Brandon Kelly
IT221 - E-2 Fall 2011
Instructor: Stephen Todd
12-17-2011
Question 1 - Why does Windows Server 2008 come in different versions? What is the significance of each version?
Most editions of Windows Server 2008 are available in x86-64 and IA-32 versions. Windows Server 2008 for Itanium-based Systems supports IA-64 processors. Microsoft has optimized the IA-64 version for high-workload scenarios like database servers and Line of Business (LOB) applications. As such it is not optimized for use as a file server or media server. Microsoft has announced that Windows Server 2008 is the last 32-bit Windows server operating system. Windows Server 2008 is available in the editions listed below, similar to Windows Server 2003.
• Windows Server 2008 Standard (IA-32 and x86-64) Windows Server 2008 Standard is one of Microsoft 's entry level server offerings (alongside Windows Web Server 2008) and is one of the least expensive of the various editions available. Both 32-bit and 64-bit versions are available, and in terms of hardware Standard Edition supports up to 4GB of RAM and 4 processors.
Windows Server 2008 is primarily targeted and small and mid-sized businesses (SMBs) and is ideal for providing domain, web, DNS, remote access, print, file and application services. Support for clustering, however, is notably absent from this edition.
An upgrade path to Windows Server 2008 Standard is available from Windows 2000 Server and Windows Server 2003 Standard Edition. • Windows Server 2008 Enterprise (IA-32 and x86-64) Windows Server 2008 Enterprise Edition provides greater functionality and scalability than the Standard Edition. As with Standard Edition both 32-bit and 64-bit versions are available. Enhancements include support for as many as 8 processors and up to 64GB of RAM on 32-bit systems and 2TB of RAM on 64-bit systems.
Additional features of the Enterprise edition include support for clusters of up to 8 nodes and Active Directory Federated Services (AD FS).
Windows Server 2000, Windows 2000 Advanced Server, Windows Server 2003 Standard Edition and Windows Server 2003 Enterprise Edition may all be upgraded to Windows Server 2008 Enterprise Edition. • Windows Server 2008 Datacenter (IA-32 and x86-64) The Datacenter edition represents the top end of the Windows Server 2008 product range and is targeted at mission critical enterprises requiring stability and high uptime levels. Windows Server 2008 Datacenter edition is tied closely to the underlying hardware through the implementation of custom Hardware Abstraction Layers (HAL). As such, it is currently only possible to obtain Datacenter edition as part of a hardware purchase.
As with other versions, the Datacenter edition is available in 32-bit and 64-bit versions and supports 64GB of RAM on 32-bit systems and up to 2TB of RAM on 64-bit systems. In addition, this edition supports a minimum of 8 processors up to a maximum of 64.
Upgrade paths to Windows Server 2008 Datacenter Edition are available from the Datacenter editions of Windows 2000 and 2003.
• Windows HPC Server 2008 (Codenamed "Socrates") (replacing Windows Compute Cluster Server 2003) Windows HPC Server 2008 R2, the Microsoft third-generation HPC solution, provides a comprehensive and cost-effective solution for harnessing the power of high-performance computing. Out-of-the-box, world-class performance, and scalability enable organizations of all sizes to rapidly deploy solutions ranging from personal HPC workstations to large clusters spanning thousands of nodes. Customers can lower both their operating and capital costs. Windows HPC Server 2008 R2 integrates easily with existing IT infrastructure to enable end users to access HPC resources using familiar Windows-based technologies. With a tightly integrated set of dedicated cluster and parallel development tools, anchored around Visual Studio 2010, developers can build robust and scalable HPC applications easily and quickly. Windows HPC Server 2008 R2 is complemented by a rich ecosystem of SI, ISV, and OEM partners to ensure that customers have access to the applications of their choice and the resources required to successfully run them. • Windows Web Server 2008 (IA-32 and x86-64) Windows Web Server 2008 is essentially a version of Windows Server 2008 designed primarily for the purpose of providing web services. It includes Internet Information Services (IIS) 7.0 along with associated services such as Simple Mail Transfer Protocol (SMTP) and Telnet. It is available in 32-bit and 64-bit versions and supports up to 4 processors. RAM is limited to 4GB and 32GB on 32-bit and 64-bit systems respectively.
