View
217
Download
1
Tags:
Embed Size (px)
Citation preview
SVR219SVR219Ten Reasons to Prepare for Ten Reasons to Prepare for Windows Server Code Named Windows Server Code Named "Longhorn""Longhorn"
SVR219SVR219Ten Reasons to Prepare for Ten Reasons to Prepare for Windows Server Code Named Windows Server Code Named "Longhorn""Longhorn"
Ward Ralston Ward Ralston [email protected]@microsoft.comSr. Technical Product ManagerSr. Technical Product ManagerWindows Server DivisionWindows Server DivisionMicrosoft CorporationMicrosoft Corporation
Nuo YanNuo YanMicrosoft MVP – Windows Shell / UserMicrosoft MVP – Windows Shell / User
Business ResultsBusiness Results& New Value& New Value
End User End User ProductivityProductivity
CustomerCustomerConnectionConnection
Keep BusinessKeep BusinessUp & RunningUp & Running
SecuritySecurity
More Pressure than Ever on ITMore Pressure than Ever on IT
CompetitionCompetition
TechnologyTechnologyChangeChange
RegulatoryRegulatoryComplianceCompliance
CostCostReductionReduction
Source: IDC 2002, Microsoft Primary Quantitative Research. 400 30-minute phone surveys of IT professionals in data centers with 25 or more servers
Over 60% of TCO over a 5-year period driven by people costs
0
10
20
30
40
50
60
70
Staff Costs Downtime Training Software Hardware
Those people are spending their time on manual tasks
Degree of Automation:
53% 24% 23%
54% 17% 29%
56% 16% 28%
58% 18% 24%
60% 16% 24%
62% 13% 25%
0% 10% 20% 30% 40% 50% 60% 70% 80% 90% 100%Percent of Responses
Security Mgmt
Network
Event
Performance
Storage
Change/Config
Manual Scripts Automated Tools
IT ChallengesIT Challenges
Microsoft’s Promises to YouMicrosoft’s Promises to YouEnabling IT Pros & Development Teams Across the IT LifecycleEnabling IT Pros & Development Teams Across the IT Lifecycle
Ten Reasons to Prepare for Ten Reasons to Prepare for Windows Server “Longhorn”Windows Server “Longhorn”
Improvements in Server SecurityImprovements in Server SecurityNetwork Access Protection (NAP)Network Access Protection (NAP)New Terminal Services capabilitiesNew Terminal Services capabilitiesImprovements in NetworkingImprovements in NetworkingEnhancements to Directory ServicesEnhancements to Directory ServicesNew Deployment Roles New Deployment Roles Improved Interoperability with UnixImproved Interoperability with UnixReliability and Performance ImprovementsReliability and Performance ImprovementsNew Application ServerNew Application ServerManagement improvementsManagement improvements
Application platformApplication platform
Flexible SolutionsFlexible SolutionsConnected SystemsConnected Systems
Rich ExperiencesRich Experiences
Operations infrastructureOperations infrastructure
ControlControlFlexibilityFlexibilityAvailabilityAvailability
Investment in the fundamentalsInvestment in the fundamentals
SecuritySecurity ReliabilityReliability PerformancePerformance
Improvements in Server SecurityImprovements in Server Security
DD DDDD
Windows Service HardeningWindows Service HardeningDefense In Depth – Factoring/ProfilingDefense In Depth – Factoring/Profiling
Reduce size ofReduce size ofhigh risk layershigh risk layers
Segment theSegment theservicesservices
Increase # Increase # of layersof layers
Kernel DriversKernel DriversDD
DD User-mode DriversUser-mode Drivers
DDDD DD
Service Service 11
Service Service 22
Service Service 33
ServiceService……
Service Service ……
Service Service AA
Service Service BB
Service Changes in Windows Service Changes in Windows Server “Longhorn“Server “Longhorn“
Windows XP SP2 / Server 2003 R2Windows XP SP2 / Server 2003 R2 Windows Vista / Windows Vista / Windows Server “Longhorn”Windows Server “Longhorn”
AccountAccount ServicesServices AccountAccount ServicesServices
LocalSystem Wireless ConfigurationSystem Event NotificationNetwork Connections (netman)COM+ Event SystemNLARasautoShell Hardware DetectionThemesTelephonyWindows AudioError ReportingWorkstationICS
RemoteAccessDHCP ClientW32timeRasmanbrowser6to4Help and supportTask schedulerTrkWksCryptographic ServicesRemovable StorageWMI Perf AdapterAutomatic updatesWMIApp ManagementSecondary LogonBITS
