Microsoft IT's Top Five Management and Operations Features in Window Server 2008

Article

Published: March 07, 2008

Although the deployment of the Windows Server® 2008 operating system is still in its relatively early stages, Microsoft Information Technology (Microsoft IT) has already discovered noticeable benefits in the day-to-day management and operation of its network environment as Windows Server 2008 makes its debut in data centers across the enterprise.

Microsoft IT manages one of the largest network infrastructures in the world in addition to being the first and best customer of Microsoft. Being an early adopter of Windows Server 2008 has provided Microsoft IT the opportunity to learn firsthand how some of the new and enhanced features have made significant impacts in its day-to-day operations. Following are five key reasons why Microsoft IT is excited about the management and operational enhancements in Windows Server 2008.

1. Component-Based Architecture

Windows Server 2008 reflects a fundamental change to the underlying operating system that presents a departure from previous operating system architectures. With the componentization of Windows Server 2008 into features, roles, and services, Microsoft IT has seen considerable changes to the server deployment process and the patch management process.

The fresh installation of Windows Server 2008 results in a closed environment with minimal footprint because not all of the features and roles are installed by default. This translates into a reduction in the amount of time required to put a server into production because it avoids the traditional delays in having to harden the operating system. Microsoft IT is able to deploy a new server and then use the role and component management tools to carry out a series of standard commands to configure the new server with the appropriate features, roles, and services. On “full server” installations, these tools include the Server Manager graphical user interface (GUI) and command-line tools, a rich set of tools that the operating system now includes by default, and scripts that work with standard Windows® Management Instrumentation (WMI) and Windows PowerShell™ interfaces. All of this results in a quick time to deployment and a high level of consistency for an enterprise that is constantly rolling out new systems.

The component-based architecture has also enabled Microsoft IT to reduce the number of restarts required when updates are installed. Many components in the past were not able to unload the binaries and thus forced post-update restarts. Today, with Windows Server 2008, Microsoft IT can confidently install updates knowing that the operating system architecture has the savvy to manage the binaries in a manner that can greatly reduce the restart requirement.

2. Virtualization with Hyper-V

Microsoft IT is excited about the potential of virtualization and the impact the Hyper-V platform will have on the thousands of servers across the globe that are in operation at Microsoft . Microsoft IT has invested a great deal of time, effort, and brainpower to design and deploy the future of the Microsoft network on top of the Hyper-V™ technology in Windows Server 2008.

Microsoft IT is nearing the 20 percent virtualized mark in its production and pre-production environments as of March 2008, accomplishing this on Microsoft Virtual Server 2005 R2 with Service Pack 1 (SP1). It has identified a deployment target of 80 percent of all new server instances into virtual machines on Hyper-V and a goal of 50 percent of total Microsoft IT servers virtualized in the next 12-18 months. The reduction in physical operations space and power consumption alone will result in substantial financial savings.

3. BitLocker

As part of trustworthy computing initiatives, the addition of Microsoft BitLocker™ drive encryption to Windows Server 2008 helps Microsoft IT protect the data servers from offline attacks or information breaches, which might otherwise result from hardware leaving the physical confines of the corporation (whether through provisioning activities, service, or theft). Many of the newer server deployments include the trusted platform module (TPM) used for natively supporting BitLocker. Servers that do not include TPM can be encrypted via BitLocker and internal universal serial bus (USB) devices.

4. Native Storage Management Tools

Microsoft requires an extraordinary amount of data storage capacity across the enterprise. Much of that requirement comes from the need to anticipate storage needs beyond current usage and to provide redundancy for both used and allocated storage capacity. Microsoft IT has seen terabytes worth of storage reclamation from the new storage management features introduced in Windows Server 2008 that enable the shrinking and growing of storage as needed.

5. Windows Firewall Management and GPOs

As with any other organization, security is a key concern at Microsoft. While Windows Firewall has undergone extensive improvements in functionality, enhanced Group Policy object (GPO) settings have made management easier than ever. GPO has enabled Microsoft IT to centrally manage inbound and outbound rules as well as connection security rules that use Internet Protocol security (IPsec) to provide data security across the enterprise. Whereas other organizations might look to disable a host-based firewall on the internal network, Microsoft IT takes advantage of the administrative power of GPO to enhance network security by properly managing the firewall instead of simply disabling it.

For More Information

For more information about Microsoft products or services, call the Microsoft Sales Information Center at (800) 426-9400. In Canada, call the Microsoft Canada information Centre at (800) 563-9048. Outside the 50 United States and Canada, please contact your local Microsoft subsidiary. To access information through the World Wide Web, go to:

http://www.microsoft.com

http://www.microsoft.com/technet/itshowcase

© 2008 Microsoft Corporation. All rights reserved.

This document is for informational purposes only. MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY. Microsoft, BitLocker, Hyper-V, Windows, Windows PowerShell, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries. The names of actual companies and products mentioned herein may be the trademarks of their respective owners.