Microsoft Windows Server is the operating system that underlies the extensive range of back-end services that Microsoft offers. Some, such as the enterprise-level infrastructure supported by Active Directory or the application delivery facilities available through Internet Information Services (IIS) and the .NET Framework, are built in to the operating system itself. Others, such as email, database management and collaboration are available through server applications such as Microsoft Exchange Server, Microsoft SQL Server or Microsoft Office SharePoint Server which are available separately.
Microsoft Windows Server 2008 is the operating system’s latest incarnation and offers many features and enhancements over its predecessors, such as Windows Server 2003 and Windows 2000 Server. Upgrading brings benefits with regards to security, system management and the efficient use of resources, while new licensing options and improvements to Internet Information Services (IIS) 7.0 make Windows Server 2008 particularly effective as a platform for delivering Web applications.
More secure
Windows Server 2008 is the first server product to be built from scratch since Microsoft instigated its Trustworthy Computing initiative in 2002. One result of this initiative is the ability to perform a Server Core installation. Such an installation reduces the attack surface that a server exposes by installing only those services specifically needed for the role that the server is to play. If the server is to be used to deliver Active Directory Domain Services, for example, then there is no need to install IIS.
|
|
Other Server Core roles include DHCP Server and DNS Server, for delivering support services vital to a TCP/IP network; File Services, installing just what is needed to act as a file server; Print Server, for supporting print services; Terminal Services, which creates a server capable of delivering a full desktop interface to client machines; Windows Media Services, for creating a server optimised for the delivery of audio or video content; and Hyper-V virtualisation hosting, creating an environment in which to run virtual instances of an operating system. A server can also be set up as a Read-Only Domain Controller (RODC) for additional security, a role particularly suited to servers in locations remote from the main network.
Networks are increasingly vulnerable to contamination from mobile computers and from home computers that dial in or connect to the internal network through the Internet. Network Access Protection (NAP) is a platform that comes with Windows Server 2008, Windows XP SP3, Windows Vista and Windows 7 which allows you to ensure that client computers meet specific requirements concerning such factors as the status of any anti-virus protection installed, and whether the operating system has been patched with the latest updates.
|
Other new features such as BitLocker Drive Encryption and Cryptography Next Generation (CNG) give additional security to sensitive data. It is also worth noting that Windows Server 2008 supports hardware virtualisation in its Hyper-V permutations, allowing you to install more vulnerable outward-facing applications within virtual machines. In the event of compromise, these fully-isolated virtual machines can be shut down and quickly re-instated from clean backups.
|
If your system does go down, then it helps to know that you can restore it to a usable state as quickly as possible. An important tool here is Microsoft System Center Data Protection Manager (DPM) which uses the Volume Shadow Copy Service that is built in to Windows Server 2008 to continuously back up of data across a distributed data centre, including branch offices if necessary.
For those looking to secure their data even further, Windows Server 2008 includes Active Directory Rights Management Services (AD-RMS). RMS allows users to control who has access and editing rights over their documents, Web sites and emails, while integration with Active Directory Federation Services extends this protection across organisations.
Useful add-ons to Windows Server 2008 include Identity Lifecycle Manager 2007 which allows you to manage a user’s identity across the many different systems that might be operating in a mature organisation. ILM 2007 can work with directory services, databases and applications from many third-parties including Computer Associates, IBM, Lotus, Novell, Oracle, SAP and Sun.
There is also Intelligent Application Gateway 2007, allowing you to select which clients can access which applications. IAG 2007 is now part of the Microsoft Forefront suite.
More manageable
Windows Server 2008 makes the IT administrator’s job easier by bringing management tools together under a single console called Server Manager. This gives you all the tools you need to monitor status, identify problems and manage server roles such as Active Directory, DNS, Hyper-V virtualisation, network access policies or Web service configurations.
Windows Deployment Services (WDS) allows you to automate the installation of Windows operating systems across your network to both servers and clients, and is particularly suited to the deployment of Windows Vista and Windows Server 2008. It is included in both Windows Server 2003 SP2 and Windows Server 2008.
|
|
For those looking to go further, Microsoft System Center provides a range of tools for optimising both client and server installations within a Windows network. Microsoft System Center includes Virtual Machine Manager, Mobile Device Manager and System Center Operations Manager. Formerly Microsoft Operations Manager (MOM), this last is an agent-based system for monitoring performance and critical events across a distributed system.
|
More efficient
Built to make better use of the power-saving features found in modern processors, tests show that a default installation of Windows Server 2008 achieves power savings of 10 per cent against Windows Server 2003 under comparable workloads. However this is only part of the story.
|
Support for Hyper-V, the virtualisation technology that is available with 64-bit versions of Windows Server 2008, means you can run multiple operating system installations on a single machine. Indeed Windows Server 2008 Hyper-V allows you to run both Linux and Windows operating systems within virtual machines on the same hardware, and to combine 32-bit and 64-bit versions, opening up many possibilities for server consolidation.
