The Windows Server 2008 Delta
Microsoft made some major inroads with the release of
Windows Server 2003. This version of Windows Server became the flagship
version, since it proved to be stable and reliable, and was available in a
number of different configurations. It became even more reliable when Microsoft
released version R2.
Now, with the release of Windows Server 2008 (WS08),
Microsoft is making more inroads, as this version provides much more robust and
integrated capabilities. Built with a foundation on Windows Vista, WS08
includes many of the features that made this client operating system the best
of breed in the marketplace. But, WS08 is a server
operating system; as such, its market is not the home user, but businesses and
organizations everywhere. This is why the primary audience for this book is the
system administrator, whether you are a generalist who is responsible for all
system administration tasks in your organization or whether you are a member of
a system administration team within a large enterprise.
Our advice to you is pay
attention to the structure of this book! It covers both migrations for
existing networks and new network installations. With our previous books, we
have developed a proven methodology for server system implementations as well
as system administration. This methodology relies on careful planning and
selection of feature sets, comprehensive preparation, and testing and then,
finally, deployment of the selected feature sets. When you use this approach,
you will have a better-than-average chance of having a flawless implementation
that will run smoothly and that will operate as expected. Too many operators
rush into installations and implementations without proper planning and then
need to rely on troubleshooting books to try and repair or patch the systems
they implemented without proper guidance. This
is not that type of book! This book outlines detailed explanations of
each new feature in Windows Server 2008, and then it provides guidance on how
to implement them. Because we do not work for Microsoft, we do not need to
provide information for every possible installation situation. Instead, we
provide known recipes—recipes that are proven to work when you want to use a
specific feature set. If you use the recommended approaches we outline, then
you will meet some very specific goals that will provide some very compelling
benefits.
|
We’ve gathered feedback on our approaches through the
delivery of multiple courses and conferences over the past few years as well as
through direct interaction with customers. This feedback proves that when
system administrators rely on our administration practices, they finally gain
control over their schedule and don’t work in reactive mode all the time. In
many cases, they only work overtime for very special situations, not on a
regular basis, like many administrators do today. Isn’t that a worthwhile goal?
Resource Pools vs. Virtual Service Offerings
In addition, this book outlines a new approach to the
delivery of IT service offerings. This approach is based on virtualization, now
that virtualization—the ability to run a “guest” operating system (OS) or a
virtual machine inside a “host” OS—is a core element of the new datacenter.
This approach was popularized by manufacturers such as VMware, Citrix, and
Virtual Iron, as well as Microsoft themselves through the delivery of a series
of different products aimed at supporting the ability to run virtual machines.
In this approach, service offerings, or the services your end users interact
with, are delivered inside virtual machines. Hardware systems are only used to
run the virtualization services, or hypervisor, that expose resources to the
virtual service offerings. As you will see, this approach liberates the service
offerings from their dependency on hardware and provides the foundation for a
dynamic datacenter—a datacenter where you can allocate resources as needed to
meet the demand of the moment. In addition, using virtualized service offerings
will enable almost any datacenter to have a simplified disaster recovery and
business continuity strategy. This approach revolutionizes the way IT
administrators have managed service offerings in the past and lets them look to
the future, with a greater breadth of possibilities.
NOTE Hyper-V, the new integrated virtualization engine in
Windows server, is not included in the original release of WS08. Instead, it
has been marked for availability after the market version has been released.
You will need to download the virtualization components from the Microsoft web
site at http://downloads.microsoft.com.
New Feature Listings
OK. Now that we have laid down our approach, let’s get to
it. The very first thing you need to do when examining a new operating system
is to understand its new feature set. Next, you need to wade through the
sometimes hundreds of new features in order to identify which ones apply to
organizations of your size and structure. Once this is done, you need to
identify which of these features you want to implement, when you want to
implement them, and how you will proceed. This is the structure of this book.
In this chapter, we begin by laying out the general categories of the new WS08
feature set and then go on to examine each new feature in depth, identifying
who it applies to—small, medium, or large organizations—as well as laying out a
recommended timeframe for implementation of this feature. Each feature is laid
out in a grid that covers core elements. This chapter is also available online
on the companion web site (www.reso-net.com/livre.asp?p=main&b=WS08) so
that you can integrate it into your own technical architecture
documents—documents you will create in support of your planned WS08 migration
or implementation. We recommend that you read this chapter carefully, mark
those features you think apply to your organization, download our document, and
remove or at least indicate which features do not apply to your organization.
This will greatly facilitate your implementation and set you well onto the path
for migration or new network design.
