10 reasons youll

love Windows
Server
2016
Speaker name

10 reasons youll love

Windows Server 2016
Speaker name

IT is being pulled in two directions

Support business
Provide secure,
agility and innovation controlled, IT
By 2017, 50% of total IT
spending willresources
be spent
outside of the formal IT
organization

Windows Server design points

1
Provide
layered security for emerging threats
2 the software-defined datacenter
Build
3
Create
a cloud-optimized application platform

10 reasons youll love Windows Server

1.
2016
Active Directory

2. Security
3. Compute
4. Network
5. Storage
6. Remote Desktop Services (RDS)
7. Nano Server
8. Containers
9. PowerShell
10. Server Management Tools (SMT)

10 reasons youll love Windows Server

1.
2016
SECURITY

SDDC
Active Directory

2. Shielded VMs
3. Compute
4. Network
5. Storage
6. Remote Desktop Services (RDS)
APPLICATION PLATFORM

7. Nano Server

MANAGEMENT

8. Containers
9. PowerShell
10. Server Management Tools (SMT)

Security
Secure your
infrastructure
and applications
Secure privilege access with
Just In Time and Just enough
administration
Protect identity with Credential
Guard.
Breach resistance technologies
for preventing common attacks
and locking down what can run
on servers (whitelist)
Improved threat detection with
built in eventing

Shielded VMs
Run your virtual machines on
trusted hosts
Protect virtual machines from
compromised fabrics
Use TPM hardware to secure
hardware and virtual TPM to
encrypt VMs

Software defined datacenter

Compute

Storage

Rolling upgrades for no

downtime

Hyper-converged with Storage

Spaces Direct

Hot add/remove NICs/Fixed

Memory

In-box synchronous replication

More resilient to network,

storage, and compute problems

Cluster-wide quality of service

Network

RDS

Network controller for

centralized control of network
policies

Support for heavy graphics

workloads (OpenGL/OpenCL)_

Built in hyper-scale load

balancer from Azure
Distributed datacenter firewall
with enhanced security

Increased scale, running in

Azure
Enhanced deployment options
Enhanced security

Application platform
Windows Server
containers
Bring the agility and density
of containers to the
Windows ecosystem
Secure containers and
flexible servicing with
Hyper-V containers
Manage with Docker

Nano server
Just Enough OS
Ideal for cloud inspired
infrastructure
Smaller image size,
smaller attack surface,
less reboots, fewer
patches
Ideal for next generation
app development
Built for Containers and
cloud-native apps

Management
PowerShell
PowerShell Desired State
Configuration
PowerShell Direct

Server Management
Tool (SMT)
Rich Web GUI
Manage all server
installations (Nano, Core,
Full)
Servers can be on-premises
or in the cloud

10 reasons youll love Windows Server

1.
2016
Active Directory

2. Shielded VMs
3. Compute
4. Network
5. Storage
6. Remote Desktop Services (RDS)
7. Nano Server
8. Containers
9. PowerShell
10. Server Management Tools (SMT)

Privileged
Identity

Challenges in protecting credentials

Most attacks involve

gathering credentials
(PtH)
Administrative
credentials typically
provide unnecessary
extra rights for

BEN

MARY

JAKE

ADMIN

Typical administrator
Capability

Social engineering
leads to credential
theft

Time

DOMAIN
ADMIN

Windows Server 2016 approach

Credential Guard

BEN

MARY

JAKE

ADMIN

Prevents Pass the Hash and

Pass the Ticket attacks by protecting
stored credentials through
Virtualization
based Security

Just Enough and

JustTypical
in Time
administration
administrator

Administration Limits administrative

privileges to the bare-minimum
required set of actions (limited in
space)