LocalSystemFirewall Restricted
WMI Perf AdapterAutomatic updatesSecondary Logon
App ManagementWireless Configuration
LocalSystem BITS ThemesRasmanTrkWksError Reporting
6to4Task schedulerRemoteAccessRasautoWMI
Network ServiceFully Restricted
DNS ClientICSDHCP Client
browserServerW32time
Network ServiceNetwork Restricted
Cryptographic ServicesTelephony
PolicyAgentNlasvc
NetworkService
DNS Client Local ServiceNo Network Access
System Event NotificationNetwork ConnectionsShell Hardware Detection
COM+ Event System
Local Service SSDPWebClientTCP/IP NetBIOS helperRemote registry
Local ServiceFully Restricted
Windows AudioTCP/IP NetBIOS helperWebClientSSDP
Event LogWorkstationRemote registry
BitLocker™ Drive Encryption BitLocker™ Drive Encryption
Designed specifically Designed specifically to help prevent a thief to help prevent a thief who boots another who boots another Operating System or Operating System or runs a hacking tool runs a hacking tool from breaking from breaking Windows file and Windows file and system protectionssystem protections
Secure Startup - Helps Secure Startup - Helps provides data provides data protection on your protection on your Windows systems, Windows systems, even when the system even when the system is in unauthorized is in unauthorized hands hands
Uses a v1.2 TPM or Uses a v1.2 TPM or USB flash drive for key USB flash drive for key storagestorage
BitLockerBitLocker
BitLocker™ BitLocker™ Features OverviewFeatures Overview
Ensures Boot Process IntegrityEnsures Boot Process IntegrityProtects the system from offline software based attacks.Protects the system from offline software based attacks.
Protects data while the system is offlineProtects data while the system is offlineEncrypts entire Windows volume including both user data and system Encrypts entire Windows volume including both user data and system files, the hibernation file, the page file and temporary files.files, the hibernation file, the page file and temporary files.
Force RecoveryForce RecoverySys-admin ONLY tool to securely speed-up PC re-deploymentSys-admin ONLY tool to securely speed-up PC re-deployment
Eases Equipment Recycling Eases Equipment Recycling
Single Microsoft TPM driver Single Microsoft TPM driver Improved stability and securityImproved stability and security
TPM Base Services (TBS) TPM Base Services (TBS) Windows and 3rd party SW access to TPMWindows and 3rd party SW access to TPM
Scenarios: Scenarios: Lost or stolen laptopLost or stolen laptop
Branch-office ServerBranch-office Server
Server IntegrityServer Integrity
Code Integrity: OS File Code Integrity: OS File ProtectionProtection
Validates the integrity of the boot processValidates the integrity of the boot processChecks kernel, HAL and boot-start driversChecks kernel, HAL and boot-start drivers
If validation fails, image won’t loadIf validation fails, image won’t load
Validates the integrity of each binary Validates the integrity of each binary imageimage
Implemented as a file system filter driverImplemented as a file system filter driver
Checks hashes for every page as it’s loadedChecks hashes for every page as it’s loaded
Checks any image loading to a protected Checks any image loading to a protected processprocess
Hashes stored in system catalog or in X.509 Hashes stored in system catalog or in X.509 certificate embedded in filecertificate embedded in file
Controlling Device InstallationControlling Device Installation
Ability to block all new device installsAbility to block all new device installsCan deploy a machine and allow no new Can deploy a machine and allow no new devices devices to be installedto be installed
Set exceptions based on device class or Set exceptions based on device class or device IDdevice ID
Allow keyboards and mice to be added, but Allow keyboards and mice to be added, but nothing elsenothing else
Allow specific device IDs Allow specific device IDs
Configurable via Group PolicyConfigurable via Group Policy
