Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presented by Mark Minasi tech forum, newsletters at Session Code:CLI324 1.

Published byAngel Vivien Gregory Modified over 8 years ago

Similar presentations

Presentation on theme: "Presented by Mark Minasi tech forum, newsletters at Session Code:CLI324 1."— Presentation transcript:

1 presented by Mark Minasi help@minasi.com tech forum, newsletters at www.minasi.comwww.minasi.com Session Code:CLI324 1

2 Topics Um, what do I do… Vista, Win 7, roll back to Windows 98? New UI stuff, networking changes Rolling it out, securing it, storing things Virtuality!!! Active Directory Saving Money 2

3 Okay, First Thing… What are they going to call it (Like anybody cares) Desktop = Windows 7 (unless it changes) Server=Windows Server 2008 R2 Server only comes in x64, no x86 Desktop still offers x86 3

4 "When? When? When?" "can I skip Vista? Can I can I can I? Pleeze?" General availability on 22 October Don't worry about XP support… it's extended to April 2014 So… Vista or not? 4

5 The Vista/Win 7 Choice is Easy Microsoft knows you hate Vista (I don't work for Microsoft, and you guys tell me anyway!) Vista's main problem was that it came out too early – many 2005 machines couldn't handle its needs, drivers didn't exist yet, nor did SP1 Which means that even if you think you hate Vista, the chances are good that if you took a fresh look at it today, it'd look pretty good 5

6 Vista or Win 7 = You're Fine Either Way And so… Speed is about equal between the two "If it's a Vista driver, it's a Win 7 driver" "If it runs Vista well, it'll run Win 7 well" Windows 7 includes nearly 400 "fixes," built-in shims that solve compatibility problems Any SDB-type patches created in Vista work on W7 Bottom line: you can use the same hardware for Vista or Win 7, so Win 7 will cause you no more planning needs than Vista would 6

7 UI Stuff SideBar's gone, now gadgets go right on the desktop UI does an interesting job of being more document-centric than app-centric: you can have MRU lists for as many apps as you like on the taskbar, as if the app were running You can control system tray behavior for each app 7

8 More UI Stuff Easy adjustment to make two windows share the screen side-by-side, half apiece Some tablet users will be able to run their Win 7 boxes as they were iPhones, all finger pushes (of course, most tablets currently don't respond to fingers…) ONE right-click on the Desktop gets you to video resolution Paint and WordPad get the Ribbon! 8

9 More UI: Libraries New way to show files, sort of an evolution of how (for example) Vista shows tunes differently than videos or pictures Extends to downloaded files (shows their URL), contacts (shows their essential values) Essentially it's a meta-view of a bunch of folders Includes and extends the notion of search folders 9

10 The Blue UI: PowerShell You'll see PowerShell support in a lot of things – it was a design goal Win 7/R2 has Powershell 2.0, which does neat remote stuff Remoting atop WinRM, not RPC.NET's now on Server Core, so PowerShell's on Server Core 10

11 Remote Access News You've heard about PowerShell and WinRM Terminal services has new name: Remote Desktop Services Not exactly a Win 7 topic, but MS is now pushing Hyper-V for virtual desktops ("MED-V") Server Manager now works remotely for role/feature control, even on Server Core 11

12 Networking Mobile broadband support makes mobile broadband look like a NIC, not dialup Different NICs can have different firewall profiles DHCP now has support for scope failover from one DHCP server to another and lets you block/allow MAC addresses 12

13 Deployment How will we get this thing out? Same "Panther" engine as Vista/08 Asks questions up front, you go away, come back, you've got a system running Very easy to script with Windows System Image Manager, free download from Microsoft Unpopular news for some: you can upgrade from Vista, but not XP 13

14 Deployment Multicasting Important new changes in WDS multicasting: three different "speed lanes" for multicasting images Dynamic driver provisioning: deploys an image, and removes unneeded drivers New tool: DISM replaces peimg, pkgmgr, and some of ImageX's features … and DISM patches offline virtual machines USMT "hard links" lets you wipe a disk but retain whatever files you choose 14

15 Security in Win 7 Some big stuff: DirectAccess Applocker Bitlocker to go No more LM DNSSEC And some odds 'n' ends 15

16 DirectAccess Call it "seamless VPN" Microsoft has used a process for years now whereby employees log onto the network, get an IPv6 address and tunnel (via Teredo) into MS's corpnet, using IPsec Local inside-corpnet-only addresses and names now look local ("Name Resolution Policy Table" accomplishes it) Difference: it's seamless Requires IPv6, IPsec, R2 RRAS servers – set up with a wizard 16