Just in Time

Capability

Just Enough

Administration Provide privileged

access through a workflow that is
audited and limited in time

JEA + JIT =

Capability and time neededTime

DOMAIN
ADMIN

Protecting Active Directory and Admin privileges

http://aka.ms/privsec

2-4 weeks

1-3 months

6+ months

First response to the most frequently used attack techniques

3. Unique Local Admin Passwords
for Workstations
http://Aka.ms/LAPS

4. Unique Local Admin

Passwords for Servers
http://Aka.ms/LAPS

Active
Directory
Azure Active
Directory

1. Separate Admin account

for admin tasks

2. Privileged Access Workstations (PAWs)

Phase 1 Active Directory admins
http://Aka.ms/CyberPAW

Protecting Active Directory and Admin privileges

http://aka.ms/privsec

2-4 weeks

1-3 months

6+ months

Build visibility and control of administrator activity, increase protection against typical follow-up attacks

6. Attack Detection
http://aka.ms/ata

2. Time-bound privileges (no permanent

admins)
http://aka.ms/PAM http://aka.ms/AzurePIM
3. Multi-factor for elevation
Active
Directory

98725
21

Azure Active
Directory

1. Privileged Access Workstations (PAWs)

Phases 2 and 3 All Admins and additional
hardening (Credential Guard, RDP Restricted
Admin, etc.)
http://aka.ms/CyberPAW

4. Just Enough Admin (JEA)

for DC Maintenance
http://aka.ms/JEA

5. Lower attack surface

of Domain and DCs
http://aka.ms/Harden
AD

Protecting Active Directory and Admin privileges

http://aka.ms/privsec

2-4 weeks

1-3 months

6+ months

5. Shielded VMs for virtual

Build visibility and control of administrator activity, increase protection against typical follow-up attacks DCs (Server 2016 HyperV Fabric)
http://aka.ms/shieldedvm
1. Modernize Roles and
s
Delegation Model

Active
Directory
Azure Active
Directory

2. Smartcard or Passport
Authentication for all admins
http://aka.ms/Passport

3. Admin Forest for Active

Directory administrators
http://aka.ms/ESAE

4. Code Integrity Policy

for DCs (Server 2016)

In box Azure MFA

No on-premises MFA server
needed
Use as primary or additional
authentication method
Configure AD FS farm via PSH
Then enable Azure MFA in AD FS policy (like you
would with other providers)

Users must proof up in

AAD/O365 (no inline proofing
in the AD FS user experience)

Protect
infrastructure
and applications

Challenges in protecting the OS

New exploits can attack
the OS boot-path all
the way up through
applications operations
Known and unknown
threats need to be
blocked without
impacting legitimate
workloads

Windows Server 2016 approach

Control Flow Guard
Protects against unknown
vulnerabilities by blocking
common attack vectors

Windows Defender
Actively protects from known
malware without impacting
workloads

Code Integrity
Ensure that only permitted
binaries can be executed from the
moment the OS is booted

Shielded VMs

Protect virtual machines

Any compromised or
malicious fabric
administrators can
access guest virtual
machines
Health of hosts not
taken into account
before running VMs
Tenants VMs are
exposed to storage and
network attacks
Virtual Machines cant
take

Host OS

Customer
Guest VM

Customer
Guest VM

Healthy
host?

Storage

Hypervisor

Hypervisor

Fabric

Fabric

Windows Server 2016 approach

Shielded VMs

BUILDING PERIMETER
COMPUTER ROOM

Use BitLocker to encrypt the disk and

state of virtual machines protecting
secrets from compromised admins &
malware

Host Guardian Service

Attests to host health releasing the
keys required to boot or migrate a
Shielded VM only to healthy hosts

Generation 2 VMs
Supports virtualized equivalents of
hardware security technologies (e.g.,
TPMs) enabling BitLocker encryption for
Shielded VMs

Physical machine

Server
Administrator
Storage
administrator
Network
administrator
Backup
operator
Virtualization-host
administrator
Virtual machine
administrator

HYPER-V

HYPER-V

Virtual machine

Shielded
virtual machine

*Configuration dependent

Decryption keys controlled by external

system
Cloud/Datacent
er

Host OS

Guest VM

Guest VM

Guest VM

Hypervisor

Hyper-V Host 1

Fabric
Controller

Host OS

Guest VM

Guest VM

Please sir, may

I have some
keys?