Tests conducted by Microsoft comparing a standalone server running IIS7 against the same server using Hyper-V to run four instances of Windows Server 2008 and IIS7 revealed a power increase of only 3.5 per cent, despite handling four times as many active clients. Running three additional physical servers to handle the same workload would increase power consumption by a factor of four. Indeed a report conducted by IDC in March 2007 revealed that many data centres are running their servers at less than 15 per cent of their full processing capacity.
Managing such an installation is made easier with Microsoft System Center Virtual Machine Manager 2008 which gives you the facilities to move virtual machines from one server to another quickly and cleanly. It also gives you the tools to backup and restore virtual machines in their entirety, together with their data.
Many organisations find the ‘thin client’ architecture offered by Terminal Services attractive, enabling clients to access applications that are delivered from the server. Terminal Services is now a Server Core installation and has been considerably enhanced for Windows Server 2008 to make the experience more intuitive for users, and easier to manager for administrators.
Delivering web services
Although it is a general-purpose operating system, Windows Server is often deployed purely to deliver Web applications, and has proved capable of meeting the demands made on even the largest of online businesses. Core to this is of course Internet Information Services (IIS). Windows Server 2008 includes IIS 7.0 which has been redesigned from the ground up using a modular architecture which allows administrators to install only the functionality they require, so optimising performance and improving security by reducing the attack surface.
|
|
A key component of Windows Server 2008 is ASP.NET, a comprehensive runtime that pre-compiles applications for security and performance. Such applications can be written in any .NET language which means not only Visual Basic and C# but also dynamic languages such as IronPython and IronRuby. The platform includes ASP.NET AJAX which is designed to support applications based on asynchronous JavaScript and XML, a widely supported client-side technology that facilitates the construction of responsive Web sites. IIS 7.0 also includes FastCGI which means it can deliver PHP applications as well as ASP and ASP.NET, so offering new opportunities for server consolidation.
Another important aspect of a modern Web server is its ability to deliver media efficiently while maintaining the highest quality possible. For state-of-the-art streaming there is Microsoft Windows Media Services 2008, an industrial-strength platform for streaming audio and video content to clients across the Internet. Windows Media Services 2008 can be installed as a Server Core installation for creating highly secure high capacity dedicated media servers.
Alternatively, IIS 7.0 supports HTTP streaming which can be enhanced by installing the IIS 7.0 Media Pack. A particularly important feature of the Media Pack is Bit Rate Throttling which dynamically controls the speed at which media files are delivered to match their bit rate, so optimising user experience and making best use of available bandwidth. Both Windows Media Services 2008 and IIS 7.0 Media Pack are free of charge and come in 32 and 64-bit versions.
And finally, Microsoft has introduced a new licensing option in Windows Web Server 2008 which does not require a Client Access Licence if deployed solely to deliver Internet-facing services. This makes it much more competitive against non-Windows alternatives such as those based on Linux. However note that the Web edition, like the Standard edition, does not support Windows Clustering.
|
High performance computing
By comparison to the past, even a modern laptop is ‘high performance’. However those looking to run applications that require high levels of computation on massively parallel hardware still have special needs with regards to the operating system, which is where Windows HPC Server 2008 comes in. This is a 64-bit version which includes a job scheduler, together with comprehensive management facilities that can alert you of any potential problems and ensure you are making optimum use of the processors available. It supports the OpenMP and MPI standards and integrates with Visual Studio, together with associated tools such as Intel Parallel Studio, to provide a comprehensive environment for building parallel applications.
|
Windows Server 2008 R2
Scheduled for general release on 22 Oct 2009, this is a major update to the operating system. For a start, it will run only on 64-bit machines and brings support for the new features to be found in the most recent processors from Intel and AMD. It supports Live Migration, which means that virtual machines can be migrated with only a few milliseconds downtime, so rendering the operation invisible to connected users. It also comes with Virtual Desktop Integration (VDI) technology which includes Microsoft Application Virtualisation (App-V), formerly known as SoftGrid. Under App-V, an application is delivered as a network service, without requiring installation on the client in the conventional manner. App-V virtualises the user’s data and configuration settings, making the application much more stable and much easier to manage. From Windows Server 2008 R2 onwards, all editions of the operating system will come with Hyper-V technology.