Set at the computer levelSet at the computer level
Network Access Protection (NAP)Network Access Protection (NAP)
Network Access ProtectionNetwork Access ProtectionHow it worksHow it works
Not policy Not policy compliantcompliant
11
RestrictedRestrictedNetworkNetwork
Client requests access to network and presents Client requests access to network and presents current health statecurrent health state
11
44If not policy compliant, client is put in a restricted If not policy compliant, client is put in a restricted VLAN and given access to fix up resources to VLAN and given access to fix up resources to download patches, configurations, signatures download patches, configurations, signatures (Repeat 1 - 4)(Repeat 1 - 4)
22 DHCP, VPN or Switch/Router relays health status to DHCP, VPN or Switch/Router relays health status to Microsoft Network Policy Server (RADIUS)Microsoft Network Policy Server (RADIUS)
55 If policy compliant, client is granted full access to If policy compliant, client is granted full access to corporate networkcorporate network
MSFT NPS MSFT NPS
33
Policy ServersPolicy Serverse.g. Patch, AVe.g. Patch, AV
Policy Policy compliantcompliant
DHCP, VPNDHCP, VPNSwitch/Router Switch/Router
33 Network Policy Server (NPS) validates against IT-Network Policy Server (NPS) validates against IT-defined health policydefined health policy
22
WindowsWindowsClientClient
Fix UpFix UpServersServerse.g. Patche.g. Patch
Corporate NetworkCorporate Network55
44
NAP - Enforcement OptionsNAP - Enforcement Options
EnforcementEnforcement Healthy ClientHealthy Client Unhealthy ClientUnhealthy Client
DHCP Full IP address given, full access Restricted set of routes
VPN (Microsoft and 3rd Party) Full access Restricted VLAN
802.1X Full access Restricted VLAN
IPsec
Can communicate with any trusted peer
Healthy peers reject connection requests from unhealthy systems
Complements layer 2 protectionWorks with existing servers and infrastructureFlexible isolation
NAP BenefitsNAP BenefitsFeature Feature SupportSupport BenefitBenefitBuilt-in client Windows Vista, Windows
XP No need to deploy/license 3rd party client
Updates via WUS / WSUS / SMS
Flexible enforcement
DHCP, VPN, 802.1x, Terminal Services, Server and Domain isolation
Works with today’s & tomorrow’s networks
Enables risk-benefit trade offs
3rd party enforcement
All major switch / router / firewall / VPN
Customers can use any network or security infrastructure vendor
Health assessment
SMS, WUS, SecurityCenter, 3rd party
Seamless integration with Windows infrastructure
Works with any AV, patch or endpoint security solution
User experience Integrated with Windows Vista glass. Branding supported.
Polished look and feel tailored for the customer environment
Management Integration with SMS, AD, Group Policy and MOM for client, server and service operations
Complete policy based administration and operation
New Terminal Services CapabilitiesNew Terminal Services Capabilities
Terminal ServicesTerminal Services(Secure centralized application access)(Secure centralized application access)
Centralized Application AccessCentralized Application AccessApp Deployment App Deployment (“app virtualization”)(“app virtualization”)
Branch OfficeBranch Office
Secure Anywhere AccessSecure Anywhere Access
New featuresNew featuresTS GatewayTS Gateway
TS Remote ProgramsTS Remote Programs
SSO for managed clientsSSO for managed clients
Central LocationCentral Location
Mobile WorkerMobile WorkerIn AirportIn Airport
Branch OfficeBranch Office
Home OfficeHome Office
Terminal Services GatewayTerminal Services GatewayRemote Access to internal applications Remote Access to internal applications resourcesresources DMZDMZ
HTTPS / 443
InternetInternet Corp LANCorp LAN
Terminal Server
HotelEx
tern
al F
irew
all
Inte
rnal
Fire
wal
l
Home
Business Partner/Client Site
EmailServer
TerminalServerInternet
Terminal Services Gateway Server
Tunnels RDP over HTTPS
Passes RDP/SSL
traffic to TS
Strips off RDP/HTTPS
TS GatewayTS Gateway