Hypervisor

Hyper-V Host 2
Host OS

Guest VM

Guest VM

Key Protection
Hypervisor

Hyper-V Host 3

Host Guardian Service

Key release policy for trusted

environment
Key release criteria
Cloud/Datacent
er

Host OS

Guest VM

Guest VM

(TPM-mode)
1.Known physical machines
2.Trusted Hyper-V instance
3.CI-compliant configuration

Guest VM

Hypervisor

Hyper-V Host 1

Fabric
Controller

Host OS

Guest VM

Guest VM

Sure, I know
you and you
look healthy

Hypervisor

Hyper-V Host 2
Host OS

Guest VM

Guest VM

Key Protection
Hypervisor

Hyper-V Host 3

Host Guardian Service

Compute

Confidently virtualize anything

On-premises orAzure

Microsoft software-defined compute

Frictionless
cloud-cadence
infrastructure
upgrades

Rolling upgrades
without downtime (no
new hardware needed)
Mixed-mode clusters
Hot add/remove Fixed
Memory and vNIC
RDMA and PacketDirect
(40+Gb Ethernet)

Benchmark-setting
scale, performance,
and resilience

Best-in-class support
for Linux on Hyper-V

Mission-critical scale:
SQL, Exchange,
SharePoint, SAP, Oracle

Broad distribution
support, including:
RHEL, SLES, Ubuntu,
CentOS
Networking
performance: hot
add/remove vNIC and
in-guest vRSS

High-performance: live
migration and
StorageQoS
Maximum availability:
guest clustering

Optimize workload availability and

performance
Resilience to transient
Hyper-V cluster
storage/network failures

Designed for cloud-scale environments, this helps

preserve VM session state in the event of transient
storage or network disruptions

Guest cluster availability

enhancements
Online resizing, host-level backups, and Hyper-V Replica
support

Effectively control workload

performance with
built-in Storage QoS
Simple out-of-the-box behavior that mitigates noisy

Node 1

Node 2
VHD

Storage
resilience

Best-in-class Linux support on Hyper-V

Spotlight capabilities
Broad support: Run Red Hat, SUSE, OpenSUSE,
CentOS, Ubuntu, Debian and Oracle Linux, with full
support
Increased utilization: Run Windows and Linux sideby-side, driving up utilization and reducing hardware
costs
Enhanced networking: Highest levels of networking
performance in Linux guests with virtual Receive Side
Scaling (vRSS) support
Storage enhancements: Hot-add and online-resize of
storage for enhanced administration flexibility
Better protection: Better-than-physical backup
support for virtualized Linux guests on Hyper-V
Simplified management: Single experience for
managing, monitoring, and operating the infrastructure

Cluster OS rolling upgrade

Mixed OS mode is a new transition state for Failover
Clusters
Optimizations dont run
New features are not available
Do not plan on running your cluster in Mixed OS Mode for longer than one month
System Center 2016

Windows
Server
2012 R2

Mixed
OS Mode

Windows
Server
2016

Failover
Cluster

Failover
Cluster

Failover
Cluster

2012 R2 & 2016

Networking

Key customer challenges

Agility
I need to onboard workloads with complex policies in
days not weeks to remain competitive. Azure does it
in seconds, why cant we.

Security
I dont want my workloads to be breached. If breached,
I must respond FAST. In seconds, not days.

Flexibility
I want to move my workloads into the cloud. I might
change my mind and move them back on-premises
tomorrow. I need a flexible cloud on my terms.

App Template
(network policies)

Back-End
10.3.0.0/24

Front End
10.1.0.0/24

Front-End VIP
Network
204.79.0.0/24

Middle-Tier
10.2.0.0/24

Agility with
the
Network

Dynamic Security
Segment your
(virtual) network
based on workload
needs
Apply policies (ACLs)
for traffic within a
segment, and across
segments
Route or Mirror
traffic to non-

