Windows 7 and Windows Server 2008 R2 Combined Value

8/6/2019 Windows 7 and Windows Server 2008 R2 Combined Value

1/27

Jason Leznek

Group Product Manager, Windows Client

Justin Graham

Senior Product Manager, Windows Server

Building The Optimized

Desktop Infrastructure with

Windows 7 and WindowsServer 2008 R2


2/27

Branch officesBranch officesRemote workRemote work

Mobile and distributedMobile and distributedworkforceworkforce

Central officeCentral office


3/27

IT professional needs:IT professional needs: Secure and flexible infrastructure for working anywhere

Reduce costs

Mobile and remote workforce needs:Mobile and remote workforce needs: Work anywhere

Fast access


4/27

Optimized DesktopOptimized Desktop

ComplianceCompliance

CostsCosts

ContingencyContingencyCarbonCarbon--NeutralNeutral

(Green)(Green)

ConsumerizationConsumerization


5/27

Increase user productivity byenabling access toapplications and data quickly,from anywhere

Enable faster, more scalable,and efficient access tonetwork resources

Implement policy-basednetwork access and security

Update and manage mobilePCs even when not on thecorporate the network

Publish server-basedapplications directly to usersdesktops

Centrally aggregate importantclient and server events

Enhance User ProductivityEnhance User Productivity Protect Sensitive DataProtect Sensitive DataReduce Costs withReduce Costs with

Enhanced ManageabilityEnhanced Manageability

FundamentalsFundamentals

Security | Reliability | Application Compatibility | Device Compatibility | Performance | Power Management

Enable faster, more scalable,and efficient access tonetwork resources

Implement policy-basednetwork security

Centrally aggregate importantclient and server events


6/27

Combined value to deliver the optimized desktop

Key ScenarioKey Scenario BenefitsBenefits FeaturesFeatures

Enhance UserProductivity

Provide faster, more scalable, andefficient access to network resources

Provide users with seamless accessto applications and data fromanywhere, helping to increase theirproductivity

Provide users with a rich desktopexperience from unmanaged or thinclients

Receive Window auto-tuning

SMB 2.0

IPv6

DirectAccess

BranchCache

VDI enhancements

Protect Sensitive Data Enable policy-based network securityby allowing only healthy PCs to accessnetwork resources

Network access protection

Server and domain isolation

Reduce Costs withEnhanced Manageability

Update and manage mobile PCs evenwhen not on the corporate the network

Publish server-based applicationsdirectly to users desktops

Centrally aggregate important clientand server events to help desk

DirectAccess

Remote Desktop Services(RDS)

Event forwarding


7/27

Enhancing User Productivity


8/27

IPv6

All services within Windows Vista are IPv6-enabled

Seamless cost-optimized transitional approach

Receive-side auto-tuning

Automatically senses the network environment and adjusts important performance settings

Allows increase in the size of the TCP/IP send/receive window

SMB 2.0 protocol improvements

Number of open files and shares on the server

Packet compounding reduces chattiness

Message signing settings have been improved

Client-side encryption is supported

Durable handles are supported


9/27

Situation TodaySituation Today DirectAccessDirectAccess

OfficeHome

Challenging for IT to manage, update,and patch mobile PCs whiledisconnected from the companynetwork

Difficult for users to access corporateresources from outside the office

Corporate network boundary includesmanaged assets no matter where theyare on the Internet

Easy to service mobile PCs anddistribute updates and polices

New network paradigm increasesmobile user productivity by providingthe same experience inside andoutsidethe office

HomeOffice


10/27

ClientClientServerServer

Runs on Windows 7

Domain-joined

Initial configuration done on the

corporate network or over VPN

Runs on Windows Server 2008R2

Sits on the network edge

Single box by default Services can be split up for

scalability


11/27

IT Pro BenefitsIT Pro Benefits

Improved manageability of remote users

IT simplification and cost reduction

Consistent security for all access scenarios

EndEnd--User BenefitsUser Benefits

Seamless and secure access to corporate resources

Consistent connectivity experience inside and outside the office

Enhances the end-to-end IW experience when combined with otherWindows 7 features


12/27

IPv6 Devices IPv4 Devices

DirectAccess

Server

Windows 7

Client

Native IPv6

with IPSec

IPv6 Transition

Services

Supports variety of

remote network

protocols

DirectAccessDirectAccess providesprovidestransparent, securedtransparent, secured

access to intranetaccess to intranetresources without a VPNresources without a VPN

Allows desktopAllows desktopmanagement ofmanagement of

DirectAccessDirectAccess clientsclients

Allows IPSec encryption andAllows IPSec encryption andauthenticationauthentication

