2Technology Investment Areas VirtualizationManagementWebIIS 7.5 & Integrated Extensions.NET on Server CoreConfiguration TracingService-Oriented ArchitectureHyper-V™ 2.0Live MigrationRemote Desktop ServicesPower ManagementAD Administrative CenterPowerShell 2.0Best Practices AnalyzerSolid Foundation for Enterprise WorkloadsWindows® Server® 2008 R2 is a release that builds on the Windows Server 2008 foundation.It is an incremental release to Windows Server 2008 – and only the second time that Windows Client and Server releases are shipped simultaneously (Windows 2000 Server® was first). This is the first 64-bit only Server release.Along with the focus and simultaneous client and server development, Microsoft concentrated on four key technology investment areas while building Windows Server 2008 R2. These include:Virtualization and Consolidation – With the introduction of Live Migration, Windows Server 2008 R2 moves into a leadership position in the virtualization market. With the same feature portfolio as the competition available in Windows Server 2008 R2 out-of-box, the TCO argument for R2 over an additional third-party software purchase becomes a no-brainer. Live Migration allows administrators to migrate running virtual machines from one physical host to another in milliseconds, without connection loss or service interruption for connected users. This not only facilitates hardware maintenance and upgrades, manual failover, and the consolidation of workloads on fewer servers, but also (and more exciting) is the combination of Live Migration, Hyper-V and the rest of Windows Server 2008 R2. These technologies combine to allow administrators to monitor and manage their servers independent of hardware considerations for the most part. Only the integration of a virtualization and operating system environment allows this first step into cohesive utility computing, and Windows Server 2008 R2 is in the lead in this area.With a new Hyper-V on Windows Server 2008 R2, administrators will find updates to features like hardware assisted virtualization (EPT/NPT) and reduced virtualization overhead, you can achieve up to 50% higher consolidation ratios running virtual machines on equivalent hardware, as compared to Windows Server Also, Terminal Services gets a name change to Remote Desktop Services (more on that later). But RDS combined with the new Virtual Desktop Infrastructure (VDI) and RemoteApp and Desktop (RAD) Connections feature, lets Windows XP, Vista®, and Windows 7 desktop operating systems as well as individual apps or portfolios of applications all be virtualized on R2 and managed via group policies. This makes it possible for end-users to run multiple operating systems simultaneously on client hardware, and facilitates desktop management as a whole and hosted desktop deployments in particular.Streamlined Management - R2’s most profound management enhancement is no doubt the new PowerShell 2.0. This updated version has several important enhancements, including hundreds of new cmdlets available out-of-box with R2 and designed with IT administration in mind. There are also enhancements to PowerShell’s dev console and much broader support for the technology across all of Windows Server 2008 R2’s components. Many of R2’s new management interface, like the new Active Directory Administrative Center (ADAC), are built entirely upon PowerShell. The new ADAC combines all the management console administrators used to hit to manage AD end-to-end into a single accessible console, built on PowerShell and extensible via the same technology.Power management is another important benefit of R2, including advanced CPU technologies that allow logical processor loads to be turned on and off in response to workload—a feature called Core Parking as we’ll see below. Active Directory has also been outfitted with even more granular power management policy controls across both server and Windows 7 clients.Last, Microsoft has responded to the immensely popular customer feedback surrounding its Best Practice Analyzers (BPAs). These originated on other MS platform products (Exchange and SQL Server, for instance) and had early support in Windows Server We’ve since expanded that to include all core Server 2008 R2 roles and added tighter integration with Server Manager as well.Web - Windows Server 2008 R2 includes many improvements that strengthen its position as an industry-leading Web and application serving platform. IIS 7.0 has new management consoles and more integration with Server Manager. It’s also more fully deployable on Server Core with the addition of the .NET platform on SC, which also means IIS-on-Server-Core can be managed via PowerShell. IIS’ feature set has been beefed up with the inclusion of several popular extensions from the previous version (like the Administration Pack, which has also been updated) and new management features have been deployed, like Configuration Tracing, which provides enhanced auditing of changes to IIS and application configuration. That lets track any configuration changes made to your test and production environments.Solid Foundation for Enterprise Workloads: This area covers two disparate categories. One the one hand, Windows Server 2008 R2 was designed to give Microsoft enterprise customers an unprecedented set of tools for protecting, monitoring and maintaining their enterprise server infrastructure. That includes new scalability and reliability updates to features, like support for up to 256 logical cores for single instances of Windows Server 2008 R2 and up to 32 logical cores for a single VM instance. We’ve also increased our focus on OS componentization supply more core roles, so IT administrators need only install those components they need for a particular server, thus decreasing both server and management overhead.Better Together With Windows 7. Windows Server 2008 R2 includes technology improvements aimed at giving client computers running Windows 7, the most reliable and flexible network