On Premises 10.0/16

Internet

VPN

VPN
GW

Backend
10.3/16

Virtual
Networ
k

Fronten
d
10.1/16

Mid-tier
10.2/16

Security
Applianc
e

Security
Applianc
e

Hybrid flexibility
Woodgrove HQ

Public Cloud
MPLS

Exchange

WA
N

MPLS

MPLS Router

Public
internet

Contoso HQ

BGP

SQL Farm

GR
E

Gateway
(Internet Edge)

nnel
S2S Tu

VXLAN or NVGRE based

overlays for workload mobility
S2S, GRE, or VLAN gateways
for hybrid connectivity
Cloud on YOUR terms your
workloads, anywhere

30
N
A
VL
40
N
A
VL

Tu
nn
el

BGP

Contoso VNet

Gateway VM Pool

Woodgrove VNet

SDN capabilities in WS 2016

Network controller

Robust gateways

Central control plane

Fault tolerant
Network monitoring

M:N availability model

Multi-tenancy for all modes of operation
BGP Transit Routing

Virtual networking

Software load
balancing

BYO address space

Distributed routing
VXLAN and NVGRE

Network security
Distributed Firewall
Network Security Groups
BYO Virtual Appliances

L4 load balancing (N-S and E-W) with

DSRNAT
For tenants and cloud based infrastructure

Data plane
advancements
Performance: 10G, 40G, and beyond!
RDMA over Virtual Switch

Consistency with Azure in UI, API, and Services

Storage

Choice: on-premises storage

Microsoft offers industry leading portfolio for
building on-premises clouds
Microsoft embraces your choice of storage
Microsoft offers solutions to reduce storage
costs
File Based
Hyper-Converged SAN Alternative
Block Storage
Cloud Fabric
Storage

Storage Spaces Direct

Storage Spaces

Fibre Channel/iSCSI/FCoE

SMB3

SAN Partners

NAS

Microsoft Azure
Stack/Object Storage

Hyper-converged with Windows Server

2016
Storage spaces
direct
Cloud design
points and management

Standard servers with local storage

New device types such as SATA and NVMe SSD
Prescriptive hardware configurations
Deploy/manage/monitor with SCVMM, SCOM & PowerShell

Reliability, scalability, flexibility

Fault tolerance to disk, enclosure, node failures

Scale pools to large number of drives
Simple and fine grained expansion
Fast VM creation and efficient VM snapshots

Simplifying the datacenter

Collapsing Storage and Compute
Removes storage area network
Storage controller is a software service

Hyper-converged Infrastructure

Converged software-defined storage

Storage spaces

Hyper-V Cluster

Low cost NICs at scale

Inexpensive
Ethernet for
storage fabric
NAS head

SMB3 storage network fabric

Scale-out File Server

Elastic, reliable,
optimized with storage
spaces

Shared JBOD
Storage

System Center

Flexibility: Compute and Storage

scale independently
Scalability: Ability to scale each
layer for the highest demands
Manageability: Segments layers
to admin roles

Scale-out compute with

low-cost commodity
servers

Choice: partner SAN

Cloud Powered SAN
Azure Site Recovery (ASR) management of
hardware replication and cross-site failover
Backup of traditional storage array to the cloud

Hyper-V

Single Pane of Glass Management

End-to-end management with SCVMM

SMAPI for broad ecosystem interoperability
Deep health and availability insight of storage
Storage QoS for control of noisy neighbors

Reducing Disaster Recovery Costs

In-box software replication with Storage Replica
Lowering RPO with both sync and async
replication
Lowering RTO with Stretch Cluster and ASR
automation

Fibre Channel/iSCSI/FCoE
Storage Array(s)

Managed by
r
System Cente

Resilient File System (ReFS v2)

Data integrity
Metadata checksums
Checksum verification
Automatic corruption detection and healing

Resiliency and availability

Designed to stay online
Online repairs
On volume metadata backups

Speed and efficiency

Efficient VM checkpoint and backup
Accelerated VM file creation
Low impact

Storage Replica
Synchronous replication: Storage agnostic
mirroring
of data in physical sites with crash-consistent
volumes ensuring zero data loss at the volume
level.
Increase resilience: Unlocks new scenarios for
metro-distance cluster to cluster disaster
recovery and stretch failover clusters for
automated high availability.
Flexible: Server to server, cluster to cluster,
and stretch cluster. Local disks, Storage Spaces
Direct, clustered disks. NTFS, REFS, CSVFS. TCP,
RDMA. Synchronous and asynchronous.
Streamlined management: Graphical
management for individual nodes and clusters
through Failover Cluster Manager and Azure Site
Recovery. Full PowerShell and SMAPI support.

