8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

1/7

Microsoft Windows Server 2008 Techical Overview Nov 2007

Que.Nguyen@microsoft.com 1

Technical OverviewTechnical Overview

Nguyen An QueNguyen An Que

Technology SpecialistTechnology Specialist

Microsoft VietnamMicrosoft Vietnam

Que.Nguyen@microsoft.comQue.Nguyen@microsoft.com

SecurityWeb Virtualization

Solid Foundation for Your Business Workloads

Windows Server 2008 pillarsWindows Server 2008 pillars

Reduces costs,increases hardwareutilization, optimizesyour infrastructure,

and improves serveravailability

Delivers rich web-based experiences

efficiently andeffectively

Providesunprecedented levelsof protection for yournetwork, your data,and your business

Most flexible and robustWindows Server operatingsystem to date

Provides the most versatile and reliable Windowsplatform for all of your workload and applicationrequirements

Management Reliability

SolidSolidFoundationFoundation

Server Manager

PowerShell

Windows DeploymentServices

Server Core

Next Generation Networking

HighAvailability Clustering

Most Flexible and Robust WindowsMost Flexible and Robust WindowsServer Operating System to DateServer Operating System to Date

TechNet ScriptCenter

Exchange Server 2007

Terminal Server

WMI, Registry, Hardware, etc.

Community-Submitted scripts

MyITForum.com

WindowsWindows PowerShellPowerShell

New Command-line shell & Scripting Language

Futures

Improves productivity & control

Accelerates automation of system admin

Easy-to-use

Works with existing scripts

Will ship in Windows

Admin GUIs layered over

PowerShell

One-to-many remote management

using WS-MGMT

SolidFoundation

PowerShellPowerShell

SolidFoundation

Server ManagerServer Manager

Product InstallationProduct Installation

Initial ConfigurationInitial Configuration

Managing Windows Server 2008Managing Windows Server 2008Solid

Foundation

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

2/7

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

3/7

Microsoft Windows Server 2008 Techical Overview Nov 2007

Que.Nguyen@microsoft.com 3

Windows Deployment ServicesWindows Deployment Services

Rapidly deploy Windows

operating systems

Updated and redesignedversion of Remote Installation

Services (RIS)

Server components

Client components: W inPE

Management components

Windows

Vista

Windows

Server2008

SolidFoundation Reliability and Performance MonitorReliability and Performance Monitor

SolidFoundation

Reliability and Performance MonitorReliability and Performance MonitorSolid

Foundation

Deliver Rich WebDeliver Rich Web--based Experiencesbased ExperiencesEfficiently and EffectivelyEfficiently and Effectively

InternetInformationServices 7.0

WindowsSharePointServices

WebWeb

Windows MediaServices

WebIIS 7.0: a robustWeb & Application ServerIIS 7.0: a robustWeb & Application Server

Enhanced security and reducedattack surface

Administration: UI & APPCMD& shared configuration

Delegation & true applicationXCOPY deployment

Highly customizable

Advanced troubleshooting

Windows CommunicationFoundation (WFC)

Windows Activation Service

New features in IIS 7.0New features in IIS 7.0

Web

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

4/7

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

5/7

Microsoft Windows Server 2008 Techical Overview Nov 2007

Que.Nguyen@microsoft.com 5

Terminal ServicesTerminal Services RemoteAppRemoteApp

Remote

Desktop client

required

Virtualization

Terminal ServicesTerminal Services

Virtualization

Hardens Operating System andHardens Operating System andIncreases Environment ProtectionIncreases Environment Protection

Read-OnlyDomain

Controller

Network AccessProtection

FederatedRights

Management

SecuritySecurity

Network Access ProtectionNetwork Access ProtectionHow it works

Not policyNot policy

compliantcompliant

11

RestrictedRestrictedNetworkNetwork

Client requests access to network and presents current

health state

1

4If not policy compliant, client is put in a restricted VLAN

and given access to fix up resources to download patches,configurations, signatures (Repeat 1 - 4)