productivity feature set in Microsoft’s history. This includes more than just client OS features, but also several dedicated features aimed specifically at the synergy between Server 2008 R2 and Windows 7 clients. One of the most exciting is DirectAccess, which as you’ll see later on in the presentation, has the potential to revolutionize remote access computing from both the client and server perspectives. We’ve also included BranchCache, a powerful new file access solution for remote and branch offices. We’ve also added enhancement to AD’s group policies allowing managers deeper granularity when managing Windows 7 clients, including the ability to manage new features like BitLocker to Go (the ability to encrypt removable drives with the BitLocker technology). AD policies also integrate with Terminal Services’ new RAD and VDI desktop and application virtualization features allowing administrators to deploy virtualized apps and desktops based on policy, while those resources are integrated so tightly with Windows 7 that in most cases users won’t be able to tell the difference between a locally installed app and a virtualized one.ScalabilityBetter Together with Windows 7>64 Core SupportComponentizationDirect AccessBranch CacheAppLockerEnhanced Group PoliciesBitLocker on Removable Drives
4Hyper-V 2.0Building on the rock-solid architecture of Windows Server 2008 Hyper-VIntegration with new technologies and productsEnabling new dynamic scenarios:Increased Server ConsolidationDynamic Data CenterVirtualized Centralized DesktopVirtualization is a huge part of today’s datacenters. The operating efficiencies offered by virtualization allow organizations to dramatically reduce the operations effort and power consumption.Windows Server 2008 R2 provides the following virtualization:Computer virtualization provided by Hyper-V. Virtualizes the system resources of a physical computer. Computer virtualization allows you to provide a virtualized environment for operating systems and applications. When used alone, Hyper-V is typically used for server computer virtualization. When Hyper-V is used in conjunction with Virtual Desktop Infrastructure (VDI), Hyper-V is used for client computer virtualization.Presentation virtualization. Virtualizes a processing environment and isolates the processing from the graphics and I/O, making it possible to run an application in one location but have it be controlled in another. Presentation virtualization might allow you to run only a single application, or it might present you with a complete desktop offering multiple applications. Windows Server 2008 R2 offers a host of new capabilities for administrators taking advantage of presentation virtualization.
5Hyper-V 2.0 Features Logical Processor Support Hot Add/Remove Storage Support for 64 logical processors on host computerHot Add/Remove StorageAdd and remove VHD disks to a running VM without requiring a rebootSecond Level Translation (SLAT)Leverage new processor features to improve performance and reduce load on Windows HypervisorVM Chimney (TCP Offload Support)TCP/IP Traffic in a VM can be offloaded to a physical NIC on the host computer (disabled by default)Processor Compatibility ModeAllows live migration across different CPU versions within the same processor family (i.e. Intel-to-Intel and AMD-to-AMD).Does NOT enable cross platform from Intel to AMD or vice versa.Configure compatibility on a per-VM basis.Abstracts the VM down to the lowest common denominator in terms of instruction sets available to the VM.
6Quick Migration vs. Live Migration (Windows Server 2008 Hyper-V)Save stateCreate VM on the targetWrite VM memory to shared storageMove virtual machineMove storage connectivity from source host to target host via EthernetRestore state & RunTake VM memory from shared storage and restore on TargetRun(WS08R2 Hyper-V)VM State/Memory TransferCreate VM on the targetMove memory pages from the source to the target via EthernetFinal state transfer and virtual machine restorePause virtual machineMove storage connectivity from source host to target host via EthernetUn-pause & RunHost 2Host 1Host 1Host 2
8Today's IT Challenges Increasing demands from the business Reliance on technology for business-critical operationsAlways-available, anywhereIncreasing complexityAdding capabilities adds management burden80% of IT cost is managing existing systemsTrends of the future magnify challengesMove to Datacenters – large scale, virtualization remote managementOutsourcing – lower skilled, high turnover users
9Streamlined Management Windows Server 2008 R2 as the foundation for data center automationExpand surface are of Windows Server that can be driven via scriptingTop server roles/tasks can be managed using remote & local PowerShell scriptsIn-box cmdlets for server roles, and for power, blade and chassis managementWork with OEMs and IHVs to deliver WS-Management compatible hardwareInstall and run Server Manager (including role management snap-ins) from Windows 7 clientsRemotable Server Manager UIBest Practices Analyzer integrated into Server ManagerPerformance counter viewer in Server ManagerWindows Server 2008 R2 has a number of improvements in remote administration, including the following:Improved remote management through updated graphical management consoles. Server Manager has been updated in a number of ways, including tight integration with other Windows Server core roles and Best Practice Analyzers. But one custoemr request that was most pervasive for Server Manager was the ability to install SM on an admin’s workstation and manage all the servers to which the admin has access from a remote console. We’ve answered that request in Windows Server R2.Improved remove management from command-line and automated scripts. PowerShell version 2.0 has a number of improvements for remote management scenarios. These improvements allow you to run scripts on one or more remote computers or allow multiple IT professionals to simultaneously run scripts on a single computer.