Site 1

Site 2

Cloud Fabric storage features

Resilient and diagnosable
VM storage resiliency preserve tenant VM session state in the event
of transient storagedisruption
Storage health monitoring one place to look for all storage health events

Efficient at cloud scale

File system ReFS delivers highest levels of scale and resiliency for
virtualization
Deduplication scale-out optimized for lowest $ per GB

Multi-tenant control and security

Storage quality of service QoS control and manage noisy neighbors
SMB security pre-authentication integrity to prevent tampering and
man-in-the-middle attacks

Cloud consistency and availability

Blob storage run cloud born apps on-premises or in Azure
Rolling upgrades cloud design points to for no downtime upgrades

Remote Desktop
Services (RDS)

Key Windows Server 2016 RD

investments
Increased performance
and app compatibility
graphics improvements
Enhanced scale
management connection
broker, shared
SQL connections
Optimized for cloud
efficient and secure

vGPU evolution
Server 2008
R2
vGPU

Server 2012

Server 2016

vGPU

Server 2012
R2
vGPU

Hyper-V integration

DX 11.0

DX 11.1 support

DX 9 support

VM connect with
vGPU

Higher video memory

OpenGL & OpenCL

API

GPU management

2560 x 1600
resolutions
HCK conformant

vGPU

1GB dedicated VRAM

4k resolution
Server VM support
Improved
performance
DDA
Full API Support
Multiuser RDSH
Support

Graphics enhancements vGPU

2 ways to support vGPUs in WS 2016; DDA is new and differentiated

REMOTEFX VGPU

DIRECT DEVICE ASSIGNMENT

Para-virtualized

1-1 Assignment to GPU

OpenGL/OpenCL/DX11

Full API support

1GB VRAM/ 4K res

Azures N-Series VMs supported

~30fps

~60fps

Best scale

Low scale

Host: WS 2016, Win 10

Host: WS 2016

Guest: WS 2016, Win 10, Win 7 SP1, Win

8.1

Guest: WS 2016, WS 2012r2, Win 10

w/November update and Linux

Graphics enhancement Codec

investments
High Quality 4:4:4 mode using
standard H.264/AVC 4:2:0
hardware decoders
Enabled by default for RemoteFX vGPU RDP 10
sessions
Group Policy to enable on Windows 10 1511
& Windows Server 2016 TP4

Windows 10 Remote Desktop

Clients use Hardware
H.264/AVC decoder when
available

High availability connection broker

Use existing SQL Server cluster
or Azure SQL DB
Improved connection handling
performance, 10K+concurrent
connection requests supported
in
log on storm situations

Optimized server VM architecture for

the cloud
RDS 2012R2
Infrastructur
e:

7 Role Services

8 VMs

RDS 2016+:
4 Role Services
2 VMs

AAD App Proxy

removes external
endpoints on RDGW
VM so RDCB, RDLic
can be combined into
one VM since the VM
is no longer exposed
to the public internet

Nano Server

Nano Server: Just Enough OS

Optimized for next-gen
distributed applications

Third-party
applications
RDS
experience

Higher density and reduced attack surface

and servicing requirements
Next-gen distributed app frameworks

Traditional
VM
workloads

Interoperate with existing server

applications

Full GUI
Specialized
workloads

Containers
and modern
applications

Nano Server
Just Enough
OS

Server Core
Lower
maintenance
server
environment

Nano Server: Next step in our cloud

journey
Zero-footprint model
Server roles and optional features live outside of Nano
Server
Standalone packages that install like applications

Key roles & features

Hyper-V, Storage (SoFS), Clustering
IIS and DNS Server available in TP4
Core CLR and ASP.NET 5