2 DHCP, VPN or Switch/Router relays health status to

Microsoft Network Policy Server (RADIUS)

5 If policy compliant, client is granted full access to corporate network

NPS

33

Policy ServersPolicy Serverse.g. Patch, AVe.g. Patch, AV

PolicyPolicy

compliantcompliant

DHCP, VPN

Switch/Router

3 Network Policy Server (NPS) validates against IT-defined

health policy

22

Windows

Client

Fix UpFix UpServersServerse.g. Patche.g. Patch

Corporate Network5

44

33

Security Active Directory Federation ServicesActive Directory Federation Services

AD FS provides an identityaccess solution

Deploy federation servers inmultiple organizations tofacilitate business-to-

business (B2B) transactions

AD FS provides aWeb-based, SSO solution

WebServer

AccountFederation

Server

ResourceFederation

Server

Company BCompany A

Federation Trust

Security

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

6/7

Microsoft Windows Server 2008 Techical Overview Nov 2007

Que.Nguyen@microsoft.com 6

Federated Identity support inFederated Identity support inRights Management Service (RMS)Rights Management Service (RMS)

Together AD FS and AD

RMS enable users fromdifferent domains tosecurely share documentsbased on federatedidentities

AccountFederation

Server

ResourceFederation

Server

Company BCompany A

Federation Trust

WebSSO

Security ReadRead--Only Domain ControllerOnly Domain Controller

Head Quarter BranchOffice

FeaturesRead Only Active Directory DatabaseOnly allowed user passwords are stored on RODC

Unidirectional ReplicationRole Separation

BenefitsIncreases security for remote Domain Controllers where physical

security cannot be guaranteed

RODC

Security

BranchHeadQuarter

ReadOnly DC

How RODC WorksHow RODC Works

WindowsServer2008 DC

11

22

33

44

5566

66

Security What if a DC is stolen?What if a DC is stolen? Security

Head Quarter

BranchOffice

Branch Office BenefitsBranch Office Benefits

OptimizationDFS Replication

SecurityBitLocker

Full Volume Encryption

Server Core

Read-Only Domain Controller

AdministrationSOAP-based remote

management (WinRM)

Restartable Active Directory

SolidFoundation PKI SupportPKI Support Security

Built-in Certificate Service

Usage

Data Encryption

Digital Signature

Smart Card authentication

8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout

7/7

Microsoft Windows Server 2008 Techical Overview Nov 2007

Que.Nguyen@microsoft.com 7

Windows Server 2008:Windows Server 2008:A Robust Application PlatformA Robust Application Platform

Application PlatformApplication Platform

.NET Framework 3.0

IIS 7.0

Windows Activation Service

MSMQ 4.0

Windows Server 2008 SummaryWindows Server 2008 Summary

Security

NAPNAP

ReadRead--Only DCOnly DC

AD RMSAD RMS

AD Federation SvcAD Federation Svc

PKI supportPKI support

BitLockerBitLocker

Virtualization

WindowsWindowsVirtualizationVirtualization

TSGatewayTSGateway

TSRemoteAppsTSRemoteApps

Web

Modular designModular design

Less attack surfaceLess attack surface

Admin delegationAdmin delegation

APPCMDAPPCMD

Win ActivationSvcWin ActivationSvc

Tracing &Tracing &TroubleshootingTroubleshooting

Solid Foundation for Your Business WorkloadsWindows PowerShellWindows PowerShell

Server CoreServer Core

Server ManagerServer Manager

Windows Firewall withWindows Firewall withAdvancedSecurity & IPSecAdvancedSecurity & IPSec

IPv6IPv6

Failover ClusteringFailover Clustering

Reliability & PerformanceReliability & PerformanceMonitorMonitor

Windows DeploymentSvcWindows DeploymentSvc

www.m

icrosoft.com/WindowsServer2008

www.m

icrosoft.com/WindowsServer2008

Que.Nguyen@microsoft.com

More information

www.microsoft.com/WindowsServer2008

www.iis.net