10Windows Server 2008 R2 Solution Server MigrationSituation TodayWindows Server 2008 R2 SolutionMigration PortalMigration Portal on TechNetOne-stop-shop for all migration resourcesStep by Step Migration GuidesTop Server RolesData, Shares and Some OS SettingsMigration Powershell CmdletsEasy to Script2 Server roles, 1 Feature, OS Settings, Data & SharesMigration Documentation and Tools:Available for a limited number of rolesHard to findInconsistent tools, documentation, and user experience
11Improvements in Windows Server Backup Backup specific files and folders.Perform incremental backups of system state.Perform scheduled backups to volumes.Perform scheduled backups to network shared folders.Manage backups by using PowerShell.Windows Server 2008 R2 includes a new version of the Windows Server Backup utility. This new version of Windows Server Backup allows you to:Backup specific files and folders. In Windows Server 2008 RTM you had to backup and entire volume. In Windows Server 2008 R2, you can include or exclude folders or individual files. You can also exclude files based on the file types.Perform incremental backup of system state. Previously, you could only perform a full backup of the system state by using the wbadmin.exe utility. Now you can perform incremental backups of the system state by using Windows Server Backup utility, the wbadmin.exe utility, or from a PowerShell cmdlet.Perform scheduled backups to volumes. You can perform a scheduled backup to existing volumes in Windows Server 2008 R2. In Windows Server 2008, you had to dedicate an entire physical disk to the backup (the target physical disk was partitioned and a new volume was created previously).Perform scheduled backups to network shared folders. You can now perform scheduled backups to a network shared folder, which was not possible in the previous version.Manage backups by using PowerShell. You can manage backup and restore tasks by using PowerShell (including all PowerShell remoting scenarios). This includes the management of on-demand and scheduled backups.
12Improved Command-line shell & Scripting Language Powershell 2.0Improved Command-line shell & Scripting LanguageImproves productivity & controlAccelerates automation of system adminEasy-to-useWorks with existing scriptsCommunity ModelNew FeaturesIntegrationGraphical PowerShell provides a graphical user interface that allows you to interactively create and debug PowerShell scripts within an integrated development environment similar to Visual Studio®.Graphical PowerShell include the following features:Syntax coloring for PowerShell scripts (similar to syntax coloring in Visual Studio).Support for Unicode characters.Support for composing and debugging multiple PowerShell scripts in a multi-tabbed interface.Ability to run an entire script, or a portion a script, within the integrated development environment.Support for up to eight PowerShell Runspaces within the integrated development environment.The new Out-GridView cmdlet displays the results of other commands in an interactive table, where you can search, sort, and group the results. For example, you can send the results of a get-process, get-wmiobject, or get-eventlog command to out-gridview and use the table features to examine the data.Note: Graphical PowerShell feature requires Microsoft .NET Framework 3.0.Active Directory Administration CenterIISPower ManagementOne-to-many remote management using WS-MGMTGraphical PowerShellImproved SecurityPortabilityNew cmdlets
15Active Directory Domain Services New Active Directory Domain Services management consolePowerShell integration/Built on PowerShellRecovery of deleted objectsNew AD Recycle BinImproved process for joining domainsOffline domain joinImproved management of user accounts and identity servicesManaged service accountsImproved Active Directory Federated ServicesAuthentication assuranceThe Active Directory Domain Service server role in Windows Server 2008 R2 includes the following improvements:Recovery of deleted objects. Domains in Active Directory now have a Recycle Bin feature that allows you to recover deleted objects. If an Active Directory object is inadvertently deleted, you can restore the object from the Recycle Bin. This feature requires the forest to be running in the Windows Server 7 functional level.Improved process for joining domains. Computers can now join a domain without being connected to the domain during the deployment process, also known as an offline domain join. This process allows you to fully automate the joining of a domain during deployment. Domain administrators create a file that can be included as a part of the automated deployment process. The file includes all the information necessary for the target computer to join the domain.Improved management of user accounts used as identity for services. One of the time consuming management tasks is to maintain passwords for user accounts that are used as identities for services, also known as service accounts. When the password for a service account changes, the services using that identity must also be updated with the new password. To address this problem, Windows Server 2008 R2 includes a new feature called managed service accounts. In Windows Server 2008 R2, when the password for a service account changes, the managed service account feature automatically updates the password for all the services that use the service account.Reduced effort to perform common administrative tasks. Windows Server 2008 R2 includes a new Active Directory Domain Services management console, Active Directory Administrative Center, which is a task-based management console that is based on the new PowerShell cmdlets in Windows Server 2008 R2.Improved Active Directory Federated Services. Active Directory Federated Services in Windows Server 2008 R2 includes a new feature called authentication assurance. Authentication assurance allows you to establish authentication policies for accounts that are authenticated in federated domains. For example, you might require smart card authentication or other biometric authentication for any users in federated domains.