Windows Web Server 2008 lacks many of the features present in other editions such as clustering, BitLocker drive encryption, multipath I/O, Windows Internet Naming Service (WINS), Removable Storage Management and SAN Management • Windows Storage Server 2008 (Codenamed "Magni") (IA-32 and x86-64) Minimal information found. • Windows Small Business Server 2008 (Codenamed "Cougar") (x86-64) for small businesses Minimal information found. • Windows Server 2008 for Itanium-based Systems Windows Server 2008 R2 for Itanium-Based Systems delivers an enterprise-class platform for deploying business-critical applications. Scale database, line-of-business, and custom applications to meet growing business needs. Windows Server 2008 R2, SQL Server 2008 R2 and the current 2010 line-up of our Developer Tools, plus associated .NET frameworks, will be the last iterations in each product line to support the Intel Itanium processor and associated OEM server platforms. • Windows Server 2008 Foundation (Codenamed "Lima") Windows Server 2008 R2 Foundation is a cost-effective, entry-level technology foundation targeted at small business owners and IT generalists supporting small businesses. Foundation is an inexpensive, easy-to-deploy, proven, and reliable technology that provides organizations with the foundation to run the most prevalent business applications as well as share information and resources.
Server Core is available in the Web, Standard, Enterprise and Datacenter editions. It is not available in the Itanium edition. Server Core is simply an alternate installation option supported by some of the editions, and not a separate edition by itself. Each architecture has a separate installation DVD. The 32-bit version of Windows Server 2008 Standard Edition is available to verified students for free through Microsoft 's DreamSpark program.
Question 2 - What are the new features or enhancements made to Windows Server 2008? How is Windows Server 2008 different from Windows Server 2003?
Core OS improvements
• Fully multi-componentized operating system. • Improved hot patching, a feature that allows non-kernel patches to occur without the need for a reboot. • Support for being booted from Extensible Firmware Interface (EFI)-compliant firmware on x86-64 systems. • Dynamic Hardware Partitioning o Support for the hot-addition or replacement of processors and memory, on capable hardware.
Active Directory improvements
• Read-only domain controllers (RODCs) in Active Directory, intended for use in branch office or other scenarios where a domain controller may reside in a low physical security environment. The RODC holds a non-writeable copy of Active Directory, and redirects all write attempts to a Full Domain Controller. It replicates all accounts except sensitive ones.[citation needed][clarification needed] In RODC mode, credentials are not cached by default. Moreover, only the replication partner of the RODC needs to run Windows Server 2008.[clarification needed] Also, local administrators can log on to the machine to perform maintenance tasks without requiring administrative rights on the domain. • Restartable Active Directory allows ADDS to be stopped and restarted from the Management Console or the command-line without rebooting the domain controller. This reduces downtime for offline operations and reduces overall DC servicing requirements with Server Core. ADDS is implemented as a Domain Controller Service in Windows Server 2008.
Policy related improvements
• All of the Group Policy improvements from Windows Vista are included. Group Policy Management Console (GPMC) is built-in. The Group Policy objects are indexed for search and can be commented on. • Policy-based networking with Network Access Protection, improved branch management and enhanced end user collaboration. Policies can be created to ensure greater Quality of Service for certain applications or services that require prioritization of network bandwidth between client and server. • Granular password settings within a single domain - ability to implement different password policies for administrative accounts on a "group" and "user" basis, instead of a single set of password settings to the whole domain.
