• Embed Doc
  • Copy Link
  • Readcast
  • Collections
  • 1
    CommentGo Back
Download
 
 
Windows Server 2008
An Introductory Overview 
Lori M. SandersManaging Senior PartneriSolve Consulting Group
1-800-843-8733www.learningtree.ca
© 2007 Learning Tree International. All Rights Reserved.
 
I. Introduction .................1II.Windows Server 2008 Family 2III.Security Enhancements 2
Identity and Access Controlin 2008 . . . . . . . . . . . . . . . . . . . . . . . . 2Active Directory FederationServices (ADFS) . . . . . . . . . . . . . . ..2Active Directory RightsManagement Services (AD RMS) . ..3Network Access Protection (NAP) . . ..3BitLocker Drive Encryption . . . . . . . ..4Windows Server Core Deployments . ..4• Read-Only Domain Controllers(RODC).. . . . . . . . . . . . . . . . . . . . . . . 5Domain Password Policy Changes.. . . 5Auditing Enhancements . . . . . . . . . . . 5
IV. Maintaining High Availability . . . . 5
Failover Clusters . . . . . . . . . . . . . . . . . 5Network Load Balancing (NLB) . . . . . 6Distributed File System (DFS) . . . . . . 6Virtualization . . . . . . . . . . . . . . . . . . . 7Windows Server Backup . . . . . . . . . . . 8Restartable AD Services . . . . . . . . . . . 8Terminal Services . . . . . . . . . . . . . . . . 9
V. Manageability . . . . . . . . . . . . . . . . 9
Server Manager . . . . . . . . . . . . . . . . . 9PowerShell . . . . . . . . . . . . . . . . . . . . 11Windows Deployment Services(WDS) . . . . . . . . . . . . . . . . . . . . . . . . 11Log and Event Consolidation . . . . . . . 11
VI. Conclusion . . . . . . . . . . . . . . . . . . 11Books and Web Sites . . . . . . . . . . . . . . 12About Learning Tree International . . . . 13About the Author . . . . . . . . . . . . . . . . . 13
I. Introduction
 
 As the world awaits the launch o another Microsotoperating system, administrators, managers andproessionals are asking, “Do we really need it?”The answer to that question is: It depends on yourorganization’s needs and goals. One way to determine whether Windows Server 2008 is worth spending time,energy and corporate budget on is to learn what thenew operating system can do or you. There are many interesting things to talk about in this product, and thepurpose o this White Paper is to give you an overview o the most important new or improved eatures. When you nish reading the Paper, you will have a good ideao what Windows Server 2008 oers and it can be usedin your organization. You will also nd additionalresources and Web links at the end. As a longtime server administrator, I see three areaso unctional improvement in Windows Server 2008—security, manageability, and availability. Althoughsome o the new tools and capabilities available oerbenet in more than one area, I will rame them withinthe context o these three boundaries.Many o the components we will cover in the nextpages are new to the product line, others rst becameavailable in Windows Server 2003 R2. Some are simply renements and rebranding o existing Windows 2000, Windows Server 2003 or Windows Vista capabilities. Inall cases though, I think you will nd this generation o Microsot Server easier to deploy, manage and maintainthan any o its predecessors. So let’s get started!
TABLE OF CONTENTS
1
Windows Server 2008 – An Introductory Overview 
LEARNING TREE INTERNATIONAL
 
White Paper
1-800-843-8733
www.learningtree.ca
© 2007 Learning Tree International. All Rights Reserved
 
II. Windows Server 2008 Family
Beore diving into product improvements, let’s havea quick look at the entire product line. The WindowsServer 2008 amily looks much like the WindowsServer 2003 collection o products. You have ourmajor versions available or purchase. They are WebServer, Standard, Enterprise and DataCenter editions.Each o these editions is available or either 32 or 64bit platorms. DataCenter will also be available orthe IA-64 architecture. As with Windows Server 2003, the product you choosedepends on the size o your organization and theunctionality that you want to employ. Below we havea comparison o some o the basic eatures included ineach server edition. Naturally, until the product is actually released to manuacturing (RTM) early next year, nothing is written in stone. And, as mentioned earlier, i you areamiliar with the Windows Server 2003 product line, you will see that the new server product line is marketed with similar organizational limits in mind.
Standard Edition
—Provides undamental serverunctionality; intended or use in small to medium-sized organizations; includes key server roles andeatures; and supports ull or server core only installations. Can be used as an Active Directory (AD) domain controller (DC).
Enterprise Edition
—Same unctionality asthe Standard Edition, plus technologies that aregenerally more important in larger enterprises suchas Active Directory Federation Services (ADFS)and Failover Clustering.
DataCenter Edition
—Same unctionality as the Enterprise edition, plus unlimited virtualization rights and support or robust servers with large amounts o RAM and a larger numbero processors.
Web Server 2008
—Like Web Server 2003, alimited version o the operating system designed tobe used as a Web and application server only; has a very limited set o server roles; cannot be used as a Active Directory server; does not have the option toinstall just the server core; and supports less RAMand ewer processors.
III. Security Enhancements
Let’s begin our discussion o new capabilities with atopic near and dear to every IT proessional’s heart:keeping our servers secure and our corporate dataprivate. Windows Server 2008 has implementedseveral new eatures and provided improvements toexisting eatures that will assist in achieving thisgoal. Many o these eatures will someday end up asindividual chapters in a security textbook, but we willdiscuss them at a higher level. Again, at the end o thePaper, you will nd a list o hyperlinks and resources todeepen your knowledge o any o the security eaturesmentioned here.
Identity and Access Control in 2008
 In any organization, one o the rst security tasks weneed to undertake is to establish and secure a perimeteraround our network. In Active Directory, we do this by delineating domains and orest structures, and making sure that everyone who is allowed into our perimeterhas a valid sign-on. This is a relatively simple process,as long as everyone who needs access to your data is within this perimeter. But what happens when youhave customers, suppliers or partners that are outside your orest? In the past, that situation could be amanagement and security nightmare. Microsot hasimplemented two technologies to assist with maintaining sign-on and resource security when using extranets:
Active Directory Federation Services (ADFS)
 ADFS was rst introduced in Windows Server 2003R2. In Windows Server 2008, ADFS is implementedas a server role that is capable o providing identity management or extranet customers that are calledederation partners. ADFS allows browser-basedclients to access Internet applications even whenthe user account and application are located inseparate orests. ADFS allows a user to authenticateto multiple Web applications using a single sign-on. ADFS uses a new type o trust, called a ederationtrust, to securely share user identity and rightsinormation between ederation partners.How is this dierent than simply creating an externalor orest trust between the two organizations? I  we create such a trust, the entire external domain
2
Windows Server 2008 – An Introductory Overview 
1-800-843-8733
www.learningtree.ca
 
LEARNING TREE INTERNATIONAL
 
White Paper
© 2007 Learning Tree International. All Rights Reserved
of 00

Leave a Comment

You must be to leave a comment.
Submit
Characters: ...
01 / 16 / 2010This doucment made it onto the Rising List!
You must be to leave a comment.
Submit
Characters: ...