17File Classification Infrastructure Discover DataExamine Data for qualities bearing on classificationClassify DataStore classification propertiesApply Policy based on classificationFile Classification Extensibility pointsGet classification properties API for external applicationsSet classification properties API for external applicationsInfrastructure to classify files and apply policy based on classificationMessagingWindows Server 2008 R2 File Classification Infrastructure provides insight into your data to help you manage your data more effectively, reduce costs and mitigate risks by providing a built-in solution for file classification allowing administrators to automate manual processes with predefined policies based on the data’s business value. Also provided is an extensible infrastructure upon which ISVs can build end-to-end solutions that enable organizations to perform advanced classification and data management helping enable Microsoft partners to deliver rich classification solutions.In-box, end-to-end scenariosIntegration with SharePointExtensible infrastructure & Partner ecosystem
19Better Together With Windows 7 More effective software control with AppLockerUbiquitous remote connectivity via DirectAccessCombining Remote Workspace, Presentation Virtualization and Remote Desktop Services Gateway allows native desktop experience over public Win 7 computersBranchCache for improved branch performanceRead-Only DFS for improved branch office securityMore efficient client power managementDesktop and applications virtualization feeds featureAgile VPNBitLocker encryption on removable drivesWindows Server 2008 R2 has many features that are designed to specifically work with client computers running Windows 7. The features that are only available with running Windows 7 client computers with server computers running Windows Server 2008 R2 include:Simplified remote connectivity for corporate computers by using the Direct Access feature. (next slides)Improved performance for branch offices by using the Branch Caching feature. (a little further down)More efficient power management by using the new power management Group Policy settings for Windows 7 clients.Improved virtualized presentation integration by using the new desktop and application feeds feature. This allows TS/VDI administrators to construct centrally managed virtualized desktop and application resources, then assign those resources to users who subscribe to them in a ‘feed’ paradigm. Subscribing to a feed means you’re constantly updated when IT updates or manages the resource. For most users, this will also be invisible as Windows 7 integrates virtual applications in the same way it does locally installed apps.AD’s new GPOs also enhance security with the new BitLocker to Go feature which not only allows Windows 7 users to extend BitLocker encryption to portable drives (like USB flash drives or CompactFlash cards), but also lets administrators set policies on this feature as well for data syncing.The Offline Files feature allows administrators to designate files that are stored on network shared folders for use even when the network shared folders are unavailable (offline). For example, a mobile user disconnects a laptop computer from your intranet and works from a remote location. In Window Server 2008 RTM and Windows Vista this feature is configured in online mode by default. In Windows Server 2008 and Windows 7, this feature is configured in offline mode by default.
20Software Control via AppLocker Windows Server 2008 R2 and Windows 7 SolutionSituation TodayAppLocker™Users can install and run unapproved applicationsEven standard users can install some types of softwareUnauthorized applications may:Introduce malwareIncrease helpdesk callsReduce user productivityUndermine compliance effortsEliminate unwanted/unknown applications in your networkEnforce application standardization within your organizationEasily create and manage flexible rules using Group Policy
22Remote Access for Mobile Workers Make Users Productive Anywhere Microsoft Confiential: Preliminary Information: NDA OnlyRemote Access for Mobile Workers Make Users Productive AnywhereWindows Server 2008 R2 and Windows 7 SolutionSituation TodayOne of the goals of Windows 7 is to enable users to access the information that they need whether they are in or out of the office.In the past few years, Microsoft has made getting to from outside the office easier. First we had Outlook Web Access, so we could access through the web. Then we introduced RPC over HTTP, which just requires and internet connection to connect to the Exchange server.But users still have a challenge when accessing resources that are inside the corporate network. For example users cannot open the links to an internal Web site or share included in an .The most common method to access these resources is VPN. VPN can be hard to use for users because it takes time and multiple steps to initiate the VPN connection and wait for the PC to be authenticated from the network. Hence, most remote users try to avoid VPN’ing as much as possible and stay disconnected from corporate network for as long as they can. At this point we run into a chicken-egg problem: Since remote users are disconnected, IT cannot manage them while away from work – remote users stay more out of date and it gets harder and harder to access corporate resources…With the capabilities Windows 7 enables, users who have internet access will be automatically connected to their corporate network. A user who is sitting on a coffee shop can open his laptop, connect to the internet using the wireless access of the coffee shop and start working as if he