NOTE Actually, the very first step you should address when
changing server operating system is to review your business objectives to make
sure that the selections you make will be in line with your business needs. How
to do this is beyond the scope of this book, but we have written a series of
articles on the subject of developing an enterprise architecture and
identifying business requirements. You can find these articles at
www.reso-net.com/articles.asp?m=8 under the “Architectures” heading. This
should greatly assist you in outlining what you need to gather in terms of
information about the business before you proceed.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies
Build the Windows Server 2008 Network
Networks of all sizes require specific features and
functionalities to provide support for
the organizations that use them. As mentioned earlier, this book addresses the
needs of organizations of all sizes—small, medium, and large—in terms of the
networking functionality you can draw from Windows Server 2008. But to do so,
it is important to begin with the establishment of some core principles. Two
principles in particular are essential at this point:
- A common definition of the
meaning of small, medium, and large in terms of networking and network
functionality - A common definition of the
various functions any network requires and an identification of where WS08
adds new or enhances existing functionality
The latter will help you understand where you can see
gains with the addition of Windows Server 2008 to your existing network. If you’re
building a brand-new network, you’ll find that WS08 can support almost any
networking function and provides an excellent means to support team
productivity for any size of organization.
Organization Size Definitions
WS08 has been designed to respond to the needs of
organizations of all sizes, whether you are a company of one working in a
basement somewhere or whether your organization spans the globe, with offices
in every continent. Obviously, there is a slight difference in scale between
the two extremes, but for the purposes of this book, it is important to provide
a definition of what is meant when we address the needs of small, medium, and
large organizations. Each of these is defined as follows:
- Small organizations are
organizations that include only a single site. They may have several
dozens of workers, but given that they are located in a single site, their
networking needs are fairly basic. - Medium organizations are
organizations that have more than one site but less than ten. The
complexities of having a network with more than one site address the
networking needs of medium organizations. - Large organizations are
organizations that have ten sites or more. In this case, organizations
need more complex networks and will often rely on services that are not
required at all by the two previous organization sizes.
|
Small organizations have all of the requirements of a
basic network and will normally implement a series of technologies, including
directory services, e-mail services, file and printer sharing, database
services, and collaboration services. Even if the organization includes a very
small number of people, these services will often be at the core of any
networked productivity system. For this reason, it is often best for this type
of organization to use Windows Small Business Server 2008 (SBS08), because it
is less expensive and it includes more comprehensive applications for e-mail
and database services. Nevertheless, some organizations opt for Windows Server
2008 anyway, because they are not comfortable with the limitations Microsoft
has imposed on the Small Business Server edition. For example, it is always
best and simpler to have at least two domain controllers running the directory
service because they become automatic backups of each other. SBS08 can only
have a single server in the network and therefore cannot offer this level of
protection for the directory service. This is one reason why some small
organizations opt for Windows Server 2008 even if it is more costly at first.
However, realizing this business need, Microsoft is releasing Windows Essential
Business Server 2008 (WEBS) as a multi-component server offering for these
organizations. WEBS is made up of three server installations:
- Windows
Essential Business Server Management Server To manage the
WEBS network as well as worker collaboration and network services
centrally. - Windows Essential Business
Server Security Server To
manage security, Internet access, and remote-worker connectivity. - Windows
Essential Business Server Messaging Server To provide messaging
capabilities.
Medium organizations face the challenge of having to
interconnect more than one office. While small organizations have the
protection of being in a single location, medium organizations often need to
bridge the Internet to connect sites together. This introduces an additional
level of complexity.
NOTE Secondary sites may or may not have administrative
personnel on site. This adds to the complexity of working with and managing
remote sites.
Large organizations have much more complex networks that
provide both internal and external services. In addition, they may need to
interoperate in several languages and will often have internally developed
applications to manage. Large organizations may also have remote sites connected
at varying levels of speed and reliability: Integrated Services Digital Network
(ISDN) or dial-up. From a Windows standpoint, this necessitates a planned
replication and possibly an architecture based on the Distributed File System
(DFS). For this reason, they include many more service types than small or
medium organizations.
This book addresses the needs of each organization type.
When core networking features are addressed, they will apply to all levels of
organizations, since best practices for network service implementations should
be used no matter which organization size you have. Interconnection issues will
address the complexities of medium and large networks, and finally, advanced
network functionalities will address the needs of very large organizations. If
you find that your organization does not quite fit this trend, rely on the
information provided for the other organization types to supplement your
networking configuration requirements.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies
Common Networking Functions
WS08 includes features and functionalities that support
almost every conceivable networking service. But not all of these
functionalities are new or updated in Windows Server 2008. It is, therefore,
important to first establish a common vocabulary on standard networking services
and then identify where WS08 brings new features and functionalities to help
draw a graphical map of the new WS08 features. This will provide you with a
simple graphical layout of the new Windows Server 2008 feature set.
Small organizations or networks that include only a single
site will often include a basic set of networking services. These services tend
to focus on the following:
·
Domain Services Using
Active Directory to centrally store and manage all user accounts makes sense in
organizations of all sizes. The alternative—using workgroup practices—means
having to manage multiple security account databases, one on each server or
workstation, in fact. Active Directory is so simple to use that it simply does
not make sense to use anything else.
NOTE Active Directory Domain Services (ADDS) relies on the
Domain Name System (DNS) to operate. Therefore, any installation of ADDS will
require at least one server running the DNS service. Note that in small-scale
ADDS installations, you are automatically prompted to perform a simple DNS
installation.
