gateway Internet Perimeter Network Corporate Network Remote/ Mobile User Terminal Services Gateway Network Policy Server Active Directory DC Tunnels RDP over HTTPs Strips off RDP / HTTPs Terminal Servers and other RDP Hosts RDP traffic passed to TS Internet Virtualization

25 Terminal Services RemoteApp Terminal Services Gateway Server Remote Desktop client required Virtualization

26 6

27 Hardens Operating System and Increases Environment Protection Read-Only Domain Controller Network Access Protection Federated Rights Management Security

28 11 Remediation Servers Example: Patch Using Network Access Protection Restricted Network 11 Windows Client 22 22 DHCP, VPN or Switch/Router relays health status to Microsoft Network Policy Server (RADIUS) 33 33 Network Policy Server (NPS) validates against IT- defined health policy 44 If not policy compliant, client is put in a restricted VLAN and given access to fix up resources to download patches, configurations, signatures (Repeat 1 - 4) Not policy compliant 55 If policy compliant, client is granted full access to corporate network Policy compliant NPS DHCP, VPN Switch/Router 44 Policy Servers such as: Patch, AV Corporate Network 55 Client requests access to network and presents current health state Security

29 5+9

30 Auto-Remediation

31 Active Directory Federation Services Web Server Account Federation Server Resource Federation Server Company B Company A Federation Trust Security AD FS provides an identity access solution Deploy federation servers in multiple organizations to facilitate business-to- business (B2B) transactions AD FS provides a Web- based, SSO solution

32 Federated Identity support in AD Rights Management Services Account Federation Server Resource Federation Server Company B Company A Federation Trust Web SSO Security Together AD FS and AD RMS enable users from different domains to securely share documents based on federated identities

33 Read-Only Domain Controller Head Quarter Branch Office Features Read Only Active Directory Database Only allowed user passwords are stored on RODC Unidirectional Replication Role Separation Benefits Increases security for remote Domain Controllers where physical security cannot be guaranteed RODC Security

34 Branch Head Quarter Read Only DC How RODC Works Windows Server 2008 DC 11 22 33 44 55 66 66 112233445566 User logs on and authenticates RODC: Looks in DB: "I don't have the users secrets" Forwards Request to Windows Server 2008 DC Windows Server 2008 DC authenticates request Returns authentication response and TGT back to the RODC RODC gives TGT to User and RODC will cache credentials RODC Security

35 What if a DC is stolen?

36 Head Quarter Branch Office Branch Office Benefits Optimization DFS Replication Security BitLocker Full Volume Encryption Server Core Read-Only Domain Controller Administration SOAP-based remote management (WinRM) Restartable Active Directory Solid Foundation

37 PKI Support Security Built-in Certificate Service Usage Data Encryption Digital Signature Smart Card authentication

38 Windows Server 2008: A Robust Application Platform Application Platform.NET Framework 3.0 IIS 7.0 Windows Activation Service MSMQ 4.0

39 Windows Server 2008 Summary Security NAP Read-Only DC AD RMS AD Federation Svc PKI support BitLocker Virtualization Windows Virtualization TS Gateway TS RemoteApps Web Modular design Less attack surface Admin delegation APPCMD Win Activation Svc Tracing & Troubleshooting Solid Foundation for Your Business Workloads Windows PowerShell Server Core Server Manager Windows Firewall with Advanced Security & IPSec IPv6 Failover Clustering Reliability & Performance Monitor Windows Deployment Svc www.microsoft.com/WindowsServer2008www.microsoft.com/WindowsServer2008

40 More information www.microsoft.com/WindowsServer2008 www.iis.net

41 Thank You!

Download ppt "Technical Overview. SecurityWebVirtualization Solid Foundation for Your Business Workloads Windows Server 2008 pillars Reduces costs, increases hardware."

Similar presentations

Ljubomir Ivaniš CPU d.o.o.

Ljubomir Ivaniš CPU d.o.o.
2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.

2  Industry trends and challenges  Windows Server 2012: Modern workstyle, enabled  Access from virtually anywhere, any device  Full Windows experience.
The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.

5.1 Overview of Network Access Protection What is Network Access Protection NAP Scenarios NAP Enforcement Methods NAP Platform Architecture NAP Architecture.
Remote Desktop Services

Remote Desktop Services
Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.

Chapter 10 Securing Windows Server 2008 MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration.
About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.

About the Presentations The presentations cover the objectives found in the opening of each chapter. All chapter objectives are listed in the beginning.
Module 3 Windows Server 2008 Branch Office Scenario.

Module 3 Windows Server 2008 Branch Office Scenario.
Technical Overview Nguyen An Que Technology Specialist Microsoft Vietnam

Technical Overview Nguyen An Que Technology Specialist Microsoft Vietnam
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
Windows Server Strategy And Roadmap Jeff Price Senior Director Windows Server Microsoft Corporation.

Windows Server Strategy And Roadmap Jeff Price Senior Director Windows Server Microsoft Corporation.
Windows Server “Longhorn” Overview December 2006.

Windows Server “Longhorn” Overview December 2006.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.

1 Objectives Wireless Access IPSec Discuss Network Access Protection Install Network Access Protection.
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
More Control and Flexibility Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.

More Control and Flexibility Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.
Virtual techdays INDIA │ 9-11 February 2011 Cross Hypervisor Management Using SCVMM 2008 R2 Vikas Madan │ Partner Consultant II, Microsoft Corporation.

Virtual techdays INDIA │ 9-11 February 2011 Cross Hypervisor Management Using SCVMM 2008 R2 Vikas Madan │ Partner Consultant II, Microsoft Corporation.
Security and Policy Enforcement Mark Gibson Dave Northey

Security and Policy Enforcement Mark Gibson Dave Northey
Michael Kleef Technology Advisor | Microsoft Australia

Michael Kleef Technology Advisor | Microsoft Australia
Next Generation Web Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.

Next Generation Web Vitalis Konopelec Technology Solution Professional Microsoft Slovakia s.r.o.

Similar presentations

Ads by Google