1 / 40

Technical Overview

Nguyen An Que Technology Specialist Microsoft Vietnam Que.Nguyen@microsoft.com. Technical Overview. Windows Server 2008 pillars. Web. Virtualization. Security. Delivers rich web-based experiences efficiently and effectively .

maleah
Télécharger la présentation

Technical Overview

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Nguyen An Que Technology Specialist Microsoft Vietnam Que.Nguyen@microsoft.com Technical Overview

  2. Windows Server 2008 pillars Web Virtualization Security Delivers rich web-based experiences efficiently and effectively Provides highest levels of protection for your network, your data, and your business Reduces costs, increases hardware utilization, optimizes your infrastructure, and improves server availability Solid Foundation for Your Business Workloads Most flexible and robust Windows Server operating system to date Provides the most versatile and reliable Windows platform for all of your workload and application requirements

  3. Most Flexible and Robust Windows Server Operating System to Date SolidFoundation Reliability Management Windows Server Manager PowerShell Windows Deployment Services Server Core Next Generation Networking High Availability Clustering

  4. Windows PowerShell Solid Foundation New Command-line shell & Scripting Language Improves productivity & control Accelerates automation of system admin Easy-to-use Works with existing scripts SolidFoundation Futures • TechNet ScriptCenter • Exchange Server 2007 • Terminal Server • WMI, Registry, Hardware, etc. • Community-Submitted scripts • MyITForum.com Will ship in Windows Admin GUIs layered over PowerShell One-to-many remote management using WS-MGMT

  5. Demo PowerShell 7

  6. Managing Windows Server 2008 Solid Foundation Server Manager Initial Configuration Product Installation

  7. Windows Server Core Solid Foundation Server Core Security, TCP/IP, File Systems, RPC,plus other Core Server Sub-Systems Web AD DS DHCP AD LDS DNS Media GUI, CLR, Shell, IE, OE, etc. File Print Only a subset of the executable files and DLLs installed No GUI interface & .NET managed code installed Less disk space and management required Can be managed with remote tools (MMC, RDP)

  8. Demo Server Core 8

  9. Dual-IP layer architecture for native IPv4 and IPv6 support Improved Network Performance Troubleshooting Improved performance via hardware acceleration and auto-tuning Greater extensibility and reliability through rich Windows Filtering Platform APIs Completely manageable through Group Policy Solid Foundation Complete Redesign of TCP/IP Winsock User Mode Kernel Mode AFD TDI Clients WSK Clients TDI WSK TDX Next Generation TCP/IP Stack (tcpip.sys) RAW TCP UDP Inspection API IPv6 IPv4 802.3 WLAN Loop-back IPv4 Tunnel IPv6 Tunnel NDIS Next Generation TCP/IP Stack (tcpip.sys) TCP UDP RAW IPv6 IPv4 802.3 WLAN Loop-back IPv4 Tunnel IPv6 Tunnel

  10. Solid Foundation Windows Firewall w/ Advanced Security Combined firewall and IPsec management

  11. Demo Windows Firewall & IPSec 8

  12. Failover Clustering Solid Foundation NodeA NodeB Heartbeat Active Node Passive Node New Validation Wizard for server, storage & network testing Support for GUID partition table (GPT) disks in cluster storage Improved cluster setup interface Quorum resource: no longer single-point-of-failure IPv6 support Geographically dispersed clusters: accross subnets, no VLAN needed

  13. Windows Deployment Services Solid Foundation Rapidly deploy Windows operating systems Updated and redesigned version of Remote Installation Services (RIS) Server components Client components: WinPE Management components WDS Windows Vista Windows Server 2008

  14. Reliability and Performance Monitor Solid Foundation Combines functionality of previous stand-alone tools Tracks system changes Provides new functionality

  15. Deliver Rich Web-based Experiences Efficiently and Effectively Web Windows SharePoint Services Internet Information Services 7.0 Windows Media Services

  16. IIS 7.0: a robust Web & Application Server Web Web IIS 7 Highly customizable Enhanced security and reduced attack surface Administration: UI & APPCMD & shared configuration Advanced troubleshooting Delegation & true application XCOPY deployment Windows Communication Foundation (WFC) Windows Activation Service

  17. Demo IIS 7.0 new features 13 IIS 7

  18. Optimize Your Infrastructure and Improve Server Availability Terminal Services RemoteApp Virtualization Windows Server Virtualization Terminal Services Gateway

  19. Virtualization Technologies Virtualization Server Virtualization Presentation Virtualization Windows Server Virtualization • Virtualization Management Desktop Virtualization Application Virtualization