Supports directSupports directconnectivity to IPv6connectivity to IPv6--

based intranetbased intranetresourcesresources

Support IPv4 via 6to4Support IPv4 via 6to4

transition services ortransition services orNATNAT--PTPT

IT desktop

management

AD Group Policy,

NAP, software

updates

Internet


13/27


14/27

IT Pro BenefitsIT Pro Benefits

Helps reduce WAN utilization and cost

Data encryption is enforced across the network

Simple to deploy

End User BenefitsEnd User Benefits

Less waiting for downloads = more productivity

Combined with other Windows 7 features enhances the end to end IW

experience


15/27


16/27

1.1. First client downloadsFirst client downloadsdata from main officedata from main office

serverserver

Client 1

Client 2Branch Office

2.2. Content pushed to hostedContent pushed to hostedcache from first clientcache from first client

3.3. Second client downloadsSecond client downloadsidentifiers from mainidentifiers from mainoffice serveroffice server

4.4. Second clientSecond clientdownloads fromdownloads fromhosted cachehosted cache

Main

Office

Hosted caching


17/27


18/27

Protect Sensitive Data


19/27

Todays ChallengesTodays Challenges

Unprotected network taps within an organizations buildings

Administrators have limited control over the health of systems joiningthe network

Result: hardware/network upgrades and increased operational costs,reduced productivity

Solution: endSolution: end--toto--end, authenticated, tamperend, authenticated, tamper--resistant communicationresistant communication

Improved isolation using IPsec

Network access protection across IPsec, 802.1X

, DHCP,VPN

Increased manageability


20/27


21/27

Untrusted

Unmanaged/rogueUnmanaged/roguecomputercomputer

Domain

Isolation

Active DirectoryDomain Controller

X

Server

Isolation

Servers withSensitive DataHR Workstation

Managed

Computer

X

ManagedComputer

Trusted ResourceServer

CorporateCorporate

NetworkNetwork

Define the logical isolation boundariesDefine the logical isolation boundariesDistribute policies and credentialsDistribute policies and credentialsManaged computers can communicateManaged computers can communicateBlock inbound connections fromBlock inbound connections from untrusteduntrustedEnable tieredEnable tiered--access to sensitive resourcesaccess to sensitive resources


22/27

Reduce the risk of network security threatsReduce the risk of network security threats An additional layer of defense-in-depth

Reduced attack surface area

Increased manageability and more healthy clients

Safeguard sensitive data and intellectual propertySafeguard sensitive data and intellectual property Authenticated, end-to-end network communications

Scalable, tiered access to trusted networked resources

Protect the confidentiality and integrity of data

Extend the value of existing investmentsExtend the value of existing investments No additional hardware or software required

Get more value from Active Directory and group policy

Complements existing third-party network security solutions


23/27

Enhanced Manageability


24/27

DirectAccessDirectAccessEnables always-on management of remote machines tosupport a fully manageable environment

Scenarios include:

Group policy updates

Folder redirection/client-side caching Software/update distribution

Event SubscriptionsEvent Subscriptions

Proactive management of key issues Pull/forward events to and from multiple machines and search/collate

Does not require loading entire log from remote machine


25/27

Improved management toolsetImproved management toolset Reduce repetitive tasks with RDS Powershell support, improved application

installation, connection broker installation and profile management

Improved management toolsetImproved management toolset Reduce repetitive tasks with RDS Powershell support, improved application

installation, connection broker installation and profile management

RDS and VDIRDS and VDI an integrated solutionan integrated solution Single broker to connect users to sessions or virtual machines, out-of-the-box

solution for VDI scenarios with Hyper-V

RDS and VDIRDS and VDI an integrated solutionan integrated solution Single broker to connect users to sessions or virtual machines, out-of-the-box

solution for VDI scenarios with Hyper-V

RemoteAppRemoteApp and Remote Desktop connectionsand Remote Desktop connections Centrally hosted applications integrated into the Start menu and desktop, can

personalize a non-work PC with work applications without installing them locally

RemoteAppRemoteApp and Remote Desktop connectionsand Remote Desktop connections Centrally hosted applications integrated into the Start menu and desktop, can

personalize a non-work PC with work applications without installing them locally

Platform investmentsPlatform investments Multiple levels of extensibility for custom partner solutions for RDS- and

VDI-based solutions

Platform investmentsPlatform investments Multiple levels of extensibility for custom partner solutions for RDS- and

VDI-based solutions


26/27


27/27

Documents

Windows 7 and Windows Server 2008 R2 Combined Value