This essay has been submitted by a student. This is not an example of the work written by our professional essay writers.
Windows Server 2008, released in April 2008, is the successor of the already well-established Windows Server 2003. The technology changes in computing disciplines such as the release of Windows Vista and 7 should indicate that this new operating system could introduce some major changes, in comparison to its predecessor.
This report introduces Windows Server 2008 and tries to identify and explain its new features and functionality improvements. Throughout this paper, those aspects will be compared, where possible, with those belonging to Windows Server 2003.
For ease of reading, the following terminology is used:
Win2K3 - Windows Server 2003
Win2K8 - Windows Server 2008
OS - operating system
OSes - operating systems
2. Windows Server 2008
The following sections should provide evidence that Win2K8 introduces some improvements in Active Directory (AD). The aspects of running a domain are covered, as well as the appearance of the OS, its performance, its security, and its usability.
2.1. Recommended Hardware Requirements
The first evident changes are the recommended hardware requirements, necessary for a successful installation of Win2K8 (Windows Server, 2007), which are much higher than Win2K3's requirements (Microsoft Technet, 2005). The differences are highlighted in the two lists below:
the processor speed should be 2 gigahertz (GHz) or higher;
the system should ideally possess 2 gigabytes (GB) of Random Access Memory (RAM), and no more that 4GB;
the recommendation for the Hard Disk Drive (HDD) is 40GB of free space;
the monitor recommended is a super-VGA, with a minimum 800x600 resolution;
and finally a DVD-ROM drive.
the processor speed should be 550 megahertz (MHz) or higher;
the recommended amount of RAM is 265MB;
the HDD should have 2 to 3GB of free space;
the recommended monitor is a super-VGA with a minimum 800x600 resolution;
Win2K3 requires at least a CD-ROM or DVD drive for installation
and for network installation, a Preboot eXecution Environment (PXE) compliant network card.
The recommended requirements listed at the Windows Server site for Win2K8 do not mention the need for a PXE compliant network adaptor for network installation. Installations from remote locations are possible, as documented by Matthews (2008), who also reports that the options to undertake a full installation, or a Server Core installation, are available; the latter installation mode installs a lighter version of the server which excludes certain components and the user interface; i.e. all administration task are performed via the command prompt.
2.2. New Appearance
Davis (2007) states that the Win2K8 "look and feel" makes the OS very similar to the Windows Vista family of OSes; this implies that, similarly to Win2K3's release, which, as illustrated by Minasi et al. (2003), integrated XP technologies, Microsoft tried to produce a networking OS that reflects the enormous technology changes and advances in today's world. For those who struggled with Vista initially, this may indicate that the new look server could prove awkward to adjust to. An example of the Vista types of changes to the OS is the omission of the Run command, in the Start menu, which may confuse Win2K3 users, who would be accustomed to the availability of this feature; with Win2K8, the user only needs to type the name of the required feature in the Search textbox, situated at the bottom of the Start menu, and double-click on this feature's name, which should appear on the left hand side of the menu, in order to run it.
The reason to why Win2K8 is so much like Vista is because it was built using the same development model, as highlighted by Hassell (2008); i.e. the secure development model, which intends to help in producing more security based OSes. This should imply that Win2K8 must be more secure than Win2K3; this implication is discussed later in this paper.
2.3. Active Directory Domain Services
Active Directory Domain Services (AD DS) is the new name given to what every domain administrator has always known as Active Directory (AD), while using Win2K3. AD DS includes features similar to Win2K3's and also introduces new functionalities, as illustrated by (Price and Price, 2008), whose list includes Active Directory Lightweight Directory Services (AD LDS), Active Directory Federation Services (AD FS), Active Directory Rights Management Services (AD RMS) and Active Directory Certificate Services (AD CS).
2.3.1. Active Directory Lightweight Directory Services
Schmidt (2008) briefly highlights AD LDS, which was known as Active Directory Application Mode (ADAM) in Win2K3, and also permits AD to be used for application storage and availability, without those being completely dependent on AD. There are no security principles in AD LDS, since those are stored in AD DS.
2.3.2. Active Directory Federation Service
AD FS permits organisations to provide their employees, and employees from other organisations, a way to log in to a corporate website, without creating different accounts or storing login credentials, for each employee, from each organisation that has access to the website, according to Bruzzese (2009). With AD FS, companies can have a trust account which gives them access to the website, without the need for a trust account on their own server.
2.3.3. Active Directory Rights Management Services
According to Oiaga (2010), AD RMS is a new technology, incorporated into Win2K8, which is based on the security of documents holding data, such as word documents, websites or spreadsheets, and permits administrators to encrypt files, which can only be decrypted by authorised individuals. This is one of the key security features which should be considered by every organisation seriously considers data protection, as AD RMS can easily be used to keep sensitive data from unauthorised viewers. This is not a new feature, since Win2K3 also provided encryption possibilities.
2.3.4. Active Directory Certificate Services
Morimoto et al. (2008) explains that with AD CS, which was previously known in Win2K3 as Certificate Services, an administrator can produce and manage all existing certificates required. Also known as a Certificate Authority (CA), this technology helps administrators to verify whether the certificates are valid, ensuring a high level of security. Certificates are documents which ensure the credibility of a user's identity.
