In-Depth

Why You Need Windows Server 2008 R2

A host of new features should attract IT pros to this vastly improved product.

It seems like only yesterday I was installing Windows Server 2003 and loving its improvements over Windows 2000. Even after Windows Server 2008 arrived, most of my Windows Server 2003 installations worked just fine, and I didn't see the need to upgrade. Now, Microsoft is releasing Windows Server 2008 R2, and everything has changed.

Windows Server 2008 R2 offers some exciting benefits, especially as Windows 7 deployments pick up steam. While your end-user population will benefit from many Windows Server 2008 R2 features, some new server features require Windows 7 desktops.

Given all the useful bells and whistles in Window Server 2008 R2, it's tough to write about just a few. Nevertheless, I chose the features that should get your attention and explain why you need Windows Server 2008 R2.

Server and Desktop Virtualization
By now, I assume you're no stranger to virtualization and hopefully have a place for it in your shop. If not, then Windows Server 2008 R2 with Hyper-V may finally convince you of virtualization's benefits. What you might find confusing is the existence of both the free Hyper-V role that you can add to Windows Server 2008 R2 and also the standalone product called Hyper-V Server 2008 R2. The latter is a stripped-down version of Windows Server 2008 R2 that includes only the Hyper-V and clustering roles. It's tuned, one would assume, as a high-performance hypervisor. Whichever route you choose, you'll benefit from support for up to:

  • 8 sockets, or 64 sockets with the Enterprise Edition
  • 64 cores
  • 1TB of memory
  • 16 cluster nodes
  • 384 running virtual machines (VMs), assuming you have the resources

Your storage options have never been greater, and there should be something for every budget. You can use directly attached storage via Serial Advanced Technology Attachment (SATA), external Serial Advanced Technology Attachment (eSATA), Parallel Advanced Technology Attachment (PATA), Serial Attached SCSI (SAS), SCSI or Firewire. If you have a SAN, you can connect with iSCSI, Fibre Channel or SAS.

The new Hyper-V bits offer some compelling reasons to deploy Hyper-V. One of the biggest is new support for Live Migration. Now you can move a running VM between Hyper-V hosts without any interruption. Combine this with failover clustering, and you no longer have to worry about unplanned downtime or service outages. Many companies use virtualization to run legacy -- but still critical -- applications, often on older Windows OSes. With Windows Server 2008 R2 virtualization technologies, these applications can have very high availability.


[Click on image for larger view.]
Figure 1. Windows PowerShell management is much improved in Windows Server 2008 R2.

If you have several Hyper-V servers, Live Migration can make the most of your hardware investment by moving VMs to different platforms to maximize performance and utilization -- again, without any interruption of service to the user. Have a sudden need for increased performance or an urgent maintenance requirement? With Live Migration, you can shuffle VMs between Hyper-V servers and users will be completely unaware. Of course, there are a few minor requirements to leverage this feature:

  • You must be running Hyper-V Server 2008 R2 or Windows Server 2008 R2
  • Enterprise or Datacenter
  • Servers must be configured for Microsoft Failover Clustering with shared storage
  • The cluster requires a dedicated network for Live Migration, which must be on the same subnet
  • Servers must use the same processor from the same vendor

Read More About It
There's an excellent white paper on Live Migration from Microsoft, which you can download here. If you don't need Live Migration, Microsoft offers Quick Migration, which has a bit more flexibility. With Quick Migration, you can easily move VMs between servers, but there'll be some momentary downtime. Finally, you can easily manage your entire virtualization infrastructure with System Center Virtual Machine Manager or even with Windows PowerShell.

On the client side, Terminal Services is now Remote Desktop Services, which takes client-side virtualization to new levels. Using Virtual Desktop Infrastructure (VDI), IT professionals can centrally manage desktop delivery. When combined with Windows 7, the user experience is practically indistinguishable from a local install. The improved Remote Desktop Protocol, along with the addition of RemoteApp and Desktop (RAD), means that Windows Server 2008 R2 offers these features:

  • Multimedia Redirection, including audio input, audio recording and improved synchronization
  • Support for multiple monitors
  • Support for Aero Glass
  • Language Bar Redirection
  • A Task Scheduler

IT staffers can also easily publish individual applications to Windows 7 clients using RAD. These virtualized apps, which can be centrally managed, are indistinguishable from a local installation once they're configured on the client. Application delivery is secure and highly available.

Virtualization continues to be a rapidly growing trend in IT, and Windows Server 2008 R2 offers many appealing features to the mix.


[Click on image for larger view.]
Figure 2. The Resource Monitor displays graphical views of your server's performance.

Management Improvements
You'll need to efficiently manage your Windows Server 2008 R2 infrastructure. The Server Manager console, introduced in the original release of Server 2008, offers a one-stop management experience for just about anything you'd need to do on a server. There are many wizards that simplify setting up new server roles and features. IT pros can manage many of these tasks from the command line using ServerManagerCmd.exe.