Disk management and file storage improvements
• The ability to resize hard disk partitions without stopping the server, even the system partition. This applies only to simple and spanned volumes, not to striped volumes. • Shadow Copy based block-level backup which supports optical media, network shares and Windows Recovery Environment. • DFS enhancements - SYSVOL on DFS-R, Read-only Folder Replication Member. There is also support for domain-based DFS namespaces that exceed the previous size recommendation of 5,000 folders with targets in a namespace. • Several improvements to Failover Clustering (High-availability clusters). • Internet Storage Naming Server (iSNS) enables central registration, deregistration and queries for iSCSI hard drives.
Protocol and cryptography improvements
• Support for 128- and 256-bit AES encryption for the Kerberos authentication protocol. • New cryptography (CNG) API which supports elliptic curve cryptography and improved certificate management. • Secure Socket Tunneling Protocol, a new Microsoft proprietary VPN protocol. • AuthIP, a Microsoft proprietary extension of the IKE cryptographic protocol used in IPsec VPN networks. • Server Message Block 2.0 protocol in the new TCP/IP stack provides a number of communication enhancements, including greater performance when connecting to file shares over high-latency links and better security through the use of mutual authentication and message signing.
Miscellaneous improvements
• Windows Deployment Services replacing Automated Deployment Services and Remote Installation Services. Windows Deployment Services (WDS) support an enhanced multicast feature when deploying operating system images. • Internet Information Services 7 - Increased security, Robocopy deployment, improved diagnostic tools, delegated administration. • Windows Internal Database, a variant of SQL Server Express 2005, which serves as a common storage back-end for several other components such as Windows System Resource Manager, Windows SharePoint Services and Windows Server Update Services. It is not intended to be used by third-party applications. • An optional "Desktop Experience" component provides the same Windows Aero user interface as Windows Vista, both for local users, as well as remote users connecting through Remote Desktop.
Question 3 - Why is 64-bit architecture an advantage?
Advantages of 64-bit hardware and software
Memory addressability
Physical memory
A 32-bit system architecture can directly address only a 4-GB address space. A 64-bit system architecture that is running a 64-bit edition of Windows Server can support up to 1,024 GB of both physical and addressable memory.
Virtual memory
The 64-bit editions of Windows Server can address 16 terabytes of virtual memory by using a flat addressing model. Virtual memory is divided equally between virtual address space for applications and the operating system. Even 32-bit applications can benefit from increased virtual memory address space when they are running in a 64-bit environment. For example, although a 32-bit application is still restricted to 4 GB of virtual memory, it no longer has to share that memory space with the operating system. As a result, it receives an effective increase in available virtual memory.
Continuous memory
Poor performance in 32-bit systems is often not the result of a lack of available memory, but the unavailability of large enough blocks of continuous memory. In a typical Windows SharePoint Services 3.0 deployment, Windows, Internet Information Services (IIS), common language runtime (CLR), ASP.NET, SharePoint Products and Technologies, SSPs, and MDACs can all claim a portion of a server’s available virtual memory and can leave a 32-bit address space quite fragmented. When the CLR or SharePoint services request new memory blocks, it can be difficult to find a 64-MB segment in the crowded 32-bit address space. A 64-bit system offers practically unlimited address space for user mode processes.
Better parallel processing
A server that is using 32-bit architecture is limited to 32 CPUs. Improvements in parallel processing and bus architectures enable 64-bit environments to support as many as 64 processors and provide almost linear scalability with each additional processor.
Faster bus architecture
A 64-bit architecture provides more and wider general-purpose registers, which contribute to greater overall application speed. When there are more registers, there is less need to write persistent data to memory and then have to read it back just a few instructions later. Function calls are also faster in a 64-bit environment because as many as four arguments at a time can be passed in registers to a function.
More secure
The 64-bit editions of Windows Server offer the following enhanced security features:
Buffer overflow protection
A buffer overflow occurs when a data buffer is congested with more data than it is designed to handle. In 64-bit editions of Windows Server, the first parameters of a procedure call are passed in registers. As a result, it is less likely that the buffer will overflow, because the correct values have to be set up in registers and the variables and addresses have to be aligned on the stack.