is in the office. The user in this case will be able to not only use outlook, but also work with intranet sites, open corporate shares, use LOB applications, and basically have full access to corporate resources.This solution is also very appealing to IT Professionals:Managing mobile PCs has always been an issue since they could be disconnected from the corporate network for a long time. With this work access solution, as long as they have internet connectivity, users will be on corporate network. Servicing mobile users (such as distributing updates and Group Policy) is easier since they can be accessed more frequently by IT systems.Deploying Windows 7 will not automatically enable this type of work access connection. You will have the choice to enable it or not and it will require some changes to your backend network infrastructure, including having at least one server running Windows Server 2008 R2 at the edge of your network. The solution takes advantage of Microsoft’s investments in IPSEC and IPv6 to provide secure connectivity even when not on the physical corporate network.Direct Access ™OfficeHomeOfficeHomeNew network paradigm enables same experience inside & outside the officeSeamless access to network resources increases productivity of mobile usersInfrastructure investments also make it easy to service mobile PCs and distribute updates and policesDifficult for users to access corporate resources from outside the officeChallenging for IT to manage, update, patch mobile PCs while disconnected from company network
23DirectAccess Benefits IT Pro BenefitsImproved manageability of remote usersIT simplification and cost reductionConsistent security for all access scenariosSeamless & secure access to corporate resourcesConsistent connectivity experience in / out officeCombined with other Windows 7 features enhances the end to end IW experienceEnd User Benefits
24DirectAccess Deployment Get ready step by stepDetermine your strategyBe ready to monitor IPv6 trafficChoose an Access Model: Full Intranet Access vs. Selected Server Access?Assess deployment scaleGet your infrastructure readyWindows 7 clientsWindows Server 2008 R2 DirectAccess ServerDC, DNS Server, Active Directory, PKI, Application Servers, etc.During deploymentUse DirectAccess configuration wizard to setup DirectAccess Server and generate policies for clients, application servers, and DC/DNSCustomize policies as needed
25Microsoft Confiential: Preliminary Information: NDA Only BranchCache™Windows 7 SolutionCaches content downloaded from file and Web serversUsers in the branch can quickly open files stored in the cacheFrees up network bandwidth for other usesTechnical DetailsAuthenticates current state of data and access rights of the user against the serverSupports commonly used protocols: HTTP(S), SMBSupport network security protocols (SSL, IPsec)Requires Windows Server 2008 R2 in the data center and hosted cache
26BranchCache Distributed Cache Main OfficeDataDataIDIDGetGetGetGetDataBranch Office
27BranchCache Hosted Cache Main OfficeGetDataDataIDIDGetGetIDGetSearchSearchIDDataAdvertizeIDRequestBranch OfficeIDDataPut
28Microsoft Confiential: Preliminary Information: NDA Only BranchCacheEnterpriseDistributed CacheData cached in cache poolHosted Cache Data cached at the host serverRecommended for branches without a branch serverEasy to deploy: Enabled on clients through Group PolicyCache availability decreases with laptops that go offlineCache stored centrally: existing Windows Server 2008 R2 in the branchCache availability is highEnables branch-wide cachingIncreased reliability
30Data Protection Enhance Security & Control Microsoft Confidential: Preliminary Information: NDA OnlyData Protection Enhance Security & ControlSituation TodayWindows Server 2008 R2 and Windows 7 SolutionBitLocker ToGo™Some of the biggest investments we are making to Enhance Security and Control are around Data Protection.According to an Information Week survey, 87% of consumers said they lost respect for a company that divulged customers' personal information due to loss of theft. The 600K+ lost or stolen laptops a year are one of the more dramatic examples of information leakage that businesses must contend with.For organizations who have deployed Windows Vista with BitLocker, they know company data, including customer data, is well protected if a laptop is lost or stolen. Additionally, customers who have deployed Windows Vista SP1 with BitLocker gain the ability to easily protect multiple internal disk volumes, not just the primary system volume.Unfortunately, data leakage is not just a lost laptop issue anymore. The ubiquity of USB Flash Drives provides even greater opportunity for data to fall into the wrong hands. Today, more than twice as many USB Flash Drives enter the marketplace than PC’s. A leading analyst forecasts that, in 2010, the average USB flash drive will hold almost 4 GB of data and cost less than $10. The scary part for an organization: unlike losing a laptop, a user never seems to report, or sometimes even notice, the loss of a USB flash drive!In a survey conducted in 2007 by a leading analyst, more than half of respondents (52 percent) have lost confidential data through removable media such as USB Flash drives in the past two years.In Windows Vista, we gave you granular USB port controls so that you could block the utilization of USB removable storage devices.Unfortunately, blocking removable storage devices does not provide you with all the flexibility and control you need to protect your organization. There are valid business requirements that necessitate the need to store data on removable USB devices (e.g., sharing large files with a trusted partner, taking work home).Windows 7 extends the data protection mechanisms made available in Windows Vista. In Windows 7, BitLocker To Go will protect data stored on portable media (e.g., USB Flash Drives, USB Portable Hard Drives) such that only authorized users can read the data, even if the media is lost, stolen, or misused. New BitLocker policies will allow you to enforce data protection and require that data can only be written to BitLocker-protected removable devices.Unlike some types of special devices you can purchase that may encrypt hardware, BitLocker can store the recovery information in Active Directory. This allows for field recovery of BitLocker drives in the instance that a user forgets his passphrase.Finally, we are streamlining the overall setup and administration of BitLocker for all storage devices.