The Essential Guide to Microsoft Windows Server 2016
Now that mainstream support for Windows Server 2008 has ended and Windows Server 2012 is getting up in years, the new Microsoft’s server operating system is finally here and more enterprises may want to consider jumping to it. Whether you’re on the fence about upgrading or have already decided to deploy the new server operating system, this guide will help you in learning more about Windows Server 2016 features.
Server footprints get even smaller with Nano
The next evolution of Server Core – Nano Server, is an even more thinned down version of Windows Server 2016. A Nano server must be managed remotely and can only run 64 bit applications, but it can be optimized for minimum resources, requires far less patching, restarts very quickly, and can perform a number of specific tasks very well with minimal hardware.
Until now, containers have existed almost entirely in the Linux/UNIX open-source world. They allow you to isolate applications and services in an agile, easy-to-administer way. Windows Server 2016 offers two different types of “containerized” Windows Server instances:
- Windows Server Container. This container type is intended for low-trust workloads where you don’t mind that container instances running on the same server may share some common resources
- Hyper-V Container. This isn’t a Hyper-V host or VM. Instead, it’s a “super isolated” containerized Windows Server instance that is completely isolated from other containers and potentially from the host server. Hyper-V containers are appropriate for high-trust workloads.
Improved server management with PowerShell 5.0
Windows Server 2016 comes with PowerShell 5.0, a part of the Windows Management Framework 5.0. There are many improvements in PS5 including support for developing your own classes, or a new module called PackageManagement, which lets you discover and install software packages on the Internet.
Linux Secure Boot
Secure Boot is part of the Unified Extensible Firmware Interface (UEFI) specification that protects a server’s startup environment against the injection of rootkits or other assorted boot-time malware. Nowadays, the Windows Server and Azure engineering teams seemingly love Linux. Therefore, we can now deploy Linux VMs under Windows Server 2016 Hyper-V with no trouble without having to disable the otherwise stellar Secure Boot feature.
Versatile container support for enhanced density
Windows Server 2016 offers two kinds of containers to improve process isolation, performance, security, and scalability. Windows Server Containers can be used to isolate applications with a dedicated process and a namespace, while Hyper-V Containers appear to be entire machines optimized for the application.
Resilient File System
he Resilient File System (ReFS) has been a long time coming in Windows Server. In Windows Server 2016, we finally get a stable version. ReFS is intended as a high-performance, high-resiliency file system intended for use with Storage Spaces Direct and Hyper-V workloads.
More secure identity management
Windows Server 2016 brings some huge improvements to Active Directory, security, and identity management, such as Privileged Access Management (PAM), restricting privileged access within an existing Active Directory environment. In this model you have a bastion forest, sometimes called a red forest, that is where administrative accounts live and which can be heavily isolated to ensure it remains secure. Just-in-Time administration, privileged access request workflows, and improved audition are all included, and best of all – you don’t have to replace all of your DCs to take advantage of this.
Nested virtualization refers to the capability of a virtual machine to itself host virtual machines. This has historically been a “no go” in Windows Server Hyper-V, but we finally have that ability in Windows Server 2016. Nested virtualization makes sense when a business wants to deploy additional Hyper-V hosts and needs to minimize hardware costs.
Simplified administrative work
“Just Enough Administration” is a new capability in Windows Server 2016 that enables administrators to delegate anything that can be managed through PowerShell. In Windows Server 2012 R2, Hyper-V administrators ordinarily performed Windows PowerShell-based remote administration of VMs the same way they would with physical hosts. In Windows Server 2016, PowerShell remoting commands now have -VM* parameters that allows us to send PowerShell directly into the Hyper-V host’s VMs.
The new Host Guardian Service server role, which hosts the shielded VM feature, is far too complex to discuss in this limited space. For now, suffice it to say that Windows Server 2016 shielded VMs allow for much deeper, fine-grained control over Hyper-V VM access.
On the whole, these are definitely new and great features to get excited about, and certainly reasons to give Windows Server 2016 the attention it deserves in your hybrid environment.
To learn more about how to migrate your server successfully, Contact Us.