2.4. Better Performance
In Win2K8, it would be expected that a performance utility should be provided, with regards to the heavy workloads imposed on domain controllers nowadays, due to the fact that organisations are becoming larger and larger. Therefore, Microsoft offers the Reliability and Performance Monitor (RPM), which enables administrators to diagnose an AD for performance statistics.
RPM is a Microsoft Management Console (MMC) snap-in; Zandri (2009) explains that RPM can be used to monitor performance aspects such as processor usage, the state of the Hard Disk Drive (HDD), network performance and usage, and memory state. This utility seems to be the centralisation of the performance monitoring tools that were available separately in Win2K3.
According to Petri (2009), the server's performance can be analysed with the help of the Win2K8 tool called Performance Analysis of Logs (PAL), which:
'is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (that are provided)'.
This tool's output is an HTML document which highlights some counters important to performance and displays alerts, regarding existing performance issues. PAL helps administrators detect possible problems with ease, since all performance tools are in one utility.
2.5. Security Enhancements
Mimoso (2008), published an interview with Bill Laing, general manager of Microsoft's Windows Server Division, on the SearchSecurity.com website, in which Laing states that:
"In developing Windows Server 2008, three key aspects of security were imperative in achieving our goal to create our most secure operating system to date".
This certainly implies that there should be some major security improvements in this version of the OS.
The three key aspects mentioned above are Network Access Protection (NAP), Federated Right Management (FRM) and Read Only Domain Controller (RODC), which all participate in providing organisations with a secure OS, an accessible and safe network, and protection over documents and data; they are all new features.
Melber (2009) describes how Win2K8 also lets administrator control security over the services which run in the background. Microsoft has incorporated new features within Group Policies (GP), which gives administrative personnel this control.
Specialized Security - Limited Functionality (SSLF) environment, according to Microsoft's security guide for the OS (2008), is a baseline which helps build "highly secure environments for computers running Windows Server 2008". Although SSLF helps tighten up server security, this setting imposes some restrictions with regards to user functionalities; i.e. restrictions towards running services, such as Terminal Services, which helps users connect to desktops from remote locations.
Bitlocker is a new security feature, which was introduced with Windows Vista, and has been incorporated in Win2K8 (Techotopia, 2009). This facility enables full-drive encryption and is an ideal security measure, to secure data on laptops and notebooks which are items easily lost or stolen.
2.6. Virtualisation Technologies
Hyper-V is a new utility introduced in Win2K8, which enables users to use virtualisation technologies, with the help of Remote Desktop Services, to enable them to run multiple virtualised OSes on the same machine (Shimonski, 2008); previously, any user wishing to perform any virtualisation task would have had to download and install either Microsoft's Virtual PC or Virtual Server.
With virtualisation various systems or computers are created and running on one host computer. This permits to either test or physically run a network, while cutting down overheads and expenditures, since less hardware is needed. However, there is one point to take into consideration; the host machine must have enough resources, such as processors speed, RAM or HDD space, to enable the virtualised systems to run smoothly.
2.7. Enhanced Web Technologies
eCOST Software (1998-2010) reports that the Web Server edition of Win2K8 offers enhancements and improvements to the Microsoft web platform, which provides more flexibility and reliability, with the help of Internet Information Services (IIS) 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services, all unified within Win2K3.
This edition of the server OS, offers improvements in Web administration, diagnosing tasks, developing projects, such as Web applications in Active Server Pages and PHP, for example, and providing streaming media
Domain Name System is a networking infrastructure adopted throughout the IT discipline, with regards to translating IP addresses into familiar host names (Savill, 2010). DNS Security Extensions (DNSSEC) is a networking enhancement which strengthens the DNS infrastructure and help prevents attacks on networks. DNSSEC is not a Microsoft product but an extension to the already well-established DNS standard, which helps in verifying the integrity of all data being transferred.
Windows Server 2008, with its new appearance, offers many new features, networking enhancements and improvements, to organisations using Active Directory, which has been renamed Active Directory Domain Services.
Some of the features, such as Active Directory Lightweight Directory Services, are utilities or aspects of the operating system, which existed within Windows Server 2003, and have been renamed, while others are completely new features, such as Active Directory Rights Management Services.
The Reliability and Performance Monitor helps domain administrators ensure that performance is not affected by the workload imposed on the operating system, by studying performance pointers with regards to memory management, hard disk drive usage, or even processor speeds and state.
Security has been Microsoft first and foremost priority during the development of the server and this reflects into the security enhancements of the operating system, which include Network Access Protection, Federated Right Management and Read Only Domain Controller.
Hyper-V, the new virtualisation technology within Windows Server 2008, permits organisations to virtualise networks without the need to use other utilities, such as Microsoft's Virtual PC or Virtual Server.
The Microsoft Web platform is more reliable and flexible towards application distribution and web development with Windows Server 2008 Web edition. Diagnostic tasks, web development and web administration have been improved with the unification of Internet Information Services 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services. With DNS Security Extensions, integrity of data is assured during all transfers.
In Summary, Windows Server 2008 seems to be a more secure, reliable and flexible operating system than Windows Server 2003, and offers many new features and improvements.