8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
1/7
Microsoft Windows Server 2008 Techical Overview Nov 2007
Technical OverviewTechnical Overview
Nguyen An QueNguyen An Que
Technology SpecialistTechnology Specialist
Microsoft VietnamMicrosoft Vietnam
[email protected]@microsoft.com
SecurityWeb Virtualization
Solid Foundation for Your Business Workloads
Windows Server 2008 pillarsWindows Server 2008 pillars
Reduces costs,increases hardwareutilization, optimizesyour infrastructure,
and improves serveravailability
Delivers rich web-based experiences
efficiently andeffectively
Providesunprecedented levelsof protection for yournetwork, your data,and your business
Most flexible and robustWindows Server operatingsystem to date
Provides the most versatile and reliable Windowsplatform for all of your workload and applicationrequirements
Management Reliability
SolidSolidFoundationFoundation
Server Manager
PowerShell
Windows DeploymentServices
Server Core
Next Generation Networking
HighAvailability Clustering
Most Flexible and Robust WindowsMost Flexible and Robust WindowsServer Operating System to DateServer Operating System to Date
TechNet ScriptCenter
Exchange Server 2007
Terminal Server
WMI, Registry, Hardware, etc.
Community-Submitted scripts
MyITForum.com
WindowsWindows PowerShellPowerShell
New Command-line shell & Scripting Language
Futures
Improves productivity & control
Accelerates automation of system admin
Easy-to-use
Works with existing scripts
Will ship in Windows
Admin GUIs layered over
PowerShell
One-to-many remote management
using WS-MGMT
SolidFoundation
PowerShellPowerShell
SolidFoundation
Server ManagerServer Manager
Product InstallationProduct Installation
Initial ConfigurationInitial Configuration
Managing Windows Server 2008Managing Windows Server 2008Solid
Foundation
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
2/7
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
3/7
Microsoft Windows Server 2008 Techical Overview Nov 2007
Windows Deployment ServicesWindows Deployment Services
Rapidly deploy Windows
operating systems
Updated and redesignedversion of Remote Installation
Services (RIS)
Server components
Client components: W inPE
Management components
Windows
Vista
Windows
Server2008
SolidFoundation Reliability and Performance MonitorReliability and Performance Monitor
SolidFoundation
Reliability and Performance MonitorReliability and Performance MonitorSolid
Foundation
Deliver Rich WebDeliver Rich Web--based Experiencesbased ExperiencesEfficiently and EffectivelyEfficiently and Effectively
InternetInformationServices 7.0
WindowsSharePointServices
WebWeb
Windows MediaServices
WebIIS 7.0: a robustWeb & Application ServerIIS 7.0: a robustWeb & Application Server
Enhanced security and reducedattack surface
Administration: UI & APPCMD& shared configuration
Delegation & true applicationXCOPY deployment
Highly customizable
Advanced troubleshooting
Windows CommunicationFoundation (WFC)
Windows Activation Service
New features in IIS 7.0New features in IIS 7.0
Web
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
4/7
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
5/7
Microsoft Windows Server 2008 Techical Overview Nov 2007
Terminal ServicesTerminal Services RemoteAppRemoteApp
Remote
Desktop client
required
Virtualization
Terminal ServicesTerminal Services
Virtualization
Hardens Operating System andHardens Operating System andIncreases Environment ProtectionIncreases Environment Protection
Read-OnlyDomain
Controller
Network AccessProtection
FederatedRights
Management
SecuritySecurity
Network Access ProtectionNetwork Access ProtectionHow it works
Not policyNot policy
compliantcompliant
11
RestrictedRestrictedNetworkNetwork
Client requests access to network and presents current
health state
1
4If not policy compliant, client is put in a restricted VLAN
and given access to fix up resources to download patches,configurations, signatures (Repeat 1 - 4)
2 DHCP, VPN or Switch/Router relays health status to
Microsoft Network Policy Server (RADIUS)
5 If policy compliant, client is granted full access to corporate network
NPS
33
Policy ServersPolicy Serverse.g. Patch, AVe.g. Patch, AV
PolicyPolicy
compliantcompliant
DHCP, VPN
Switch/Router
3 Network Policy Server (NPS) validates against IT-defined
health policy
22
Windows
Client
Fix UpFix UpServersServerse.g. Patche.g. Patch
Corporate Network5
44
33
Security Active Directory Federation ServicesActive Directory Federation Services
AD FS provides an identityaccess solution
Deploy federation servers inmultiple organizations tofacilitate business-to-
business (B2B) transactions
AD FS provides aWeb-based, SSO solution
WebServer
AccountFederation
Server
ResourceFederation
Server
Company BCompany A
Federation Trust
Security
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
6/7
Microsoft Windows Server 2008 Techical Overview Nov 2007
Federated Identity support inFederated Identity support inRights Management Service (RMS)Rights Management Service (RMS)
Together AD FS and AD
RMS enable users fromdifferent domains tosecurely share documentsbased on federatedidentities
AccountFederation
Server
ResourceFederation
Server
Company BCompany A
Federation Trust
WebSSO
Security ReadRead--Only Domain ControllerOnly Domain Controller
Head Quarter BranchOffice
FeaturesRead Only Active Directory DatabaseOnly allowed user passwords are stored on RODC
Unidirectional ReplicationRole Separation
BenefitsIncreases security for remote Domain Controllers where physical
security cannot be guaranteed
RODC
Security
BranchHeadQuarter
ReadOnly DC
How RODC WorksHow RODC Works
WindowsServer2008 DC
11
22
33
44
5566
66
Security What if a DC is stolen?What if a DC is stolen? Security
Head Quarter
BranchOffice
Branch Office BenefitsBranch Office Benefits
OptimizationDFS Replication
SecurityBitLocker
Full Volume Encryption
Server Core
Read-Only Domain Controller
AdministrationSOAP-based remote
management (WinRM)
Restartable Active Directory
SolidFoundation PKI SupportPKI Support Security
Built-in Certificate Service
Usage
Data Encryption
Digital Signature
Smart Card authentication
8/2/2019 2007.11 Que - Win 2008 Tech Overview - Handout
7/7
Microsoft Windows Server 2008 Techical Overview Nov 2007
Windows Server 2008:Windows Server 2008:A Robust Application PlatformA Robust Application Platform
Application PlatformApplication Platform
.NET Framework 3.0
IIS 7.0
Windows Activation Service
MSMQ 4.0
Windows Server 2008 SummaryWindows Server 2008 Summary
Security
NAPNAP
ReadRead--Only DCOnly DC
AD RMSAD RMS
AD Federation SvcAD Federation Svc
PKI supportPKI support
BitLockerBitLocker
Virtualization
WindowsWindowsVirtualizationVirtualization
TSGatewayTSGateway
TSRemoteAppsTSRemoteApps
Web
Modular designModular design
Less attack surfaceLess attack surface
Admin delegationAdmin delegation
APPCMDAPPCMD
Win ActivationSvcWin ActivationSvc
Tracing &Tracing &TroubleshootingTroubleshooting
Solid Foundation for Your Business WorkloadsWindows PowerShellWindows PowerShell
Server CoreServer Core
Server ManagerServer Manager
Windows Firewall withWindows Firewall withAdvancedSecurity & IPSecAdvancedSecurity & IPSec
IPv6IPv6
Failover ClusteringFailover Clustering
Reliability & PerformanceReliability & PerformanceMonitorMonitor
Windows DeploymentSvcWindows DeploymentSvc
www.m
icrosoft.com/WindowsServer2008
www.m
icrosoft.com/WindowsServer2008
More information
www.microsoft.com/WindowsServer2008
www.iis.net