+Worldwide Shipments (000s)Protect data on internal and removable drivesMandate the use of encryption with Group PoliciesStore recovery information in Active Directory for manageabilitySimplify BitLocker setup and configuration of primary hard driveGartner “Forecast: USB Flash Drives, Worldwide, ” 24 September 2007, Joseph Unsworth Gartner “Dataquest Insight: PC Forecast Analysis, Worldwide, 1H08” 18 April 2008, Mikako Kitagawa, George Shiffler III
32IIS 7.5 & Windows Server 2008 R2 The Overall Value for Customers More ReliableMore ControlMore SecureMore ChoiceIncreased availability through powerful troubleshooting tools, improved caching and dynamic request handlingSimplified, delegated management through flexible, customizable administration tools with easier application deployment for developersImproved security and server protection through reduced server footprint and enhanced publishing and request filtering capabilitiesFlexible platform with enhanced support for multiple application development platforms and media content deliveryObtain detailed reporting and diagnostic information more easilyEnable high-speed dynamic caching and compression for improved performanceImplement scalable Web farm with HTTP-based load balancing and intelligent request handling and routingConfigure and manage your Web infrastructure from one place through wide selection of administration toolsDelegate site configuration management and publishing to remote usersArchive, package, migrate and deploy complete applications and Web servers more easilyImplement reduced attack surface with automatic application isolationPublish Web content more securely using standards- based protocolsProtect Web server and Web applications from malicious requests and unauthorized accessDeploy a streamlined, more modular and extensible Web serverOptimize bandwidth and set content delivery options through intelligent media servingDeploy and develop ASP.NET and PHP applications together on more flexible Web platformIIS 7.0 is more reliable and more secure than previous versions of IIS and other Web application platforms, and it delivers much more control and choice than competitive platforms to be the only Web server you’ll need for hosting a variety of Web applications, media formats and services.Features that add more reliability:Obtain detailed reporting and diagnostic information more easily (IT, Dev, Hoster) [Detailed Errors, Failed Request Tracing, IIS Reporting]Enable high-speed dynamic caching and compression for improved performance (IT, Hoster) [User-mode caching, kernel-mode caching, static and dynamic compression]Implement scalable Web farm with HTTP-based load balancing and intelligent request handling and routing (IT, Hoster) [URL Rewriter, Application Request Router]Features that add more control:Configure and manage your Web infrastructure from one place through wide selection of administration tools (IT, Hoster) [Shared Configuration, IIS Manager for Remote Administration, Database Manager, PowerShell Provider, .NET Web Administration, WMI]Delegate site configuration management and publishing to remote users (IT, Dev, Hoster) [Feature Delegation, IIS Manager for Remote Administration]Archive, package, migrate and deploy complete applications and Web servers more easily (IT, Dev, Hoster) [Web Deployment Tool]Features that increase security:Implement reduced attack surface with automatic application isolation (IT, Hoster) [Server Core, Modular Architecture, Application Pool Isolation]Publish Web content more securely using standards-based protocols (Dev, Hoster) [FTP, WebDAV]Protect Web server and Web applications from malicious requests and unauthorized access (IT, Dev, Hoster) [Request Filtering, URL Scan, URL Rewriter, URL Authorization]Features that provide more choice:Deploy a streamlined, more modular and extensible Web server (Dev) [Server Core, Modular architecture, .NET Extensibility, ISAPI Extensions and Filters]Optimize bandwidth and set content delivery options through intelligent media serving (IT, Dev, Hoster) [Bit Rate Throttling, Media Playlists, Adaptive Streaming (to come)]Deploy and develop ASP.NET and PHP applications together on more flexible Web platform [Web PI, Web AI, FastCGI, Integrated Pipeline]