Data execution protection
The 64-bit processors made by AMD and Intel include hardware support for data execution prevention (DEP). Windows Server uses DEP to prevent malicious code from being able to execute, even when a buffer overrun occurs. Even without a processor that supports DEP, Windows Server can detect code that is running in memory locations where it should not be.
Patch Guard
Microsoft Patch Guard technology prevents non-Microsoft programs from patching the Windows kernel. This technology prevents kernel mode drivers from extending or replacing kernel services, including system service dispatch tables, the interrupt descriptor table (IDT), and the global descriptor table (GDT). Third-party software is also prevented from allocating kernel stacks or patching any part of the kernel.
Better scalability
In a 64-bit environment, not only can database servers gain nearly unlimited virtual memory address space, but they also gain support for more physical memory. It is possible for a 64-bit server that is running 64-bit editions of Windows Server and SQL Server to get very large working data sets entirely into RAM, thereby improving performance and scalability. In addition, the number of application servers that are required to support a given user base can be substantially reduced because a 64-bit environment does not require worker processes to cycle as often. This reduced cycling results in fewer lost connections, improved I/O handling, and a better user experience.
Lower total cost of ownership
All the benefits of 64-bit operation that are listed in the previous sections enable you to do more with less. A 64-bit environment allows you to manage more data, serve more users, and run more applications while using less hardware. By reducing hardware, you are also able to reduce license, operations, and infrastructure costs. It takes up less floor space in your data center and costs less to maintain. Finally, because a Windows SharePoint Services 3.0 farm that uses 64-bit hardware and software provides more room for growth, you can spend less over time on equipment because the life cycle of your equipment is likely to be longer.
Question 4 - Explain the new features of Windows Server 2008, such as Server Core, Virtualization, and
PowerShell. What is the role of these features and how will they improve efficiency in administering Windows?
Server Core
Windows Server 2008 includes a variation of installation called Server Core. Server Core is a significantly scaled-back installation where no Windows Explorer shell is installed. All configuration and maintenance is done entirely through command line interface windows, or by connecting to the machine remotely using Microsoft Management Console. However, Notepad and some control panel applets, such as Regional Settings, are available.
Server Core does not include the .NET Framework, Internet Explorer, Windows PowerShell or many other features not related to core server features. A Server Core machine can be configured for several basic roles: Domain controller/Active Directory Domain Services, ADLDS (ADAM), DNS Server, DHCP Server, file server, print server, Windows Media Server, IIS 7 Web server and Hyper-V virtual server. Server Core can also be used to create a cluster with high availability using failover clustering or network load balancing.
Andrew Mason, a program manager on the Windows Server team, noted that a primary motivation for producing a Server Core variant of Windows Server 2008 was to reduce the attack surface of the operating system, and that about 70% of the security vulnerabilities in Microsoft Windows from the prior five years would not have affected Server Core.
Hyper-V
Hyper-V is hypervisor-based virtualization software, forming a core part of Microsoft 's virtualization strategy. It virtualizes servers on an operating system 's kernel layer. It can be thought of as partitioning a single physical server into multiple small computational partitions. Hyper-V includes the ability to act as a Xen virtualization hypervisor host allowing Xen-enabled guest operating systems to run virtualized. A beta version of Hyper-V shipped with certain x86-64 editions of Windows Server 2008, prior to Microsoft 's release of the final version of Hyper-V on 26 June 2008 as a free download. Also, a standalone version of Hyper-V exists; this version only supports the x86-64 architecture. While the IA-32 editions of Windows Server 2008 cannot run or install Hyper-V, they can run the MMC snap-in for managing Hyper-V.
