37
5 Compelling Reasons to Upgrade to Windows Server 2008 R2 Presented by Aaron Harclerode MCT, MCITP: Enterprise Administrator Director of Technical Services
| Date post: | 15-May-2015 |
| Category: |
Technology |
| Upload: | springhouse-education-and-consulting-services |
| View: | 1,193 times |
| Download: | 0 times |
5 Compelling Reasons to Upgrade to Windows Server 2008 R2
Presented by Aaron Harclerode MCT, MCITP: Enterprise Administrator
Director of Technical Services
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
2
Architectural improvements in Windows Server 2008 R2
Self-Healing NTFS*
SMB 2.0*
VHD Native boot
Improved data center power consumption management
• Core parking
• Adjustment of ACPI “P-states”
• Reduces storage power consumption
3
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
4
Active Directory features in Windows Server 2008 R2
5
AD DS includes the following improvements:
• New domain and forest functional level
• Active Directory Administrative Center
• Active Directory module for Windows PowerShell and Windows PowerShell cmdlets
• Active Directory Best Practices Analyzer
• Active Directory Recycle Bin
• Active Directory Web Services
• Managed service accounts
• Offline domain join
• Authentication Mechanism Assurance
Demo
AD Administrative Center
AD Recycle Bin
AD Best Practices Analyzer
6
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
7
Hyper-V changes in R2
8
Hyper-V in
Windows Server 2008 R2
Live Migration
Dynamic virtual
machine storage
Improved VHD
performance
Enhanced processor
support &
compatibility
Enhanced networking
support
Cluster Shared Volumes
9
CSV is a feature of Failover Clustering that enables multiple nodes to concurrently access
a single shared volume
• Reduced number of disks’ logical unit numbers (LUNs)
• Better use of disk space
• Effortlessly track the paths of VHD files and other files
• Fewer CSVs to create a configuration to support clustered virtual
machines
• No specific hardware requirements
• Increased resiliency
Reasons for Live Migration
10
Hardware maintenance of physical host
Updating physical host operating system
Moving virtual machine to a more appropriate host
How Live Migration Works
11
Setting up of Live Migration
Transferring of memory pages from the source node to the destination node
Moving of the storage handle from the source to the destination
Resuming of the virtual machine on the destination server
Cleaning up of network occurs
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
12
Direct Access
13
Connects automatically to corporate network over the public network
Uses various protocols, including HTTPS, to establish IPv6 connectivity
Supports selected server access and IPSec authentication
Supports end-to-end authentication and encryption
Supports management of remote client computers
Allows remote users to connect directly to intranet servers
Features of DirectAccess
Always-on connectivity
Seamless connectivity
Bidirectional access
Improved security
Integrated solution
Benefits of DirectAccess
Direct Access Server
How Direct Access Works
14
The DirectAccess client running Windows 7 detects whether it is connected to a network
The client attempts to connect to an intranet Web site that is specified during the DirectAccess configuration
The client connects to the DirectAccess server using IPv6 and IPSec
The DirectAccess client and server authenticate each other by using computer certificates to establish the IPSec session
The DirectAccess server verifies that the computer and user are authorized to connect by using DirectAccess
The client obtains a health certificate from a Health Registration Authority (HRA) prior to connecting to the DirectAccess server
The DirectAccess server begins forwarding traffic from the DirectAccess client to the intranet resources to which the user has been granted access.
Name Resolution Policy Table
15
NRPT is a table that defines DNS servers for different namespaces and corresponding security settings. It is used before the adapter’s DNS settings.
Using NRPT:
• DNS servers can be defined for each DNS namespace rather than for each interface
• DNS queries for specific namespaces can be optionally secured by using IPsec
How a network access client determines the type of network
16
A network location server (NLS) is an internal network server that hosts an HTTPS-based URL. DirectAccess clients access the URL to determine whether they are
located on the intranet or not.
Yes
No
Network change event
Yes
No
START
Can resolve NLS FQDN?