  20. VirtualHard Disks (VHD) Windows Server Virtualization Virtualization • Greater Scalability and improved performance • x64 bit host and guest support • SMP support • Increased reliability and security • Minimal Trusted Code base • Windows running a foundation role • Better flexibility and manageability • New UI/Integration with SCVMM VM 2“Child” VM 3“Child” VM 2 VM 3 VM 1“Parent” Virtual Server 2005 R2 Windows Server 2003 Hardware Windows Hypervisor AMD-V / Intel VT

  21. Application Virtualization Virtualization Application Isolation Dynamic Streaming System Center Integration Software as a Centrally-managed Service Available through…

  22. Virtualization Investments Virtualization A Multi-level Approach Licensing Infrastructure Management Interoperability Applications Terminal Services Deliver cost-effective, flexible and simplified licensing Royalty Free VHD format Create agility Better utilizeserver resources Partner with AMD and Intel Ease consolidationonto virtual infrastructure Better utilizemanagementresources Supportheterogeneityacross thedatacenter OSP (Open Specification Promise) VHD Acceleratedeployment Reduce the cost of supportingapplications

  23. Terminal Services Gateway Virtualization Perimeter Network Corporate Network Internet Strips off RDP / HTTPs RDP traffic passed to TS Tunnels RDP over HTTPs Internal Firewall External Firewall Terminal Servers and other RDP Hosts Internet Remote/ Mobile User Terminal Services Gateway Network Policy Server Active Directory DC

  24. Terminal Services RemoteApp Virtualization Remote Desktop client required Terminal Services Gateway Server

  25. Demo Terminal Service RemoteApps 6

  26. Hardens Operating System and Increases Environment Protection Read-Only Domain Controller Security Network Access Protection Federated Rights Management

  27. Remediation Servers Example: Patch Restricted Network Corporate Network Using Network Access Protection Security Policy Servers such as: Patch, AV 3 1 2 Not policy compliant 4 DHCP, VPN Switch/Router Windows Client NPS Policy compliant 5 If not policy compliant, client is put in a restricted VLAN and given access to fix up resources to download patches, configurations, signatures (Repeat 1 - 4) Network Policy Server (NPS) validates against IT-defined health policy Client requests access to network and presents current health state DHCP, VPN or Switch/Router relays health status to Microsoft Network Policy Server (RADIUS) If policy compliant, client is granted full access to corporate network 4 3 2 5 1

  28. Security Demo Network Access Protection 5+9

  29. Auto-Remediation

  30. Active DirectoryFederation Services Security Company A Company B • AD FS provides an identity access solution • Deploy federation servers in multiple organizations to facilitate business-to-business (B2B) transactions • AD FS provides a Web-based, SSO solution AD AD ResourceFederationServer Federation Trust AccountFederationServer WebServer

  31. Federated Identity support inAD Rights Management Services Security Company A Company B • Together AD FS and AD RMS enable users from different domains to securely share documents based on federated identities AD AD ResourceFederationServer Federation Trust AccountFederationServer RMS WebSSO

  32. Read-Only Domain Controller Security RODC Head Quarter Branch Office • Features • Read Only Active Directory Database • Only allowed user passwords are stored on RODC • Unidirectional Replication • Role Separation • Benefits • Increases security for remote Domain Controllers where physical security cannot be guaranteed

  33. How RODC Works Security Windows Server 2008 DC Read Only DC 3 4 2 RODC Branch Head Quarter 5 6 1 6 RODC: Looks in DB: "I don't have the users secrets" RODC gives TGT to User and RODC will cache credentials Returns authentication response and TGT back to the RODC Windows Server 2008 DC authenticates request Forwards Request to Windows Server 2008 DC 6 5 4 3 2 1 User logs on and authenticates

  34. What if a DC is stolen? Security

  35. Solid Foundation Branch Office Benefits • Optimization • DFS Replication • Security • BitLocker • Full Volume Encryption • Server Core • Read-Only Domain Controller • Administration • SOAP-based remote management (WinRM) • Restartable Active Directory Head Quarter Branch Office

  36. PKI Support Security • Built-in Certificate Service • Usage • Data Encryption • Digital Signature • Smart Card authentication

  37. Windows Server 2008: A RobustApplication Platform Application Platform .NET Framework 3.0 Windows Activation Service MSMQ 4.0 IIS 7.0

  38. Windows Server 2008 Summary Web Virtualization Security www.microsoft.com/WindowsServer2008 Modular design Less attack surface Admin delegation APPCMD Win Activation Svc Tracing & Troubleshooting NAP Read-Only DC AD RMS AD Federation Svc PKI support BitLocker Windows Virtualization TS Gateway TS RemoteApps Solid Foundation for Your Business Workloads IPv6 Failover Clustering Reliability & Performance Monitor Windows Deployment Svc Windows PowerShell Server Core Server Manager Windows Firewall with Advanced Security & IPSec

  39. More information • www.microsoft.com/WindowsServer2008 • www.iis.net

  40. Thank You! Que.Nguyen@microsoft.com

More Related