Server Manager
Server Manager is a new roles-based management tool for Windows Server 2008. It is a combination of Manage Your Server and Security Configuration Wizard from Windows Server 2003. Server Manager is an improvement of the Configure my server dialog that launches by default on Windows Server 2003 machines. However, rather than serve only as a starting point to configuring new roles, Server Manager gathers together all of the operations users would want to conduct on the server, such as, getting a remote deployment method set up, adding more server roles etc., and provides a consolidated, portal-like view about the status of each role.
Windows Powershell
Windows PowerShell is Microsoft 's task automation framework, consisting of a command-line shell and associated scripting language built on top of, and integrated with the .NET Framework. PowerShell provides full access to COM and WMI, enabling administrators to perform administrative tasks on both local and remote Windows systems.
Question 5 - What is a Read Only Domain Controller (RODC) and what are its advantages? What are the security and administrative issues addressed by a RODC?
A read-only domain controller (RODC) is a new type of domain controller in the Windows Server 2008 operating system. With an RODC, organizations can easily deploy a domain controller in locations where physical security cannot be guaranteed. An RODC hosts read-only partitions of the Active Directory Domain Services (AD DS) database.
Before the release of Windows Server 2008, if users had to authenticate with a domain controller over a wide area network (WAN), there was no real alternative. In many cases, this was not an efficient solution. Branch offices often cannot provide the adequate physical security that is required for a writable domain controller. Furthermore, branch offices often have poor network bandwidth when they are connected to a hub site. This can increase the amount of time that is required to log on. It can also hamper access to network resources.
Beginning with Windows Server 2008, an organization can deploy an RODC to address these problems. As a result, users in this situation can receive the following benefits: • Improved security • Faster logon times • More efficient access to resources on the network
Inadequate physical security is the most common reason to consider deploying an RODC. An RODC provides a way to deploy a domain controller more securely in locations that require fast and reliable authentication services but cannot ensure physical security for a writable domain controller.
However, your organization may also choose to deploy an RODC for special administrative requirements. For example, a line-of-business (LOB) application may run successfully only if it is installed on a domain controller. Or, the domain controller might be the only server in the branch office, and it may have to host server applications.
In such cases, the LOB application owner must often log on to the domain controller interactively or use Terminal Services to configure and manage the application. This situation creates a security risk that may be unacceptable on a writable domain controller.
An RODC provides a more secure mechanism for deploying a domain controller in this scenario. You can grant a non-administrative domain user the right to log on to an RODC while minimizing the security risk to the Active Directory forest.
You might also deploy an RODC in other scenarios where local storage of all domain user passwords is a primary threat, for example, in an extranet or application-facing role.
References – Works Cited
"AD DS: Read-Only Domain Controllers." Microsoft TechNet: Resources for IT Professionals. Web. 07 Dec. 2011.
"Windows Server 2008." Wikipedia, the Free Encyclopedia. Web. 12 Dec. 2011.
Ward10/08/2007, Keith. "Top 10 Overlooked Windows Server 2008 Features, Part 2 -- Redmond Developer News." Powering the Windows Software Revolution -- Redmond Developer News. Web. 03 Jan. 2012
"Windows Server 2008 Editions and System Requirements - Techotopia." Main Page - Techotopia. Web. 05 Jan. 2012.
"Microsoft Windows Server 2008 R2 Editions." Web. 03 Jan. 2012.
"Windows PowerShell." Wikipedia, the Free Encyclopedia. Web. 01 Jan. 2012.
References: – Works Cited "AD DS: Read-Only Domain Controllers." Microsoft TechNet: Resources for IT Professionals. Web. 07 Dec. 2011. "Windows Server 2008." Wikipedia, the Free Encyclopedia. Web. 12 Dec. 2011. Ward10/08/2007, Keith. "Top 10 Overlooked Windows Server 2008 Features, Part 2 -- Redmond Developer News." Powering the Windows Software Revolution -- Redmond Developer News. Web. 03 Jan. 2012 "Windows Server 2008 Editions and System Requirements - Techotopia." Main Page - Techotopia. Web. 05 Jan. 2012. "Microsoft Windows Server 2008 R2 Editions." Web. 03 Jan. 2012. "Windows PowerShell." Wikipedia, the Free Encyclopedia. Web. 01 Jan. 2012.