There are new management tools, and support for an extensible File Classification Infrastructure (FCI) which allows administrators to manage files based on classification systems of their own design. There is greater support for the Windows 7, due for launch at the same time, including DirectAccess connectivity which allows remote users to access internal data without having to use VPN (Virtual Private Networking). Remote access is also improved through BranchCache, which directs users to a locally cached version of a file, if available. The Windows Server Backup utility has also been updated.
Licensing options
As with earlier versions of Windows Server, you must own a licence for each instance of the operating system that you are running, plus a CAL (Client Access Licence) for each user or device accessing the server. With regards to CALs, you can choose to have a CAL for every device that accesses the server, regardless of who is logged in on that device at any one time; or you can have a CAL for every named user that accesses the server, regardless of which device they use to access it. Device CALs are more economic in a ‘hot desk’ situation while User CALs make more sense where a single user might need to access the same server from an office desktop, a home computer and a laptop.
|
|
You can buy a mix of Device and User CALs, but note that CALs are specific to a particular release of Windows Server and must match or be later than the release of the server being accessed. A Windows 2008 CAL can access both a Windows 2008 and 2003 Server, for example, but a Windows 2003 CAL is not permitted to access a Windows 2008 Server.
To further confuse matters, you can choose to allocate User or Device CALs in a ‘per server’ mode to create a pool of concurrent licences for a specific server. In ‘per server’ mode there may be many more users than licences, but at any one time the number of users must be limited to the number of licences. This can be more economic in smaller systems with just a single server. On the other hand, ‘per user/per device’ CAL allocation is likely to be more cost effective where you have multiple servers as CALs allocated in ‘per user/per device’ mode are allowed to access any number of servers of the specified type that may be available on the network.
The Windows Server 2008 licence comes in a number of editions, each available in 32 or 64 bit versions with or without support for Hyper-V technology. Standard edition supports up to four processor sockets and the retail version comes with either 5 or 10 CALs. A single licence allows you to run one physical instance and one virtual instance of the operating system. Enterprise edition supports up to eight sockets and the retail version comes with 25 CALs. A single licence allows you to run one physical instance and four virtual instances (although if all the virtual instances are being used then the physical instance may only be used to manage the system.
The Datacenter edition supports up to 32 sockets (64 in the 64-bit version) and is licensed on a per processor basis. There is no retail version which means it must be bought either ready-installed on new hardware, or through a volume licensing scheme. CALs must be purchased separately. You can run one physical instance and an unlimited number of virtual instances from a single licence. There is also Windows Server 2008 for Itanium-Based Systems which is licensed in a similar fashion to the 64-bit Datacenter edition.
Additional CALs for use with any edition can be purchased in Retail packs of 5 or 20, and you will also need to buy Terminal Service CALs for those accessing the server through Terminal Services. In general, additional CALs can invariably be purchased more economically on a volume licensing scheme. Only Windows Web Server 2008 does not require you to purchase CALs, with a single licence allowing you to run one physical instance and one virtual instance, and to service any number of users providing they are accessing the server through the Internet. It is available in 32 and 64-bit versions but does not support Hyper-V.
Smaller organisations might want to consider Windows Small Business Server 2008. The Standard edition of this package installs Windows Server 2008 Standard, Exchange Server 2007 Standard, Windows SharePoint Services 3.0, Windows Server Update Services 3.0 and Microsoft Forefront Security for Exchange Server on a single server. There is also a Premium edition which allows you to install Windows Server 2008 Standard Edition and SQL Server 2008 Standard on a second server. Both come with five CALs (Standard and Premium CALs respectively) and additional CALs are available in packs of 5 or 20. Both can be purchased on volume licensing schemes, and again this option is likely to prove more economic if you require additional CALs.
If that is not sufficient then there is Windows Essential Business Server 2008. The Standard edition allows you to create up to a three-server installation handling management, messaging and security using Windows Server 2008 Standard, Exchange Server 2007 Standard, Windows SharePoint Services 3.0, System Center Essentials 2007 and Microsoft Forefront. The Premium edition adds an installation of SQL Server 2008 Standard on a fourth server. CALs are an additional purchase and can be bought in packs of 5, 20 or 50. Again, volume licensing schemes are available.
This may seem daunting, however any organisation requiring a server with at least four CALs is likely benefit from a Microsoft Volume Licensing programme. With volume licensing, the servers and CALs do not come in pre-defined packs but, subject to minimum qualifying requirements, can be obtained in the quantities that you actually require. All volume schemes offer Software Assurance, entitling you to additional benefits and keeping you up to date with the latest releases, and some allow you to spread the cost over a three-year period. See our Buyers Guide on Microsoft Volume Licensing to find the programme best suited to your organisation.