Full Windows Server driver support

Antimalware optional package
System Center VMM and
OM agents supported

Remotely managing Nano Server

Not Command Line only

Server Manager
Hyper-V Manager
Failover Cluster Mgr
PerfMon, Event Viewer, etc.
Server Management Tools (SMT) new web-based
remote GUI
PowerShell Core

Nano Server Cloud application

platform
Born-in-the-cloud application support
Subset of Win32
.NET Core and ASP.NET Core
PowerShell Desired State Configuration (DSC)
PackageManagement (aka OneGet)
Open Source Application Frameworks

Available as OS everywhere
Host OS for physical hardware
Guest OS in a VM
Windows Server containers
Hyper-V containers

Nano Server Developer experience

Nano Server has a full
developer experience,
unlike Server Core
Windows SDK & Visual
Studio 2015 target Nano
Server
Rich design-time
experience
Project template, full IntelliSense,
error squiggles, etc.

Containers

Containers

A new approach to build, ship, deploy, and instantiate

applications

Physical

Virtual

Applications traditionally built

and deployed onto physical
systems with 1:1 relationship
New applications often
required
new physical systems for
isolation
of resources
Higher consolidation ratios
and betterutilization
Faster app deployment than
in a traditional, physical
environment
Apps deployed into VMs with
high compatibility success
Apps benefited from key VM
features; i.e., live migration,
HA

Package and
run apps
within

containe
rs
Physical/Virtual

Key Benefits
Further accelerate of app deployment
Reduce effort to deploy apps
Streamline development and testing
Lower costs associated with app
deployment
Increase server consolidation

Why Containers?

Applications are fueling innovation in todays cloud-mobile

world

Developers

Operations

Containers unlock ultimate

productivity and freedom
Enable write-once, run-anywhere
apps
Can be deployed as multi-tier
distributed apps in IaaS/PaaS
models
Containers offers powerful
abstraction for microservices
Enhances familiar IT deployment
models
Provide standardized environments
for development, QA, and
production teams
Abstract differences in OS
distributions and underlying
infrastructure
Higher utilization and compute
density

DevOps

Integrate people, process, and tools

for
an optimized app development
process
Operations focus on standardized
infrastructure
Developers focus on building,

Windows Server Containers

Anatomy and key capabilities

Spotlight capabilities
Build: Developers will use familiar development
tools, such as Visual Studio, to write apps to run
within containers
By building modular apps leveraging containers,
modules can scale independently, and be updated
on independent cadences
Run: Container capabilities built into Windows
Server
Manage: Deploy and manage containers using
PowerShell, or using Docker
Resources: Define CPU and memory resources
per container along with storage and network
throughput
Network: Provide NAT or DHCP/static IP for
networkconnectivity

Container A

Container B Container C

Web tier

App tier

DB tier

LOB app

LOB app

LOB app

(+Binaries)

(+Binaries)

Libraries

(Shared across containers)

Host OS

(+Binaries)

Libraries

w/Container Support

Server

(Physical or Virtual)

Windows Server Containers

Creation, deployment, and management
Developers update, iterate,
and deploy updated
containers

Physical/Virtual Servers
3

Operations collaborates with

developers to provide app metrics
and insights
Developers build and
test apps in containers,
using development
environment;
i.e., Visual Studio

Containers pushed to
central repository

Operations
automates
deployment and
monitors deployed
apps from central
repository

Hyper-V Containers
Anatomy and key capabilities

Spotlight capabilities
Consistency: Hyper-V containers use the same
APIs as Windows Server containers ensuring
consistency across management and
deployment toolsets.
Compatibility: Hyper-V containers use the
exact same images as Windows Server
containers
Strong isolation: Each Hyper-V container has
its own dedicated copy of the kernel
Highly trusted: Built with proven Hyper-V
virtualization technology
Optimized: The virtualization layer and the
operating system have been specifically
optimized for containers