SecuritySecurityAuthentication with passwords, smartcardsAuthentication with passwords, smartcards
Uses industry standard encryption and firewall traversal (SSL, Uses industry standard encryption and firewall traversal (SSL, HTTPS)HTTPS)
RDP traffic still encrypted end-to-end – client to terminal serverRDP traffic still encrypted end-to-end – client to terminal server
Client machine health can be validated (using NAP)Client machine health can be validated (using NAP)
SSL termination devices can terminate SSL traffic on separate SSL termination devices can terminate SSL traffic on separate device. (for intrusion detection or filtering in DMZ)device. (for intrusion detection or filtering in DMZ)
Compared to VPNCompared to VPNUser can access corporate applications and corporate desktops User can access corporate applications and corporate desktops via Web Browser via Web Browser
Friendly with home machines Friendly with home machines
Crosses firewalls and NATs (w/ HTTPS:443)Crosses firewalls and NATs (w/ HTTPS:443)
Granular access control at the perimeterGranular access control at the perimeterConnection Authorization Policy (CAP)Connection Authorization Policy (CAP)
Resource Authorization Policy (RAP)Resource Authorization Policy (RAP)
Terminal Services Remote Terminal Services Remote ProgramsPrograms
Simple, fast application deploymentSimple, fast application deployment
Central management of LOB applicationsCentral management of LOB applications
Light-weight deployment of data-intensive Light-weight deployment of data-intensive appsapps
Programs roam easily—Anywhere accessPrograms roam easily—Anywhere access
Staged rollout of new application releasesStaged rollout of new application releases
Application consolidationApplication consolidation
Integrates with local programsIntegrates with local programsDrag and Drop (B3) Drag and Drop (B3)
System Tray IntegrationSystem Tray Integration
Local Devices and Local Devices and files available files available
Terminal Services Remote ProgramsTerminal Services Remote Programs
Improvements in Networking ServicesImprovements in Networking Services
Complete Redesign of TCP/IPComplete Redesign of TCP/IP
Insp
ectio
n
AP
IIPv4
802.3
WSK
WSK Clients TDI Clients
NDIS
WLAN Loop-back
IPv4 Tunnel
IPv6 Tunnel
IPv6
RAWUDPTCP
Next Generation TCP/IP Stack (tcpip.sys)
AFD
TDX
TDI
Winsock User Mode
Kernel Mode
Dual-IP layer architecture for native IPv4 and IPv6 supportDual-IP layer architecture for native IPv4 and IPv6 supportSeamless security through expanded IPsec integrationSeamless security through expanded IPsec integrationImproved performance via hardware accelerationImproved performance via hardware accelerationNetwork auto-tuning and optimization algorithmsNetwork auto-tuning and optimization algorithmsGreater extensibility and reliability through rich APIsGreater extensibility and reliability through rich APIs
A Short List of New FeaturesA Short List of New Features
Technologies Security Experience
Scalability
IPsec XX
VPN Routing Compartments XX
Windows Filtering Platform (WFP) XX XX
Secure Sockets API XX
IPv6 XX
TCP Chimney XX
TCP-A (I/OAT) XX
Receive Side Scaling (RSS) XX
Receive Window Auto-Tuning XX XX
Compound-TCP (CTCP) – Congestion Control
XX XX
Wireless Reliability XX
Black-Hole Router Detection (BHRD) XX
Dead Gateway Detection XX
Network Diagnostics Framework/Extended TCP Statistics
XX
Policy-based Quality of Service (eQoS) XX XX
Windows Firewall Windows Firewall with Advanced Securitywith Advanced Security
Combined firewall and IPsec managementCombined firewall and IPsec managementNew management tools – Windows Firewall with Advanced New management tools – Windows Firewall with Advanced Security Security MMC snap-in MMC snap-in
Reduces conflicts and coordination overhead between Reduces conflicts and coordination overhead between technologiestechnologies
Firewall rules become more intelligentFirewall rules become more intelligentSpecify security requirements such asSpecify security requirements such asauthentication and encryptionauthentication and encryption