17 DirectAccess Benefits: Seamless remote access to internal resources VPN that doesn't force your Internet traffic to be encrypted Machine/machine connection means that central IT staff can patch/examine system even when user's not connected 17

18 AppLocker: SAFER, but Safer (SAFER= the beta name of Software Restriction Policies) Basically an improved Software Restrictions But it's a lot smarter about handling signed applications Includes a wizard that will look at a system and create an AppLocker policy for it automatically 18

19 BitLocker To Go Removable devices can now be bitlockered You can even create a group policy requiring it Or say, "we won't write data to this USB stick unless it's Bitlockered" As before, you can store keys in AD, or in external 48-digit keys 19

20 Security UAC now has a slider with four ticks on it to control how intrusive it is Windows Solution Center (which contains the old Security Center) gives you more control over what sort of notifications the system gives you, reducing its irritation factor Workgroups can now be "HomeGroups," a password-protected group that lets you connect to resources in your home's network with your company's PC without your company's security settings getting in the way 20

21 More Security Neat new "global security access control list" makes object access auditing more useful Just point to a user and an object and it'll tell you, "user A tried to access object B and failed/succeeded because of X group membership" Multihomed systems can now have different firewall settings Read-Only DFS for branch office security 21

22 And Even More… New group policies let you block NTLM logons LM can't happen Windows now has in-the-box support for biometrics (fingerprint readers etc) BitLocker To Go encrypts portable devices like USB sticks… and a group policy lets you mandate "if you want to use a USB stick, it must be encrypted" "VPN reconnect" aims to keep you connected even when the VPN's spotty, as it's smart enough to retry at multiple VPN junction points 22

23 DNSSEC Relatively old protocol-wise (2001-ish), but topical now Does not secure dynamic DNS updates Does secure responses to queries, with the result that it makes a DNS cache poisoning of the type recently discussed very unlikely For full effect, it'll require at least all R2 DNS servers on the forwarders/masters, and possibly on all DNS servers 23

24 Storage VHDs are becoming the new "container" standard, and have less and less to do with VMs You can put one on your system, install an OS to it… and tell bcdedit to boot that OS Mounting a VHD in Win7 is called "surfacing" it Diskpart is the basic tool of choice to work with it Of course, Vista & 2008 use them for backups now 24

25 Storage Consider the idea of a VHD-ed system; it has only A C: drive with a boot record, basically An E: drive with one file named something like "mywindows.vhd" Some BCDEDIT commands to point to e:\mywindows.vhd On drives larger than about 30 GB, Windows automatically creates a small, un-lettered partition (whether or not you mess with VHDs) Makes BitLocker easier to set up and makes for a "cleaner" looking C: drive 25

26 BranchCache Lite ("Distributed") So you're in a remote site, and you're using a file accessed across the WAN… Someone else on your subnet needs that file… And you supply it (without knowing) You advertise your files using a Network Discovery protocol (the thing that's replaced Computer Browser in Vista/2008) Uses multicasts, not broadcasts 26

27 BranchCache Lite Caches SMB and HTTP/HTTPS traffic Security integrated so you can't look at things in the cache that you don't have access to Only Windows 7 systems can participate Extra: the SMB client does more caching… reopen a file and it's as quick as if you've already opened it 27

28 Hosted BranchCache What's that you say, you have more than one subnet? Enable BranchCaching on a local server Caches on the basis of hashed 64K blocks Server is obviously faster and can dedicate more resources It's a "role" in 2008 R2 (Enterprise/Datacenter) Windows 7 clients know to use it because group policy tells it to 28

29 Virtual Machines/Hyper-V Live Migration (like VMotion), shifts in ~10 ms range New NIC hardware supports separate queues for different virtual NICs, Hyper-V supports it Ditto NICs with embedded network switches Second level address translation on CPUs now supported – solves a problem (flushing VM page tables) that can take up to 10% of CPU time 64 cores supported 29

30 Active Directory Changes New domain functional level New task-oriented UI: AD Administration Center PowerShell cmdlets AD Recycle Bin Automatically maintained domain-based service accounts, new type of account ("Managed Service Accounts" Best Practice Analyzer Offline Domain Join 30