Can contact NLS
Located on intranet
Located on public network
Located on public network
Client and server requirements
17
Server-side
• Be joined to an Active Directory domain
• Run Windows Server 2008 R2
• Have two physical network adapters installed
• Have at least two consecutive static public IPv4 addresses
Client-side
To deploy DirectAccess, the server must:
• Be joined to an Active Directory domain
• Run Windows 7 Ultimate Edition, Windows 7 Enterprise Edition, or Windows Server 2008 R2
To deploy DirectAccess, the client must:
Infrastructure requirements
18
Active Directory
Group Policy
IPv6 and transition technologies
IPv6
ICMPv6 Echo Request traffic
ICMPv6
IPSec policies
PKI
DirectAccess Server
DNS and domain controller
Direct Access Configuration
19
Steps to configure DirectAccess
• Install Windows Server 2008 R2
• Join the DirectAccess server to an Active Directory domain
• Install the DirectAccess Management feature and configure the DirectAccess server on the perimeter
network
• Enable ports and protocols needed for DirectAccess in the firewall exceptions
• Ensure that you have an IPv4 address available and that you have the ability to have that address published
in your externally-facing DNS server
• If you have disabled IPv6 on clients and servers, enable IPv6
• Create a security group in Active Directory
• Install a Web server on the DirectAccess server
• Designate one of the server network adapters as the Internet-facing interface.
• On the DirectAccess server, ensure that the Internet-facing interface is configured to be either a Public or a
Private interface.
• Add and configure the Certificate Authority server role
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
20
Enhancements for Branch Offices
21
• Read-Only DFS replicas
• BitLocker to Go
Benefits
• BranchCache
• VPN Reconnect
• URL-based Quality of Service (QoS)
• Multiple active firewall profiles
• Transparent caching and background synchronization of offline files
Networking Enhancements
Branch Cache
22
The following are the features of BranchCache:
• Reduces the network utilization on WAN connections between branch offices and the head office
• Improves the performance of applications that use HTTP, HTTPS, or SMB
• Improves the responsiveness of applications across slow WAN links
• Enables the client to retrieve data from local BranchCache
• Caches only the read requests
• Works seamlessly alongside network security technologies
Hosted cache vs distributed cache
23
Hosted Cache
Get
Search Get Offer
Request
Put
Get
Search Get
Get
Get
Get
Get
Distributed Cache
Head office
Branch office
Branch Cache Requirements
24
• Install the BranchCache feature or the BranchCache for Network Files feature on the server that is hosting the content
• Configure clients, either by using Group Policy or the netsh command
Requirements for using Branch Cache
• In the distributed cache mode, no server is required in the branch office; just Windows 7 or Windows Server 2008 R2 clients are required
• In the hosted cache mode, Windows Server 2008 R2 server must be configured for BranchCache host in the branch office
• The BranchCache host server must have a digital certificate
Requirements for distributed and hosted cache modes
Windows Server 2008 R2 feature improvements
Architectural improvements in R2
AD Features in R2
Hyper-V Changes in R2
Remote Access Changes in R2
Branch Office improvements in R2
Powershell 2.0 features
25
Powershell Improvements in R2
Powershell ISE
Remote Management
Powershell Modules
Background Jobs
Transactions
26
Powershell Demo
27
Relevant courses at Springhouse
10159 – Updating Your Windows Server 2008 Technology Specialist Skills to Windows Server 2008 R2
Microsoft Official Curriculum (MOC) Courses 6419, 6420, 6421, 6422, 6423, 6424, 6425, 6426, 6427, 6428, 6429, 6430
28
What is Virtual Desktop Infrastructure
30
Virtual Desktop Infrastructure (VDI) is a centralized desktop delivery architecture, which allows to centralize the storage, execution, and management of Windows desktops
Key Benefits of VDI
• Access to data and applications from any device
• Improved data security and compliance
• Simplified management and deployment of applications
• Improved business continuity
• Integrated management of physical, virtual, and session-based desktops
• Centralized data storage and backup
Key Deployment Scenarios of VDI are persistent virtual machines and pooled virtual machines
Types of VDI
31
Pooled virtual desktops
Personal virtual desktops