Specify Active Directory computerSpecify Active Directory computeror user groupsor user groups
Outbound filteringOutbound filteringEnterprise management feature –Enterprise management feature –not for consumersnot for consumers
Simplified protection policySimplified protection policyreduces management overheadreduces management overhead
Improvements in Directory ServicesImprovements in Directory Services
Active Directory FeaturesActive Directory Features
Restart-able Active DirectoryRestart-able Active Directory
Read only domain ControllersRead only domain Controllers
Group Policy and ADMXGroup Policy and ADMX
Active DirectoryActive DirectoryRead Only Domain ControllerRead Only Domain Controller
Introduction to Read Only Domain Introduction to Read Only Domain ControllerController
How it works in generalHow it works in general
Read Only Active Directory DatabaseRead Only Active Directory Database
Unidirectional ReplicationUnidirectional Replication
Credential CachingCredential Caching
Benefits of Read Only Domain ControllerBenefits of Read Only Domain ControllerIncreases security for remote Domain Increases security for remote Domain Controllers where physical security cannot be Controllers where physical security cannot be guaranteed guaranteed
Active DirectoryActive DirectoryRestartable Active DirectoryRestartable Active Directory
Introduction to Restartable Active DirectoryIntroduction to Restartable Active DirectoryRestart Active Directory without rebootingRestart Active Directory without rebootingCan be done through command line and MMCCan be done through command line and MMCCan’t boot the DC to stopped mode of Active Can’t boot the DC to stopped mode of Active DirectoryDirectoryNo effect on non-related services while No effect on non-related services while restarting Active Directoryrestarting Active DirectorySeveral ways to process login under stopped Several ways to process login under stopped modemode
Benefits of Restartable Active DirectoryBenefits of Restartable Active DirectoryReduces time for offline operationsReduces time for offline operationsImproves availability for other services on DC Improves availability for other services on DC when Active Directory is stoppedwhen Active Directory is stoppedReduces overall DC servicing requirements with Reduces overall DC servicing requirements with
Server Core Server Core
Hub
`
Read Only DCHub Longhorn DC
Branch
Read Only DCRead Only DC
Read-only DCRead-only DCHow it worksHow it works: Secret caching during first logon: Secret caching during first logon
2. RODC: Looks in DB: "I don't have the users secrets"
3. Forwards Request to Windows Server “Longhorn” DC
4. Windows Server “Longhorn” DC authenticates request
5. Returns authentication response and TGT back to the RODC
6. RODC gives TGT to User and Queues a replication request for the secrets
7) Hub DC checks Password Replication Policy to see ifPassword can be replicated
1. AS_Req sent to RODC (request for TGT)
1
2
3
4
5
6
6
7
7
Note: At this point the user will have a hub signed TGT
Hub Windows Hub Windows Server “Longhorn”Server “Longhorn”
Read-only DC: Application Read-only DC: Application SupportSupport
Planning to SupportPlanning to SupportADFS,DNS, DHCP, FRS V1, DFSR (FRS V2), ADFS,DNS, DHCP, FRS V1, DFSR (FRS V2), Group Policy, IAS/VPN, DFS, SMS, ADSI queries, Group Policy, IAS/VPN, DFS, SMS, ADSI queries, MOMMOM
Best EffortBest EffortGeneric LDAP apps which support write Generic LDAP apps which support write referrals and can tolerate write failures if WAN referrals and can tolerate write failures if WAN is offline.is offline.
Application guidance whitepaper will be Application guidance whitepaper will be published by Beta2published by Beta2
Will include checklist to verify RODC app Will include checklist to verify RODC app compatibilitycompatibility
Restartable Active DirectoryRestartable Active DirectoryRestartable Active DirectoryRestartable Active Directory
New Deployment RolesNew Deployment Roles
What is Server Core?What is Server Core?