- File
and Printer Sharing Storing documents centrally has always made sense because you only
have to protect one single location. Every organization has a use for
central file and printer management, even if new collaboration features
offer a better way to manage documents and have teams interact. - Collaboration Services With Windows SharePoint Services (WSS), organizations
can have teams interact with each other through a Web-based team
structure. Since almost all organizational activity takes the form of a
project, using team sites and collaboration services only makes sense,
especially since WSS is so easy to install and manage. - Database Services Windows SharePoint Services relies on a
database—in this case, the Windows Internal Database, which is, in fact, a
version of SQL Server Embedded edition. - E-mail Services Most
organizations also rely on e-mail services. Though Windows Server 2008
does provide the simple message transfer protocol (SMTP) service,
organizations usually opt for a professional e-mail service, such as that
provided by Microsoft Exchange Server. - Backup and Restore Services All
organizations will want to partake of Windows Backup to protect their
systems, both at the data and the operating system level. The new Backup
tool in Windows Server 2008 provides protection for both.
These often form the basic services that most
organizations require. Optionally, even small organizations will also rely on
the following services:
|
- Firewall
Services Any organization that has a connection to the
external world through the Internet will want to make sure they are
completely protected. The only way to do so is to implement an advanced
firewall service. - Fax
Services Windows Server 2008 can provide integrated fax
services, freeing organizations from needing a conventional fax machine. - Terminal
Services Terminal Services (TS) provides the ability to
run applications on a server instead of on the user’s workstation. The
advantage of this is that organizations need to manage applications only
in one central location. In addition, with Windows Server 2008, the use of
TS applications is completely transparent to end users, since it appears
as if they are working off the local machine.
CAUTION Terminal Service applications are not appropriate for
mobile or disconnected users because they do not offer any kind of offline
caching. Therefore, when a user is disconnected, they do not have access to TS
applications.
- Hyper-V This
is a core service of the new datacenter. It supports the virtualization of
all other service offerings. This service is installed on all hardware,
and all other services are installed within virtual machines. - Network
Access Services (NAS) With the proliferation of home
offices, more and more organizations are relying on network access
services, such as virtual private networks (VPNs), to let home workers
access the corporate network over common home-based Internet connections. - Deployment
Services With the advent of new Windows Deployment
Services in Windows Server 2008, many organizations will want to take
advantage of this feature to automate the installation and deployment of
Windows XP and Windows Vista machines. Larger organizations will
definitely want to use these services to deploy servers as well as
workstations. - Windows
Server Update Services With the proliferation of attacks
on systems of all types, organizations of all sizes will want to make sure
they implement a system for keeping all of their computers—workstations
and servers—up to date at all times. Windows Server Update Services (WSUS)
is not part of WS08, but is free and can be obtained at
www.microsoft.com/windowsserversystem/updateservices/downloads/WSUS.mspx.
Registration is required to obtain the download.
In addition, any organization that includes more than one
site will need to ensure that the services they provide at one site are
available at any other. This is done through a series of different features,
which rely mostly on either a duplication of the base services in remote sites
or the use of a replication mechanism to copy data from one location to the
other. The implementation of these systems is more complex than single-site
structures.
Larger organizations will add more services to their
network just because of the nature of their organization. These will include:
- Certificate
Services Anyone who wants to control identity and ensure
that users are who they claim they are at all times will want to take
advantage of Active Directory Certificate Services, a public key
infrastructure system that provides electronic certificates to users and
machines in order to clearly identify who they are.
NOTE For more information on public key infrastructures
(PKI), see the “Advanced Public Key Infrastructures” section at
www.reso-net.com/articles.asp?m=8.
- Rights
Management Services Organizations concerned about the
protection of their intellectual data will want to implement Active
Directory Rights Management Services (ADRMS). ADRMS can protect electronic
documents from tampering through the inclusion of protection mechanisms
directly within the documents. - Advanced
Storage Organizations maintaining large deposits of
information will want to take advantage of advanced storage systems, such
as storage area networks (SANs). Windows Server 2008 provides new ways to
access and manage SANs. - Clustering
Services and Load Balancing Organizations running N-tier
applications—applications that are distributed among different server
roles—will want to protect their availability through the use of the
Windows Clustering Service (WCS)—a service that provides availability
through a failover capacity to another server running the same
service—and/or Network Load Balancing (NLB)—a service that provides
availability through the use of multiple servers running identical
configurations. - Database
Services Organizations relying on large data structures
will want to run more than the Windows Internal Database and will rely on
other versions of SQL Server to protect their databases. - Web
Applications Organizations providing custom services,
both internally and externally, will need to rely on Internet Information
Services (IIS) to deliver a consistent Web experience to end users. - Middleware
Services Organizations running N-tier applications will
want to support them with middleware, such as the Microsoft .NET Framework,
COM+, and other third-party components. These run on middleware servers. - Key
Management Services Organizations that take advantage of
Microsoft Software Assurance and Volume Licensing will want to implement
this new WS08 role. Key Management Services (KMS) controls the activation
of Microsoft volume-licensed software from both clients and servers from
within your firewall.
Microsoft Windows Server 2008: The Complete Reference; Copyright 2008, The McGraw-Hill Companies