This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Windows Sever 2008 is the latest Windows Server OS. Microsofts first Server Operating System Windows NT Advanced Server was released in 1993 a basic Network OS. In 1994 NT Server 3.5 was released followed by NT Server 3.51 in 1995. NT Server 4 was released in 1996 then NT 4 Enterprise edition in 1997. In the year 2000 Windows Server 2000 was introduced and brought with it big changes including he introduction of Active Directory Services. In 2003 Server 2003 was released and included .net framework for the first time and Active Directory was improved and enhanced. Windows Server 2008 is the latest release and brings improvements and enhancements yet again which include Security, Server Core, New Active Directory features, Self Healing NTFS, Improved Backup to allow restore to bare-metal hardware, Failover Clustering, Hyper-V, roles-based server management tool Server Manager Powershell, Much improved IIS and enhanced Terminal Services.
Security within Windows Server 2008 is higher and better than any previous release, security features include Network Access Protection, Active Directory Federal Rights Management and Read Only Domain Controller. These features combined give unprecedented network and data protection within the domain.
Network Access Protection is designed to prevent machines from accessing the network should they have viruses or they don't meet healthy requirements set. Effectively this will prevent a computer with a virus or spyware from connecting to the network until it has been repaired or updated to comply with the rules before it can connect to the network again. This may be particularly useful where for example Laptop users who travel and have the freedom to connect to the interenet externally or other networks etc.
The Read only Domain Controller is introduced and means that where a Domain controller cannot be locked away in a secure environment security risks can be reduced. The read only DC allows users to authenticate to the network and login to the domain however they are different to standard Domain Controllers in that they can be configured to store only a small number of usernames and passwords in the database limiting what could potentially be stolen and hacked. For example there may be a remote site with only 8 employees and these 8 employees user details can be stored in the local Read Only DC ensuring that the rest of the company usernames and passwords are secure should the server be stolen or hacked into.
ADFS (Active Directory Federation Services) is a highly secure identity solution that controls access over multiple environments and supports browser based clients within and outside the network. This ensures security for internet facing applications allowing access and collaboration from different networks and organisations. Basically allows organisations to colaborate data securely using their current existing users and accounts.
Windows Server 2008 has Server Core installation which is basically a significally reduced versionof the OS. This makes the server low maintenance although it offers limited functionality. There is no windows explorer shell and all maintenance and configuration tasks are carried out at command line or can be carried out using the remote management console. There are some items available for example Notepad, Regional Settings and a number of control panel applets. Many features are unavailable with server core, Internet Explorer and Windows Powershell just being 2 examples. The Server Core installation can be setup and configured for a number of basic roles including Domain Controller - Active Directory Domain Services, IIS Web Server, DHCP and DNS server and Virtual Server. Clustering can also be setup and using clustering failover ensures that the services have a very high availability. The Server Core version reduces the risk of security threats and attacks such as hacking and viruses. A high percentage of vulnerabilities from Server 2003 would not have an impact or affect Server Core edition.
Andrew Mason, a program manager on the Windows Server team, noted that a primary motivation for producing a Server Core variant of Windows Server 2008 was to reduce the attack surface of the operating system, and that about 70% of the security vulnerabilities in Microsoft Windows from the prior five years would not have affected Server Core.
Active Directory in Server 2008 has several new features which improve and simplify security and DR (disaster recovery). There are additional admin tools and there is more flexibility running Active Directory.
The Read only Domain Controller has been introduced and is described previously under Security
Active Directory Snapshots can be taken with Server 2008. This allows the administrator to look at the catalog and how it looked the previous day, week or month using a dsamain program. Applications can be used to retrieve data from an older version of the AD catalog to enable an object deleted in error to be restored in a relatively simple fashion. In Server 2008 R2 the AD recycle bin is introduced which is a command line interface tool that allows a deleted user or object to be restored.
Fine Grained Password Policies are also a feature of AD in Server 2008. Maintaining user passwords is the most important task of Active Directory, in Server 2008 different password policies can be applied to different users and groups. This allows more control and stricter password rules for more important user accounts with more access levels on the network. Pre-Server 2008 only 1 policy could be applied to the entire domain. It is also important to apply a strict special password policy on accounts that synchronise with other data sources. Enforcing a complex password with special characters makes it harder to crack passwords, there are phenominally more possible password combinations as opposed to 400,000 passwords if using plain English words from a dictionary. Using Brute Force to crack a password which consists of a word from the English Language is very simple in comparison to cracking a complex password. Not having a password would not be much worse than using an English word.
The self healing NTFS feature enables you to maintain the filesystem unobtrusively and online without the need to run the chkdsk.exe command. In previous versions of OS before Windows Vista if the system detected any corruptions in filesystem they would be marked dirty and the only way to repair these was to take the system offline. CHKDSK would then be ran to check and repair any errors in the filesystem. Chkdsk is intrusive and needs to be run on unmounted volumes which disrupts services. Self-Healing NTFS protects the entire filesystem efficiently and reliably and by default it is enabled. If there is a major file problem a notification and details of possible solutions are displayed. File or Data errors and inconsistencies are fixed automatically with only the affected data files and folders being unavailable during repair and without the entire volume/system being taken offline. The OS also features SMART detection to identify if and when a hard disk may be likely to fail.