Part of the “Windows Server” SKU, Part of the “Windows Server” SKU, available as an install optionavailable as an install option
Delivers the core set of server OS Delivers the core set of server OS functionalityfunctionality
Can boot and operate stand-alone in Can boot and operate stand-alone in headless/embedded scenariosheadless/embedded scenarios
Part of an overall Windows/Widows Server Part of an overall Windows/Widows Server “Longhorn” infrastructure solution“Longhorn” infrastructure solution
Server CoreServer Core
Provides support to basic server rolesProvides support to basic server rolesFile ServerFile Server
DNSDNS
DHCPDHCP
Active DirectoryActive Directory
Can be managed by:Can be managed by:Local and remote command-line toolsLocal and remote command-line tools
Terminal Services (Remote)Terminal Services (Remote)
Microsoft Management Console (Remote)Microsoft Management Console (Remote)
Server CoreServer CoreServer CoreServer Core
Improved Interoperability with Unix EnvironmentsImproved Interoperability with Unix Environments
Windows Server “Longhorn” Windows Server “Longhorn” Features for UNIX Features for UNIX Interoperability Interoperability
Improve and enhance UNIX integration Improve and enhance UNIX integration features as a part of Windows Serverfeatures as a part of Windows Server
Authentication integrationAuthentication integration
UNIX scripting and application migration toolsUNIX scripting and application migration tools
Support for 32-bit and 64-bit Support for 32-bit and 64-bit
Extensions to Active Directory default Extensions to Active Directory default schema to support UNIX-related attributes schema to support UNIX-related attributes (RFC 2307)(RFC 2307)
SUA OverviewSUA Overview
SUA provides the basic infrastructure to SUA provides the basic infrastructure to run UNIX-based applications and scripts run UNIX-based applications and scripts on Windows Serveron Windows Server
Native subsystem residing on top of Native subsystem residing on top of the kernel just like the win32 the kernel just like the win32 subsystemsubsystem
Complete UNIX semantics and system Complete UNIX semantics and system call supportcall support
Utilities and SDKUtilities and SDK
Package available for download from the Package available for download from the beta websitebeta website
BSD Utilities and SDKBSD Utilities and SDK
System-V Release 5 Utilities and SDKSystem-V Release 5 Utilities and SDK
GNU Utilities and SDKGNU Utilities and SDK
UNIX PerlUNIX Perl
Utilities CoverageUtilities Coverage
ShellsShellsKornKorn
CC
DevelopmentDevelopmentgccgcc
gdbgdb
makemake
ConnectivityConnectivitybindbind
sendmailsendmail
ftpftp
Job Controlps
nice
kill
Text Processing
grep
less
awk
sed
pr
tr
Batch Processing
at
cron
batch
Graphicsxterm
xrdb
xset
xclock
Password Sync – Advantages Password Sync – Advantages
Supported PlatformsSupported PlatformsHP-UX 11iHP-UX 11i
Sun Solaris 7, Solaris 8Sun Solaris 7, Solaris 8
IBM AIX 5L 5.2IBM AIX 5L 5.2
Red Hat Linux 8.0 and higherRed Hat Linux 8.0 and higher
BenefitsBenefitsLoggingLogging
DebuggingDebugging
MD5 SupportMD5 Support
Supports over 60,000 usersSupports over 60,000 users
Improved data migration timesImproved data migration times
Password SynchronizationPassword Synchronization
PluggableAuthenticationModule (pam)
PasswordSynchronizatio
nService
inWindows Server
SingleSign On
Daemon (ssod)
LEGEND:
Windows Password Changed
UNIX Password Changed
HP-UX
Solaris
AIX
Red Hat Linux
Server for NISServer for NIS
UNIX NIS Servers(UID/GID)Windows Servers (SID)
NIS Clients
SubordinateSubordinateSubordinate Master
Makes a Windows Server into an NIS master Makes a Windows Server into an NIS master serverserver
Reliability and Performance ImprovementsReliability and Performance Improvements
New Reliability Technology New Reliability Technology Windows Performance Diagnostic Console and Windows Performance Diagnostic Console and Reliability MonitorReliability Monitor
Introduction to Windows Performance Diagnostic Introduction to Windows Performance Diagnostic Console and Reliability MonitorConsole and Reliability Monitor
Combination of performance toolsCombination of performance tools
Keep track of system activity and resource usage with Keep track of system activity and resource usage with Resource ViewResource View
Reliability Monitor diagnoses potential causes of Reliability Monitor diagnoses potential causes of instability instability
Benefits of Windows Performance Diagnostic Benefits of Windows Performance Diagnostic Console and Reliability MonitorConsole and Reliability Monitor
Combines performance tools in a single interface Combines performance tools in a single interface increases efficiency of operationsincreases efficiency of operations
Resource View is easier to use but more powerful than Resource View is easier to use but more powerful than Task ManagerTask Manager