33Key Changes to IIS in R2 IIS 7.5 ASP.NET on Server Core New IIS Manager ModulesOur Web pillar of technology investment certainly includes updates to IIS 7.0. But Web serving isn’t the only application in consideration here. We consider the Web pillar indicative of all application serving and deployment requirements. That means this pillar includes all features aimed at reducing the effort required to administer and support Windows Server-based applications and also includes new features that allow Windows Server 2008 R2 applications to scale to larger configurations with improved availability and fault tolerance.The improvements to Web and application serving in Windows Server 2008 R2 include:Streamlined administration for web-based applications – including new PowerShell cmdlets, new admin pack and new management consolesEnhancing security – use of standard protocols, Request Filter module, channel binding tokensExtending the functionality and features for web-based applications.Enhancing support for web-based applications (support for PHP, support for .NET on Server Core).Improving file transfer services (new FTP 7 server)Improving deployment – bundled web deployment tool and new features like the hostable web core.Improving performance & availability as well as improving network storage performance and management all relate to web and application serving, but we’ll tall more about those in the scalability and reliability section later on in the presentation. \Integrated PowerShell ProviderConfiguration Logging & TracingIntegrated FTP and WebDAVExtended Protection & Security
35Scalability Enhancements Run the largest workloads and fully utilize multi-core servers with a single WSS08R2 server instanceGet standard workloads to function with fewer locks and greater parallelismSupport more than 64 processor cores for a single OS instanceReduced overhead for Hyper-V, and improved storage performanceComponentization - Improvements to Server CoreSupport more roles and broaden current role support (e.g., the addition of ASP.net within IIS)PowerShell scripting in Server Core.NET framework on Server core, which in turn should drive app supportVirtualization improves server consolidation, but in many cases this might mean purchasing new hardware. Getting the most out of your existing or newly purchased hardware is critical to IT TCO. To help with this, Windows Server 2008 R2 takes advantage of advanced CPU and memory architectures so you can run greater workloads on individual physical hardware with significantly few locks and better support for parallelism. Server 2008 R2 also supports up to 256 logical processor cores for a single OS instance, enabling huge potential workloads per physical platform.Platform features including Hyper-V in Windows Server 2008 R2 and new enterprise storage capabilities also include the ability to take advantage of hardware advancements. Hyper-V, for example, can take advantage of up to 32 logical cores per VM and utilize advanced memory management as well. Enterprise storage administrators will find better support for iSCSI and Ethernet SANs, with wirespeed-level throughput and new power management features, too.Compentization was introduced back in Windows Server 2003 and was expanded in Server This technology has been expanded even more in Server 2008 R2 with more available core roles as well as broader technology support for particularly popular roles like ASP.NET support in IIS and the PowerShell capability in Server Core. Advancements like these, especially the expansion of .NET across more roles, should server to drive third-party application support for Windows 2008 R2 as well.At a more core OS level, we’ve also added a slew of updates to critical HA and performance characteristics via updates to our Failover Clustering technology, updates to server workload and scaling capacity, significant improvements to our enterprise storage technologies covering iSCSI, throughput and management.
36Improving Availability Failover Clustering Custer configuration validationPowerShell supportIPSec improvementsIncreased resiliencyEnhanced monitoringRead Only AccessCluster Workload MigrationHigh Availability RolesImproved Fault ToleranceLive MigrationAvailability is a key factor for every solution in the enterprise. Today most mission critical applications are running on Windows Server and those applications require high availability. Failover clustering in Windows Server 2008 R2 has many improvements that can help overall application and operating system availability, including the following:Enhanced cluster validation tool. Windows Server 2008 R2 includes a best practice analyzer test which examines the best practices configuration settings for a cluster and cluster nodes. The test runs only on computers that are currently cluster nodes.Enhanced command line and automated management. PowerShell cmdlets provide the ability to fully manage failover clusters and the applications running on the cluster. The PowerShell cmdlets replace cluster.exe, which provided a command-line and scriptable interface for managing failover clusters in previous versions of Windows Server.Improved performance for intermittent or slow secured network connections. There are improvements in Internet Protocol Security (IPSec) reconnection time that is achieved by eliminating some of the initial handshaking when reconnecting due to intermittent or slow connections.Improved network resiliency between cluster nodes. The connectivity between cluster nodes has been revised to give clusters the ability to recover from intermittent or slow connections between cluster nodes without affecting cluster node status.Improving the monitoring of clusters, cluster nodes, and applications. Failover clustering in Windows Server 2008 R2 includes the following improvements that help in failover cluster monitoring:New performance counters that help reduce the support and troubleshooting effort for cluster-based applications. New logging channel that helps clearly identify failover clustering-related events.New support issue solutions that can be accessed directly while viewing the events for the top support issues.Secured access to cluster monitoring and configuration