31 AD and PS We get 70+ PowerShell cmdlets for AD New AD Administration Center is the new AD GUI tool but, interestingly enough, it's really just a PowerShell application – PowerShell 2.0 supports GUI forms, so … but under the hood, it's nothing more than a GUI front end to PowerShell commands No "reflectivity," though… bummer! 31

32 performance, less power, easier hardware updates… 32

33 Miscellaneous Good Things Problem Steps Recorder The way that the OS gives RAM to apps changes (with Vista, it's pretty generous in an attempt to make it faster), and so W7 should use less memory Non-miniport print drivers mean no (well, fewer) printer driver blue screens Print drivers can be isolated 33

34 Power Management Big push on this New "AQ" logo program Three power management defaults all yield 10% better power use "Core Parking" shuts down particular cores or entire sockets when not needed on Windows 7 and R2 systems 34

35 Thanks for coming! You can contact me at help@minasi.com Free technical newsletters at www.minasi.com Online technical support there as well Enjoy the conference!!!! 35

36

37 Complete an evaluation on CommNet and enter to win an Xbox 360 Elite!

38 © 2009 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION. Required Slide

Download ppt "Presented by Mark Minasi tech forum, newsletters at Session Code:CLI324 1."

Similar presentations

The System Center Family Microsoft. Mobile Device Manager 2008.

The System Center Family Microsoft. Mobile Device Manager 2008.
1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.

1. 2 Branch Office Network Performance Caches content downloaded from file and Web servers Users in the branch can quickly open files stored in the cache.
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
Welcome Thank you for taking our training. Collection 6292: Installing and Configuring Windows 7 Client Course 10237 – 10245 at

Welcome Thank you for taking our training. Collection 6292: Installing and Configuring Windows 7 Client Course – at
1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.

1 Week #1 Objectives Review clients, servers, and Windows network models Differentiate among the editions of Server 2008 Discuss the new Windows Server.
Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation

Connect with life Gopikrishna Kannan Program Manager | Microsoft Corporation
Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation

Dan Stolts IT Pro Evangelist US DPE - North East Microsoft Corporation
Multi-PC, Networked, Broadband Households US: 19.2 M, Globally: 40+ M and growing Source: Microsoft Primary Research CountryHouseholds (millions) Broadband.

Multi-PC, Networked, Broadband Households US: 19.2 M, Globally: 40+ M and growing Source: Microsoft Primary Research CountryHouseholds (millions) Broadband.
Michael Kleef Technology Advisor | Microsoft Australia

Michael Kleef Technology Advisor | Microsoft Australia
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.

Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
MICROSOFT CONFIDENTIAL Asking Questions  Text ‘Microsoft’ to 60300 with your question – don’t forget your name – standard text rates apply.

MICROSOFT CONFIDENTIAL Asking Questions  Text ‘Microsoft’ to with your question – don’t forget your name – standard text rates apply.
4/17/2017 7:07 AM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.

4/17/2017 7:07 AM © 2007 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered.
Sudhir Rao Technology Specialist | Microsoft Corporation.

Sudhir Rao Technology Specialist | Microsoft Corporation.
Understanding Active Directory

Understanding Active Directory
Ran Oelgiesser, Sr. Product Manager Praveen Vijayaraghavan, Program Manager (Virtual PC) Yigal Edery, Group Program Manager (MED-V)

Ran Oelgiesser, Sr. Product Manager Praveen Vijayaraghavan, Program Manager (Virtual PC) Yigal Edery, Group Program Manager (MED-V)
Name Title Microsoft Windows Azure: Migrating Web Applications.

Name Title Microsoft Windows Azure: Migrating Web Applications.
Microsoft Desktop Virtualization Migrating to Windows 7 With MED-V.

Microsoft Desktop Virtualization Migrating to Windows 7 With MED-V.
Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.

Week #10 Objectives: Remote Access and Mobile Computing Configure Mobile Computer and Device Settings Configure Remote Desktop and Remote Assistance for.
Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.

Purpose Intended Audience and Presenter Contents Proposed Presentation Length Intended audience is all distributor partners and VARs Content may be customized.
Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.

Chapter 5 Roles and features. objectives Performing management tasks using the Server Manager console Understanding the Windows Server 2008 roles Understanding.

Similar presentations

Ads by Google