Hyper-V Container

Hyper-V Container

App A

App B

Bins/Libraries

Bins/Libraries

Windows Guest OS

Windows Guest OS

Optimized for Hyper-V

Container

Optimized for Hyper-V

Container

Hypervisor
Server

Docker integration

Joint strategic investments to drive containers forward

Docker: An open source
engine that automates the
deployment of any
application as a portable,
self-sufficient container that
can run almost anywhere
Partnership: Enable the
Docker toolset to manage
multi-container applications
using both Linux and
Windows containers,
regardless of the hosting
environment or cloud
provider

Strategic investments

Customer
Datacenter
Dockerized app

Windows
Server
container

Run anywhere
Linux
container

Docker

Investments in the next wave

of Windows Server
Open source development of the
Docker Engine for Windows
Server

Microsoft
Azure

Service
Provider

Azure support for the

Docker Open Orchestration APIs
Federation of Docker Hub
images into the Azure Gallery
and Portal

PowerShell

Key problems PowerShell addresses

Pace of change increasing,
ever-faster solution delivery
needed. Solutions must
span on-premises, hybrid,
& cloud. DevOps methods
promise to help,
how to make the transition?

Easier, faster automation with

Code Sharing: PowerShell Gallery, PowerShellGet,
PowerShell
Github

Editing ISE improvements

Debugging Remote debugging, DSC debugging
Security Auditing, Just Enough Administration (JEA)
Improving information
Delivering doc updates faster via Github.Com/Powershell
Microsoft.com/PowerShell: the hub for PowerShell information

Enabling transition to DevOps

DevOps: a set of practices emphasizing collaboration &
communication between SW developers and IT pros
while automating software delivery and infrastructure
changes. Leverages tools to automate build,
validation, & configuration.
PowerShell in Windows Server 2016 Provides
Desired State Configuration (DSC) defining configuration as code
Security Improvements Auditing, Just Enough Administration (JEA)
Package Management
PowerShell classes integrates dev practices configuration and automation
PowerShell Script Analyzer best practice analysis tool
Pester PowerShell validation

Same approach, everywhere

PowerShell manages your environment
Gallery contains Dell, Citrix, VMWare, AWS, Azure, SQL cmdlets
PowerShell DSC runs on Linux

PowerShell is a platform
Partners include Chef, Puppet, Ansible, Octopus

PowerShell is on Nano Server

Nano is managed with PowerShell, configured with DSC

PowerShell 5 ships where you need it

Windows 10, Windows Server 2016
WMF5.0 for Win7, Win8.1, Server 2008r2, 2012, 2012r2

PowerShell eases moving the cloud

Azure PowerShell cmdlets, Azure DSC Extensions

Server
Management
Tools (SMT)

Overview
Nano Server provides Just Enough OS to reduce the
security and servicing footprint of the OS, but removes
the familiar local GUI that many admins use
Server management tools is a free toolset, hosted in
the Azure portal, that ensures that you can manage
any Windows Server 2016 instance remotely, alongside
PowerShell or your other
management tools
Deployment is as simple as installing a software
gateway in your infrastructure, then adding machines

Remote Server management tools

Web-based and cross-platform
Includes replacements for localonly tools, including:
Task Manager
Registry Editor
Event Viewer
Device Manager
Sconfig
Control Panel
Performance Monitor
Disk Management
Users/Groups Manager
File Explorer

Also manages Server Core

and Server with GUI

Use cases
Single location to visualize machines on-premises or
hosted within Azure, and accessible no matter where
the admin is
Provides management tools for GUI-less Nano Server,
ensuring that admins can continue to use familiar UX
to manage their machines despite local GUI being
removed
Supports cross-platform management allowing admins
to use their client of choice to manage Windows Server
The service will continue to be updated frequently,

Getting started with

Windows Server 2016

Resources

Download the evaluation

- https://www.microsoft.com/enus/evalcenter/evaluate-windows-server-technicalpreview

Get the documentation

- https://technet.microsoft.com/enus/library/mt126143(v=ws.12).aspx

Watch the more in-depth technical

videos
- https://channel9.msdn.com/Blogs/windowsserver

Keep in touch with us on Twitter or the

Windows Server Blogs
www.Microsoft.com/WindowsServer2016

 2016 Microsoft Corporation. All rights reserved.