Presentation on theme: "Clyde G. Johnson. Libraries Network power changes DNSSec Support and Multi-home firewall TCP and SMB 2 Direct Access BranchCache Network Access Protection."— Presentation transcript:
Libraries Network power changes DNSSec Support and Multi-home firewall TCP and SMB 2 Direct Access BranchCache Network Access Protection Applocker Read-Only DFS
Aggregates data from multiple sources into a single folder view default Libraries in Windows 7 are: Documents Music: Pictures: Videos: In explorer view, just go to your Libraries, right-click, then click on New - Library.
Easy way to share documents, music pics videos and printers. Windows 7 only – no XP or Vista Wireless=yes One homegroup at a time. Domain-joined CAN join a homegroup
Smart Network Power turns off the power to your Ethernet jack when there is no cable connected Wake on LAN for wireless bring the well-known? wired Ethernet feature to wireless networks.
Multi-Home Firewall Profiles Each connection can have its own profile DNSSEC Support Ability to indicate knowledge of DNSSEC in queries. Ability to process the DNSKEY, RRSIG, NSEC, and DS resource records. Ability to check whether the DNS server with which it communicated has performed validation on the clients behalf.
Default TCP windows size of 64KB NO AUTO TUNING Severely limits round trip times Sender transmits are limited to advertised receive window size Window size backs off by 50% with packet loss Windows size increased slightly with every ACK Manual tuning of receive window size does not offer ideal results Windows XP & Windows Server 2003 Auto-tune enabled by default Max receive window determined by: Application consumption capacity Network capacity and conditions Windows Vista/Win7 and Windows Server 2008 and R2
Redesigned TCP/IP Stack Dual-IP layer architecture for native IPv4 and IPv6 support Seamless security through expanded IPsec integration Improved performance via hardware acceleration Network auto-tuning and optimization algorithms Greater extensibility and reliability through rich APIs Windows Filtering Platform API IPv4 802.3 WSK WSK Clients TDI Clients NDIS WLAN Loop- back IPv4 Tunnel IPv6 Tunnel IPv6 RAW UDPTCP Next Generation TCP/IP Stack (tcpip.sys) AFD TDX TDI Winsock User Mode Kernel Mode
Multiple command in a single packet Reduced wait time and connection overhead Much larger buffer size Network stack is no longer the bottleneck Application & disk are now the bottleneck Parallel Write, Parallel Response Durable handles allow recover from brief network disruptions Symlink support
Experience of being seamlessly connected to their corporate network any time they have Internet access Computer is joined to the network, Group policy applies. Uses IPv6-over-IPv4 tunnel if no IPV6 connection available. Sends only corporate traffic, web traffic stays local. Authentication. DirectAccess authenticates the computer Access Control. IT professionals can configure which intranet resources different users can access using DirectAccess, granting DirectAccess users unlimited access to the intranet or only allowing them to use specific applications and access specific servers or subnets. DC/DNS DirectAccess Server Bi-directional Connection Using IPSec and IPv6 App Servers
IIS File Server Group Policy Management Install BranchCache feature on an R2 server Group Policy to enable clients Hosted Cache Optionally, install a hosted cache in your branch
Centralized cache of data downloaded by the branch A centralized cache for Protocols: HTTP, SMB E2E encrypted/signed traffic: SSL, IPsec, SMB signing etc Does not modify protocols; benefits from protocol optimizations Configurable size/location/persisted across reboots/flush- able Works across multiple subnets Admins can seed content by writing custom scripts Can be a virtual workload in an appliance Easy to deploy; clients are configured via policy
Health Policy validation and remediation Reduces risk of Unauthorized systems on the network Helps keep mobile and/or Desktop devices in compliance DHCP, VPN Switch/Rout er Remediation Servers Example: Update Windows Client Policy compliant VPN Switch/Router Policy Servers such as: Update, AV Corporate Network Not policy compliant Restricted Network NPS Server
Eliminate unknown or unwelcome applications on your network Enforce application standardization within your org Easily create and manage rules using Group Policy Only works on ultimate and enterprise – NOT pro
16 Publication data that should never be changed at branch locations Any open or create requesting WRITE access will be failed by a new filter driver In case the filter is not running, other Win7 Replication Group members will refuse updates from a read-only replication partner New in Win7 and WS08R2
For more information please visit www.microsoft.com/technet/subscription Special promotion code: TMSAM15 (WRITE IT DOWN!) Purchase any TechNet subscription between now and June 30, 2010. Use the promotion code. TMSAM15 You save 25%! Includes 2 Tech Support Incidents Simple, you save $81.75 and get it for only $261.75 25% off!