Speaking of the command line, Windows Server 2008 R2 ships with Windows PowerShell 2.0 enabled by default, which is a good thing. Using the PowerShell management shell, you can manage 500 servers just as easily as five. Need to check disk utilization on all those servers? Do it using only a few simple PowerShell commands -- with no scripting necessary. You'll connect to remote computers using WinRM, which means no more firewall configuration headaches like the ones you had when using Windows Management Instrumentation (WMI). But don't worry -- WMI is still around and even easier to work with in Windows PowerShell. You'll be able to take advantage of the wealth of WMI management information by leveraging the remoting features of WinRM. PowerShell 2.0 will dramatically change your management experience and let you work more efficiently.

Windows Server 2008 R2 offers a terrific Windows Reliability and Performance monitoring tool. Within minutes, you can have a comprehensive and graphical view of your server. In the past, you had to pull information from a variety of management tools, but no more. In Server Manager, under Diagnostics, select Windows System Resource Manager. You can connect to the local or a remote server. Resource Monitor displays a real-time status update.

You can configure the monitor with standard performance counters from multiple machines. Or you can navigate a bit further to the Performance tab and kick off a pre-built data collector set. This is a nice way to start and get an introduction to creating your own data sets. After collecting data, Windows Server 2008 R2 will prepare a report with all the pertinent information.

Personally, I've never found it easier to create valuable performance and utilization reports. Amongst its many functions, Windows Server 2008 R2 lets you define event criteria and schedule when to grab performance data. And don't think you need to log on to a Windows Server 2008 R2 server. You can install the Remote Server Administration Tools for Windows 7 and manage all Windows 2003, 2008 and Windows Server 2008 R2 servers from the comfort of your own desk.

DirectAccess
One particularly exciting feature in Windows Server 2008 R2, especially as more mobile clients move to Windows 7, is DirectAccess. In the past, providing secure remote access meant installing, configuring, maintaining and troubleshooting VPN connections. Speaking from personal experience -- and I'm sure many of you will agree -- this was never a fun task for users or IT pros, especially when something broke. In fact, users often went out of their way to avoid VPNs, thus causing security vulnerabilities and poor productivity.

With DirectAccess, remote users who have an Internet connection but don't have a VPN can use IPSec and IPv6 to securely connect to the following types of corporate resources:

  • SharePoint sites
  • Intranet sites
  • File shares
  • Line-of-business applications
  • E-mail

If an IPv6 native network isn't available -- which is the case for most public locations, like cafes -- Windows 7 will establish an IPv6 over IPv4 tunnel. You can also integrate DirectAccess with Network Access Protection to protect your corporate environment. One great benefit of DirectAccess over solutions like VPNs is that performance is enhanced, and there's no commingling of intranet and Internet traffic. With DirectAccess, these networks remain separate and distinct. If you have strong security requirements, you can also configure DirectAccess to use smartcards. I like that you can restrict DirectAccess traffic to specific servers and applications. This helps segment and optimize traffic and adds an additional layer of security.

But there's another benefit to DirectAccess that anyone who manages mobile users will appreciate. Until recently, the only opportunity to properly manage or update mobile users was when they returned to the office and connected to the local network. Nobody likes this situation, and, with growing security and compliance requirements, it's hardly practical.


[Click on image for larger view.]
Figure 3. System performance reports are presented in a clear and navigable manner.

With DirectAccess, IT pros can remotely manage users' computers, even if the users aren't logged on. Of course, the computer needs to be connected to the Internet and running, but the user can be logged off and sleeping. From the client's perspective, it's like being plugged into the corporate network. IT managers can enforce Group Policy settings, deploy applications or push Windows updates and patches. In short, they can perform any other desktop management task they would perform for any other corporate desktop. Now there's no excuse for any mobile user to not meet corporate desktop requirements.

Oh, and don't forget about help desk support: As long as the user can connect to the Internet, your help desk can easily reach out and touch the user's computer and fix just about any issue. Remember, the user doesn't even need to be logged on.

Here's how it works. Install the DirectAccess server role on a machine running Windows Server 2008 R2, and follow the setup checklists. Once everything's configured and operational, use the DirectAccess monitoring node to keep an eye on all the necessary network components and services. If you require more granular detail, there are also DirectAccess-related performance monitor counters that work with System Reporting.

DirectAccess offers transparent, secure and highly available remote access to the corporate resources your mobile users require on a daily basis. In addition to Windows Server 2008 R2, DirectAccess will require Windows 7 Enterprise and a little planning on the back-end, such as setting up an Active Directory-based Public Key Infrastructure and IPv6. Once implemented, it will make administrators, users and management very happy.

I've only touched on a small sampling of the myriad of new or updated offerings in Windows Server 2008 R2. Even if none of these grabbed your attention, I bet there's something new that will.

Featured

comments powered by Disqus
Most   Popular

Subscribe on YouTube