A new Windows Backup technology is included with Windows Vista, Wondows 7 and Server 2008. In previous OS versions disaster recovery could be difficult if a server failed due to hardware where a different server with different hardware is used to recover. With the new backup system 'Windows Server Backup' is a baremetal backup. The baremetal allows a totally different server with different hardware to be installed and the server backup restored on the new hardware. The new server will act exactly the same as the old server that it is replacing. The backup cannot be carried out on tape and needs either a network location or a local disk to backup to.
Hyper-V is a major part of Microsoft's virtualization strategy, servers are virtualised in on an operating system kernel layer. A single server can be partitioned into several smaller partitions and acts as a Xen hypervisor host to permit Xen enabled Operating Systems to be run virtualised. Hyper-V was only released as a beta version initially with some 32 bit and 64 bit editions, however the final version is now available as a free download from Microsoft. There is a standalone version which supports 32 and 64 bit however 32 bit Server 2008 cannot run the integrations it can only run Hyper-V Tools and Manager Console.
Server Manager is new and is the roles based management tool for Windows Server 2008, it is basically Manage Your Server and Security Configuration Wizard from Server 2003 combined. Configure My Server launches by default within Server 2003 and Server Manager is now used for this, it is enhanced and instead of being used to configure new roles Server Manager acts differently. It puts together all the operations that would be ran on the server by users and displays a portal style view of the status for every role. Manage Your Server acts more like a starting point for setting up and configuring new roles. Applications and components are found within Server Manager as a Role or Feature where previously they were in Add/Remove Programs in the control panel. Server manager has many tasks and features and Event Viewer is one of these, with Event Viewer in Server 2008 you can customize views.
TCP and IP have been changed, the Windows IP stack now includes Ipv6 which is the up and coming internet protocol. Windows has not supported the maximum size of data blocks allowable over the internet pre-Windows Vista. Although Vista, Windows 7 and Server 2008 support the TCP data blocks some network equipment may not and in some cases can actually slow the network performance down. Network Access Protection is a feature that is in it's early stages and will be developed to protect the network from laptop users who have been outside the organisation and are more exposed to malware and viruses. Secure Socket Tunneling protocol is a feature built in which uses SSL Secure Socket Layer technology VPN. This technology is well trusted whereas previous technology used by Microsoft was their own encrypyion, unfortunately for Microsoft this was hacked in both Server 2000 and 2003 editions.
Powershell is a new feature with Windows Server 2008, however it can be downloaded free from Microsoft and used with Server 2003 and Xp. Powershell is a command line interface and needs to be installed via the Add Features Wizard. Powershell is designed for system administrators and uses .netframework and cmdlets to carry out tasks. In Powershell the cmdlets are either used individually or they can be combined to carry out more complex and powerful administrative tasks.
Powershell is a new script language and once learned there are many time saving admin tasks that it can carry out. The PS commands used are more complex than the standard windows commands, however once an administrator is familiar with these they are far more powerful and can be used to perform administrative tasks more efficiently and do more than the standard windows commands are capable of. Commands can also be ran to pull information from computers across the lan such as ip address, network adapter configuration settings for any network adapters present in the remote PC and so on. Being able to use this with remote machines and filter the output are major features of the Powershell.
When launched this utility looks similar to a command prompt, it has a blue background and is easily recognizable as it has Windows Powershell on the window and PS displayed before the C:\ for example would look like PS C:\Users\woodsw\. The All the usual windows commands can be used such as ipconfig, net use and net share within Powershell.
IIS is a significant upgrade from the last version and comes bundled with Server 2008. There are major security and implementation changes that make this really attractive. IIS 7 has the ability to to delegate administration for servers and sites to site admins and at the same time restrict privileges.
Enhanced Terminal Services
Terminal Services has been revamped and improved ain more ways than one. Terminal Services RemoteApp can allow users to access an application instead of the need to connect to an entire new desktop remotely which is run locally on the end user's machine. The applications are accessed through a web portal or an icon which is configured and added to their desktop of the local computer. Terminal Server Gateway is used to secure the session which is tunnelled across HTTPS:// eliminating the need for Virtual Private Network on the internet. Local printing capability is also available to the users.
Windows Server 2008 brings with it added security of Network Access Protection, Read Only Domain Controller and Active Directory Federation Services which are really important and beneficial to big corporations today. It is also packed with new features and enhancements such as Hyper-V, the Self Healing NTFS, Improved Backup, Server Manager and Powershell It is the most secure and advanced version of Windows Server as you would expect to date and includes many enhancements with the most important and impressive being Security. The additional option of Server Core, Security and enhancements made are all major benefits for implementing the Operating System in a corporate environment.