Windows Server 2008: Increase security and simplify IT management
Administration, security, remote access, and virtualization are major concerns for IT managers at midsize businesses. Here's how new features in Microsoft's Windows Server 2008 can help.
In summary:
| • | New installation options and management interfaces in Windows Server 2008 simplify administration and reduce costs. |
| • | Many of the features that simplify administration also strengthen security. |
| • | The new server operating system also eases remote access and virtualization support. |
Though information technology is constantly evolving, some IT challenges never lose their urgency: Administration costs, tight security, and remote access are three perennial concerns. Increasingly, IT managers also want to gain efficiencies through server virtualization.
Microsoft Windows Server 2008 includes features designed to help IT departments address these and other common systems management challenges.
New administration tools
System maintenance, operations, and support costs account for 76 percent of a typical corporate IT budget, according to Cambridge, Massachusetts–based Forrester Research, Inc.
 | For the first time, you'll be able to configure [databases] so that critical processes have the resources they need to support high-priority business functions. |  | | David Portas
Conchango plc, London
| |
|
Here are a few ways that Windows Server 2008 can help lower some of these costs.
| • | Server Core installation option. Most organizations use dedicated servers for crucial network tasks, such as providing file and print or domain name systems (DNS) services. (The latter refers to a technology that translates URLs into the IP addresses that networks use to route information.) Server Core allows you to install only the essential operating system components that are required to perform such tasks. The end result is a server with fewer applications and services to maintain, which saves the IT department a significant amount of time. |
| • | Read-only domain controller (RODC). This option enables organizations to deploy domain controllers (servers that authenticate users when they log on to the network) at remote sites that local employees can't modify. Because they are "read-only" devices, such servers require hands-on attention from the IT department only when hardware fails. "That's going to be a very nice feature for offices where there are no administrators," notes Sean Tull, head of the Microsoft software practice at Microsoft Gold Certified integrator Netarx, Inc., in Farmington Hills, Michigan. |
| • | Windows PowerShell. This feature allows IT staff to use command-line scripts, rather than the graphical user interface, to perform volume maintenance tasks. For example, a company that has completed an acquisition can import hundreds of new user accounts at once instead of adding them individually. Windows PowerShell also helps simplify routine maintenance chores by allowing the IT department to schedule activities such as backups and defragmentations automatically. |
| • | Server Manager.This new management interface provides centralized tools to install, configure, and administer your servers. (Windows Server 2003 provided separate interfaces for each of these functions.) |
| • | User Account Control (UAC). Here's a way to prevent your network administrators from inadvertently causing a lot of damage. UAC asks technicians for confirmation before executing potentially harmful commands, such as disconnecting a network card or deleting a system file. |
Simpler security
Some of the same features in Windows Server 2008 that help simplify administration also help strengthen security. For example, because it eliminates non-essential components, Server Core reduces the operating system's exposure to attacks: Hackers have fewer potential entry points. Similarly, the RODC feature helps you protect domain controllers from tampering or theft; even if a cybercriminal physically gains access to a read-only domain controller, he can't modify its settings or use it to break into your network. To further protect servers at remote sites, Windows Server 2008 comes with BitLocker Drive Encryption technology.
Another new feature, called Network Access Protection (NAP), allows you to define requirements that client devices must comply with before they can connect with the network. For example, you can have Windows Server 2008 automatically identify computers that don't have the latest antivirus software. "That's [significant] for midsize businesses, because it saves the IT department from having to check computers for compliance with security policies all the time," says Arnon Avitzur, a senior product manager in the Microsoft small and midsize solutions and partners group. NAP can automatically install missing safeguards on computers that fail inspection, or provide limited network services until an employee or technician makes the necessary updates manually.
Improved remote access
Roughly 41 percent of U.S. and European employees spend the equivalent of one day a week away from the office, according to Yankee Group Research, Inc., in Boston. Windows Server 2008 helps simplify the IT department's support of mobile workers. For example, terminal servers can be an efficient way to provide remote access to accounting and business applications. But many terminal server systems take complete control of PCs and, therefore, deny access to locally installed programs, such as the 2007 Microsoft Office system. Using the Terminal Services RemoteApp and Terminal Services Web Access features in Windows Server 2008, however, mobile employees can run both remotely based business systems and local applications, such as Microsoft Office Excel 2007, simultaneously. That makes using remote applications more convenient and can reduce the amount of software that IT departments must deploy, secure, and maintain on remote computers.
Integrated virtualization
Consolidating services and applications on fewer, more powerful servers can reduce hardware-related expenses by 20 percent, according to the Stamford, Connecticut–based global research firm, Gartner, Inc. Like Microsoft Windows Virtual Server 2005, the virtualization component of Windows Server 2008 enables a single server to function like multiple virtual machines. Unlike Virtual Server 2005, however, Windows Server 2008 virtualization is an integrated operating system component, which means better performance and scalability, experts say.
To learn more, watch the preview webcast, or visit the Windows Server 2008 site in the Midsize Business Center.
 | Rich Freeman is a Seattle, Washington-based freelance writer specializing in business and technology. He has more than 14 years of strategic marketing and communications experience in the IT industry. |
