WinServer 2008 to offer network admin aids, MS says

The release of Microsoft’s Windows Server 2008 is at the end of this month, but for network managers, the more important date may be several months from now when Microsoft finalizes one of the key components of the operating system, the Hyper-V hypervisor, the first virtualization tool that is truly integrated into WinServer.

Until then, administrators will have to toy with a beta version of Hyper-V that ships with the OS.

Bruce Cowper, Microsoft Canada’s security lead, said the company promises the final version of the hypervisor will ship 180 days from the Feb. 28 release of WinServer.

There is a migration path to the final release so users should be able to directly upgrade, he said.

However, Michael Cherry, an industry analyst with Directions on Microsoft, said that the delay will have an impact on sales.

“I think adoption will be slower (than normal) until all the features are available,” he said.

While Cherry sees WS2008 as a “maturing” product built on the stable base of Windows Sever 2003 with incremental improvements, Cowper insists its more than that.

“I certainly see Windows Server 2008 as a major step ahead in terms of security, performance and manageability,” said Cowper.

With all the attention in data centres about the virtues of virtualization, it could be argued that Hyper-V is the most important feature of the new OS.

The technology, called Virtual Server, was first included in Windows Server 2003 R2. Hyper-V, according to Cowper, reduces the size of the virtualization layer and therefore should show performance gains. However, the OS still needs to run in 64-bit mode and with CPUs that support virtualization extensions.

Hyper-V lets multiple operating systems, including Windows, Linux, and others, run in parallel on a single server. Microsoft says new storage features, such as pass-through disk access and dynamic storage addition, will allow virtual machines more access to data, and give external programs and services more access to data stored on VMs.

New management tools and performance counters are said to make the virtualized environment easier to manage and monitor. Among them is a feature called Server Core, which lets administrators create a minimal WinServer 2008 install through a wizard on a server for faster performance. Cowper said this could be an advantage for servers running in remote offices.

Features such as the graphical user interface could be left out (leaving management by the command line, or automated through PowerShell scripts) but with Hyper-V installed should give good performance, said Cowper. Minimizing the operating systems should also increase security, he said.

Network manages not enthralled by virtualization, however, will find lots of interest in WS2008.

The Microsoft Management Console has been expanded and renamed as Server Manager, bringing administration and configuration tools under one roof in a bid to make management easier.

Network Load Balancing (NLB) now supports IPv6 and includes multiple dedicated IP address support which allows multiple applications to be hosted on the same NLB cluster.

Because IPv6 is fully integrated into WS2008, Micrrosoft says geographically dispersed cluster nodes no longer need to be on the same IP subnet or configured with complicated Virtual Local Area Networks (VLANs).

Backup is also said to be faster.

Internet Informations Services 7.0 is said to be a major improvement over the previous version, with better Web administration, diagnostics, development, and application tools grouped under IIS Manager, a new task-based management interface.

Cowper also noted that IIS 7.0 allows administrators to delegated management of applications and sites, giving control to different parts of the Web server to only those who need it.

Finally, security has been improved in a number of ways. User Account Control provides a new authentication architecture for protection against malicious software. Network Access Protection checks to see that any device attaching to the network has the latest anti-virus, firewall and application updates, limits which are set by policies.

“This should do a lot to remove some of the threats that come in [over WANs] because of people attaching machines with problems to the network,” said Cherry.

Cryptography Next Generation (CNG) , Microsoft’s new core cryptographic API, provides better cryptographic flexibility by supporting standard as well as customer-defined cryptographic algorithms, and enables more efficient creation, storage, and retrieval of cryptographic keys.

BitLocker Drive Encryption, introducted in Windows Vista, is said to give enhanced protection against data theft and exposure of server hardware if lost or stolen, and provides more secure data deletion when servers are gotten rid of.

Microsoft says it has also put much of its training materials for partners online so administrators and managers can become familiar with new features and lessen the time needed to adapt to the new OS.

Any new operating system will have some impact on performance, but Cowper says that in beta and release candidate tests “we haven’t seen significant hits.” This is in part, he said, because Microsoft has made improvements to the way network traffic is handled by WinServer 2008 by rewriting the network stack.

These improvement will especially be noticable organziations running Vista, he said. Windows Server 2008 will be sold in five versions: the Standard edition that comes with or without Hyper-V; the Enterprise edition, again, with or without Hyper-V, and the Data Center edition.