Reliability Monitor saves administrator’s time for Reliability Monitor saves administrator’s time for recovering the system from instability in a targeted recovering the system from instability in a targeted mannermanner
New Application ServerNew Application Server
Internet Information Services (IIS) Internet Information Services (IIS) 7.07.0More than an Enterprise-class Web server, IIS 7.0 is an extensible platform for securely delivering business applications and services over the Web
Extensible Modular Extensible Modular ArchitectureArchitecture
Delegated Delegated Management ToolsManagement Tools
Comprehensive Comprehensive Diagnostic SupportDiagnostic Support
Integrated Integrated Application StackApplication Stack
Distributed Distributed Configuration ModelConfiguration Model
IIS 7.0 IIS 7.0 EnhancementsEnhancements
Compelling Compelling Custom Custom
SolutionsSolutions
OptimizedOptimizedSecurity & Security & PatchingPatching
Scalable Scalable Streamlined Streamlined
InfrastructureInfrastructure
RapidRapidSolution Solution
DeploymentDeployment
Efficient Efficient Administrators Administrators & Developers& Developers
AdministrationAdministrationIIS Previous User InterfaceIIS Previous User Interface
Easy Easy NavigationNavigation
Limited Limited Application Application ConceptConcept
Tabs, tabs, Tabs, tabs, and more tabsand more tabs
IIS7 Administration ExperienceIIS7 Administration Experience
Nice Tree Nice Tree ViewView
CategorysortinCategorysorting for easy to g for easy to find featuresfind features
Management ImprovementsManagement Improvements
Windows Server 2003Windows Server 2003Installing, securing, and managing server roles fragmented across Installing, securing, and managing server roles fragmented across multiple toolsmultiple tools
Windows Server 2003 SetupWindows Server 2003 Setup
Post-Setup Security UpdatesPost-Setup Security Updates
Manage Your ServerManage Your Server
Configure Your Server WizardConfigure Your Server Wizard
Add/Remove Windows ComponentsAdd/Remove Windows Components
Computer ManagementComputer Management
Security Configuration WizardSecurity Configuration Wizard
Windows Server “Longhorn” Windows Server “Longhorn” Setup PhasesSetup Phases
OS Setup
Initial Configuration Tasks
Server Manager
Server ManagerServer ManagerProvides a great, out-of-the-box experience Provides a great, out-of-the-box experience for adding, configuring, and managing server for adding, configuring, and managing server rolesroles1. Out of box experience (OOBE)1. Out of box experience (OOBE)
Walks the user through the tasks necessary to Walks the user through the tasks necessary to complete setup and operationalize the servercomplete setup and operationalize the server
2. Single experience for configuring Windows 2. Single experience for configuring Windows Server “Longhorn”Server “Longhorn”
Steps the user through adding and removing Steps the user through adding and removing server roles and features securelyserver roles and features securely
3. Portal for ongoing management3. Portal for ongoing managementDisplay server status, expose key management Display server status, expose key management tasks, and guide the user to advanced tasks, and guide the user to advanced management toolsmanagement tools
Server Manager in Windows Server Manager in Windows Server “Longhorn”Server “Longhorn”Server Manager in Windows Server Manager in Windows Server “Longhorn”Server “Longhorn”
TBDTBDCustomer Customer Preview Preview ProgramProgram
Beta 3Beta 3
Community TechnologyPreview (CTP) Program
Releases
TimelineTimeline
Q2 CY Q2 CY 20062006
Enterprise Enterprise engagemenengagemen
t and t and deploymentdeployment
Beta 2Beta 2Sept 2005Sept 2005Developer Developer
engagemenengagementt
PDCPDC20072007Broad Broad
availabilitavailabilityy
ShipShip
ResourcesResourcesTechnical Chats and Webcastshttp://www.microsoft.com/communities/chats/default.mspx http://www.microsoft.com/usa/webcasts/default.asp
Microsoft Learning and Certificationhttp://www.microsoft.com/learning/default.mspx
MSDN & TechNet http://microsoft.com/msdnhttp://microsoft.com/technet
Virtual Labshttp://www.microsoft.com/technet/traincert/virtuallab/rms.mspx
Newsgroupshttp://communities2.microsoft.com/communities/newsgroups/en-us/default.aspx
Technical Community Sites/Blogshttp://www.microsoft.com/communities/default.mspxhttp://blogs.technet.com/windowsserver
User Groupshttp://www.microsoft.com/communities/usergroups/default.mspx
Live from Tech·Ed Webcast Live from Tech·Ed Webcast Series has Been Series has Been
Brought to You by:Brought to You by:
www.microsoft.com/hpc
Fill out a session Fill out a session evaluation on evaluation on CommNet for CommNet for
a chance toa chance toWin an XBOX Win an XBOX
360!360!
© 2006 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.
The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.
MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.