information. The failover clustering PowerShell provider leverages the delegated permissions available in PowerShell 2.0 to provide read- only access to cluster monitoring and configuration information. This allows you to allow less privileged IT professionals read-only access, while allowing high privileged IT professionals read and write access.Read-only Access - Windows Server 2008 R2 provides read-only access to cluster configuration information through PowerShell cmdlets (not available through graphical management consoles). Useful for first tier support, administrators, and troubleshooting, this improves security and availability by preventing unauthorized changes to cluster configuration and behavior.Improved migration of supported cluster workloads. You can migrate cluster workloads currently running on Windows Server 2003 and Windows Server 2008 to Windows Server 2008 R2. The migration process supports:Every workload currently supported on Windows Server 2003 and Windows Server 2008, including Distributed File System Namespace (DFS-N), Dynamic Host Configuration Protocol (DHCP), DTC, File Server, Generic Application, Generic Script, Generic Service, Internet Storage Name Service (iSNS), MSMS, Network File System (NFS), Other Server, TSSB, and Windows Internet Naming Service (WINS).Most common network configuration.Does not support rolling upgrades of clusters (cluster workloads must be migrated to a new clusters running Windows Server 2008 R2).Includes new high availability roles for failover clustering. Failover clustering in Windows Server R2 includes new high availability roles, including DFS-Replication, Hyper-V, and Terminal Services Session Broker.Improvements in cluster node connectivity fault tolerance. If a cluster node loses connectivity to a shared disk, the cluster node can write to the shared disk through other cluster nodes (also known as dynamic I/O redirection). If a cluster node loses connectivity through the primary network adapter, the cluster node can access the network through the primary network adapter of other cluster nodes.Improvements for virtual machine management. The Live Migration feature in Hyper-V in Windows Server 2008 R2 allows virtual machines to be moved between failover cluster nodes without interruption of services provided by the virtual machines. The Live Migration feature uses the new Cluster Shared Volumes feature in failover clustering. The Cluster Shared Volumes feature supports a file system that is shared between cluster nodes. This feature is implemented as a filter driver in Windows Server 2008 R2. It is manually enabled by configuring a cluster wide property in PowerShell. It is not supported with cluster nodes in multiple sites . This feature leverages other failover cluster features, such as dynamic I/O redirection to maintain connectivity to disks. The Cluster Shared Volumes feature has no:Special hardware requirements.Special application requirements.File type restrictions.Directory structure or depth limitations.Special agents or additional installations.Proprietary file system (uses NTFS).
37Core Parking Overview Benefits Scheduling processes on a single server for density as opposed to dispersionThis allows “park/sleep” cores by putting them in deep C statesBenefitsEnhances Green IT by reducing CPU power consumptionThe Core Parking feature, which is configured by using Group Policy, allows Windows Server 2008 R2 to consolidate process onto the fewest number of possible processor cores and suspends inactive processor cores. If additional processing power is required, the Core Parking feature activates inactive processor cores to handle the increased processing requirements.
39Related Content Required Slide Speakers, please list the Breakout Sessions, TLC Interactive Theaters and Labs that are related to your session.Related ContentWSV205 Extend Your Web Server: What's New in IIS and the Microsoft Web Platform WSV320 Reinventing Remote Access with DirectAccess VIR401 Inside Windows Server 2008 R2 Virtualization Improvements and Native VHD Support WSV339 Windows Server 2008 R2 File Classification Infrastructure: Managing Cost and Mitigating Risk on File ServersWSV321 Server Management Improvements in Windows Server 2008 R2 WSV319 Windows PowerShell and Windows Server 2008 R2 WSV308 Overview of Remote Desktop Services (Previously Known as Terminal Services)WSV02-INT Windows Server 2008 R2: Q&A WSV01-INT Failover Clustering Unleashed with Windows Server 2008 R2WSV08-HOL Introduction to Windows PowerShell Fundamentals WSV18-HOL Windows Server 2008 R2: Implementing Direct Access WSV19-HOL Windows Server 2008 R2: Server Management and PowerShell V2 WSV20-HOL Windows Server 2008 R2: What's New in Microsoft Active Directory
40Windows Server Resources Required SlideTrack PMs will supply the content for this slide, which will be inserted during the final scrub.Windows Server ResourcesMake sure you pick up your copy of Windows Server 2008 R2 RC from the Materials Distribution CounterLearn More about Windows Server 2008 R2:Technical Learning Center (Orange Section):Highlighting Windows Server 2008 and R2 technologiesOver 15 booths and experts from Microsoft and our partners
41Resources Required Slide Speakers, www.microsoft.com/teched TechEd 2009 is not producinga DVD. Please announce thatattendees can access sessionrecordings at TechEd Online.ResourcesSessions On-Demand & CommunityMicrosoft Certification & Training ResourcesResources for IT ProfessionalsResources for DevelopersMicrosoft Certification and Training Resources
42Complete an evaluation on CommNet and enter to win! Required SlideComplete an evaluation on CommNet and enter to win!