Each virtual machine is like a traditional personal computer, where user data, settings, applications, and operating systems are stored, and users have assigned a personal virtual desktop
Identically configured virtual machines are in the pool and users can connect to any of them. After users log off, all changes are discarded, so user data must be stored outside the virtual machine
How VDI works
32
A user can connect to a virtual machined based on the VDI configured for:
Personal virtual desktops
1. A user initiates the connection to the personal virtual desktop
2. The user sends the request to the RD Session Host server running in redirection mode
3. The RD Session Host server forwards the request to the RD Connection Broker server
4. The RD Connection Broker server queries AD DS and retrieves the name of the virtual machine that is assigned to the requesting user account
5. The RD Connection Broker server sends a request to the RD Virtualization Host server to start the virtual machine
6. The RD Virtualization Host server returns the IP address of the FQDN to the RD Connection Broker server
7. The RD Session Host server redirects the request to the client computer that initiated the connection
8. The client computer connects to the personal virtual desktop
Pooled virtual desktops
1. A user initiates the connection to the virtual desktop pool
2. The user sends the request to the RD Session Host server running in redirection mode
3. The RD Session Host server redirects the request to the RD Connection Broker server
4. The RD Connection Broker server verifies whether any existing session exists for the requesting user account
5. The RD Session Host server redirects the request to the client computer that initiated the connection
6. The client computer connects to the virtual desktop pool
A user can connect to a virtual machined based on the VDI configured for:
Personal virtual desktops Pooled virtual desktops
Stay Connected with Springhouse
www.linkedin.com/companies/201280
www.facebook.com/springhouseeducation
www.twitter.com/SpringhouseEduc Join in the conversation Philly TechFest hashtag #phtf10
Spend an hour over lunch (12pm – 1pm ET) with a live presentation and demonstration of topics such as: • SharePoint Document Libraries • Project 2007/Project Management Tips & Tricks • Windows 7 for IT Pros • Office 2007 and Office 2010 • and many more
Just visit www.Springhouse.com/iLearn to learn more and register for a FREE webcast!
Upcoming iLearn Topics
What's New in Microsoft Office 2010
5/17/2010
An Overview of ITIL 5/20/2010
IIS 7.0 for Developers 6/1/2010
Project Management Tips and Tricks
6/14/2010
Common Tasks with PowerShell
6/24/2010
Microsoft Excel 2007: Tips and Tricks
6/28/2010
There is no need to travel to take a live, instructor-led class with Springhouse. You can stay at home or at your office and join a class via Springhouse CONNECT, our Remote Learning System.
• Participate in the live instructor-led classroom demonstrations and labs
• Interact with the instructor and students, via high-quality conferencing equipment
• View the Instructor's Presentation, Whiteboard and Demonstrations
• Get remote hands-on help from the Instructor during labs and demos
Take ANY class via Springhouse CONNECT. Learn more at www.Springhouse.com/CONNECT
Buy 2 Classes, Get 1 Free! Or Buy 1 Class, Get 2nd for Half Price! What’s In It For Me? • You’ll Gain New Skills! • You’ll Save Money! • You’ll Increase Your Productivity!
How Do I Take Advantage? Visit www.Springhouse.com and select any course scheduled to run between May 31, 2010 and September 6, 2010. Enroll in the course using Promo Code: SUMMER2010 A Springhouse representative will contact you to register for the other discounted course.
Springhouse is making it easier for you and your organization to gain new skills and increase productivity while maximizing your budget. For full details of the program visist www.Springhouse.com/Summer-of-Learning
Exton, PA – May 13th Malvern, PA – June 29th Reston, VA - May 14th Richmond, VA – June 2nd & 11th Washington, DC – June 30th For full event details and registration visit www.springhouse.com/events
Event Overview This one-day Windows 7 Migration Clinic dives deep into the migration and deployment planning strategies for Windows 7. Through a series of in-depth presentations and exercise demonstrations, we will highlight the new tools and technologies designed to enable successful Windows 7 migrations and deployments.
Upcoming Windows 7 Migration Clinics