You May Also Find These Documents Helpful
-
After reviewing the clients standard needs to upgrade the businesses operating systems and their current computer specifications as provided I have to come to two conclusions. The first thing I would like to say is that with 1 GB ram, 1.8 GHz processor and a DirectX 9 graphics adapter with WDDM it will be possible at minimum to upgrade to a windows 7 operating system. The version that I would recommend for the company is Windows 7 professional because it provides data protection with advanced network backup and EFS. This edition was designed for a business environment and can be centrally managed by a domain controller which would be perfect for the main office at the same time supporting the external computers running at the warehouse across town.…
- 283 Words
- 1 Page
Satisfactory Essays -
1. Active directory is controlled from an Active Directory server. The server is accessed by an administrator and then the changes that are made on the AD infrastructure is replicated to all workstations and users that login. AD exists in one location and replicated or issues out the permissions, rules, and roles out to the objects it is managing.…
- 257 Words
- 1 Page
Satisfactory Essays -
lower your attack surface, Windows 2008 Server Core would be installed on a group of your servers.…
- 235 Words
- 2 Pages
Satisfactory Essays -
The windows server installation option of Windows Server 2008 gives you a stripped down version of the operating system. There is no start menu, no desktop explorer shell, no MMC console, and no graphic applications. All you see when you start the computer is a single window with a command prompt.…
- 431 Words
- 2 Pages
Satisfactory Essays -
Server Core is a stripped down version of the Operating System, where there is no start menu, no Microsoft Management Console (MMC) console, and virtually no graphical applications.…
- 1432 Words
- 7 Pages
Powerful Essays -
In the future, you will need to configure your server to perform certain tasks, using tools and services that Windows Server 2008 does not install by default. In this exercise, use the Server Manager console to configure the server and install these tools and services.…
- 512 Words
- 3 Pages
Good Essays -
• Domain and forest functional levels are new features of Windows Server 2008. The levels…
- 393 Words
- 2 Pages
Satisfactory Essays -
2.) Windows 7 editions Windows 7, a major release of the Microsoft Windows operating system, was available in six different editions: Starter, Home Basic, Home Premium, Professional, Enterprise and Ultimate…
- 2058 Words
- 7 Pages
Powerful Essays -
5. The only operating system edition that you can upgrade in-place to Windows 7 Professional is Windows 7 Home Premium.…
- 750 Words
- 3 Pages
Satisfactory Essays -
(64 bit), 16 GB available HDD space (32 bit) or 20 GB (64 bit), DirectX 9 graphics with WDDM 1.0 or higher.…
- 444 Words
- 2 Pages
Satisfactory Essays -
* SQL Server version 8.0 / SQL Server version 2000: SQL Server version 2000 was the first one made of IA-64 architecture. Several advancements have been made in SQL Server version 2000 which improved its performance. Later in the year 2003, SQL Server version 2000 with 64-bits was released.…
- 1606 Words
- 7 Pages
Powerful Essays -
The only server roles discussed in this lesson that are not included with the Windows Server 2008 product are _________ and _________.…
- 489 Words
- 2 Pages
Satisfactory Essays -
D) Active Directory Rights Management Services can control what a user is allowed to do with data on a server. You can control printing, copying, transferring and so on.…
- 285 Words
- 2 Pages
Satisfactory Essays -
12. Which edition of Vista comes packaged with a 32-bit DVD as well as a 64-bit DVD?…
- 1910 Words
- 8 Pages
Powerful Essays -
2. Your IT director heard about a fast but inexpensive new computer and purchased it to be the…
- 7254 Words
- 30 Pages
Satisfactory Essays