We had a bite-sized preview of Windows Server 2016 back in October 2014, but now, it is finally here! And, boy oh boy, the wait was well worth it. Do you want to talk about a powerhouse server? Well, this is it. Microsoft is taking its server line seriously again, and so are we. In addition, there are some major developments with the cloud, microservices, and containers. Watch out VMware, this server behemoth is coming for you.
It’s Bold, Baby
There was a time when Microsoft was the main player in the software, server, and services world. Then, it experienced a bit of a retreat. Well, hiding in the corner no longer, Windows Server 2016 is going bold with a wide swath of improvements including:
- Networking and storage
- Software-defined networking
- Server management
In fact, Server 2016 can easily share files and run applications such as Exchange and SQL server for businesses of any size. While it comes with the traditional n-tier client-server architecture, it also supports applications built utilizing containers and microservices.
This is the start of a new direction for the Microsoft OS, as Windows Server 2016 offers a variety of new features that focus on virtualization and cloud computing. Yowza!
You Want Security? You’ve Got It!
Most of the press has focused on containers and Nano Server – which, are well-deserving of all the publicity. But while every new Windows release improves upon security, Windows Server 2016 takes it to a new level with the new Virtual Secure Mode. This allows the Windows OS to offload some of its security functions to the hardware, instead of executing every one of those functions at the software level.
This is an infrastructure-level component that includes on-chip virtualization extensions. The hypervisor sits on top of the CPU, ensuring virtual machines are seriously isolated from one another. So, if you don’t like being exposed – and frankly, who does? – then you should look into Virtual Secure Mode.
Yet, this platform is used for Credential Guard, which was designed to prevent user credentials from being compromised. The authentication process offered by Local Security Authority (LSA) is also interactive. Moreover, Credential Guard moves the LSA into Isolated User Mode which is the virtualized space created by Virtual Secure Mode.
It gets better. Memory used by LSA is isolated, just like the virtual machine’s memory. Furthermore, it:
- Manages the local security policy;
- Manages the system’s audit policy; and
- Generates security tokens.
Then there is the fact that drivers cannot run in Isolated User Mode. Folks, that’s not all. There is also the Design Guard feature which ensures kernel-level integrity of running code. Essentially, only trusted code is allowed to run.
Another issue that Microsoft addressed is the ability to copy a virtual machine’s virtual hard disk to removable media. Well, Windows Server 2016 is not having it! It offers the Host Guardian Service which enables a Hyper-V host to be set up to act as a guarded host. It also allows the use of shielded virtual machines, where the virtual hard disks are encrypted through virtual TPM.
If the virtual hard disk is removed, it cannot be accessed and the virtual machine cannot be run. It is encrypted with a transport key, which is protected by the Host Guardian Service. Take that, hackers!
Hyper-V Containers and Microservices For the Win
Windows Server 2016 has added a container option, called Hyper-V containers. Powered by Hyper-V virtualization technology, they are Docker-manageable containers that add another isolation layer.
You see, Hyper-V will run around the container instead of the entire OS. If you love sandboxing and more control, then you will be pleased. Plus, it is quite beneficial if you want to run Windows Server in multi-tenant configurations.
Also, a new deployment option for Windows Server 2016 is Nano Server, which has a smaller footprint with no local GUI. Using PowerShell scripts or the web-based graphical tools within the Azure portal is the recommended choice for working remotely.
Hyper-V is no longer the clunky wallflower compared to VMware’s vSphere. Oh, no, Hyper-V is now besting vSphere in many ways. You should also consider that the Nano Server supports Hyper-V as well as ASP.Net, yet, it is truly designed to work with containers. Not to mention, a Docker management engine is built into Windows Server 2016.
Because the Hyper-V container has more security and isolation, you don’t have to have the same kernel running in the container as the underlying server. You can also hot-add memory, there is better security for Linux VMs, you get a much-improved backup and improved virtual network adapters. Is Microsoft really just taunting its competitors?
The Software-designed Data Center is Built for the Future
Large businesses continue to move toward software-defined networking and storage, either for hybrid and private clouds or ubiquitous virtualization. For the data center, you get a sophisticated and contemporary network as well as storage features with commodity hardware.
Some of the networking features come directly from Microsoft Azure, such as a programmable network controller and load balancer. And, you can upgrade all of the servers in a Hyper-V or Scale-Out File Server cluster with zero downtime. Yes, you read that right. Zero downtime!
If you want to take your time moving everything to the new OS, you can run as a mixed-mode cluster. Plus, with new versions of Storage Spaces and Storage Spaces Direct, you can save money using the JBOD for cluster storage. With the new Storage QoS, you get improved resource sharing with the ability to set policies guaranteeing minimum and maximum IOPS. Previously, you would have needed expensive hardware like SANs – but, not anymore! This deserves a round of applause.
With Windows Server 2016, and all its wide-ranging and improved features, it looks like Microsoft is back in the game. And, competitors are certainly taking notice.
Start your Microsoft Windows Server 2016 training today with our new courses:
Not a CBT Nuggets subscriber? Start your free week now.
CBT Nuggets has everything you need to learn new IT skills and advance your career — unlimited video training and Transcender® Practice Exams, Virtual Labs, validated learning with in-video Quizzes, Accountability Coaching, and access to our exclusive community of IT professionals.
Learn more about the CBT Nuggets Learning Experience.