Senior managers and executives are constantly surprised by the size and importance of Microsoft Windows Server...
2008 R2 in their data centers. They react to it like it's a rowdy 90’s adolescent that suddenly burst through the door -- a smart-alecky Gen X’er demanding more money and a nicer place to live. Windows is perceived as a junior member of the data center, but at the same time plays an important role.
Here are some Windows Server 2008 R2 features that have been available, but sometimes are seen as either not worth the effort to try, or have a big learning curve. But they could be game changers.
Active Directory Federation Services (AD FS), single sign-on (SSO)
Over the years, many versions of SSO have been cobbled together, and some could even win the Rube Goldberg prize for most kluged. Active Directory is a simpler way to provide this service, offering security outside of company firewalls. AD FS can ease funneling traffic into a legacy SSO app that doesn’t scale and isn’t well-supported. AD FS servers integrate with the existing domain while communicating with outside systems that support SAML-based plug-ins. It’s not the right fit for every situation, but Federation Services is worth trying.
BitLocker, Microsoft’s add-on for data encryption
This handy feature ships with, and is easily enabled on, Windows servers. BitLocker can tie its solid encryption natively to AD services and the AD tree to protect valuable logical items like user accounts. It’s a good tool for providing internal security, and can protect data on drives transported out of the data center. In addition, a built-in data destroyer tied to the AD domain wipes out data when a system isn’t decommissioned properly (i.e. it ends up on eBay). In TPM mode, which ties the security key locally to the hardware of the server, any drive removed or altered renders the data volumes on those drives useless.
Server virtualization has long been ruled by VMware for many good reasons, but Microsoft’s virtual servers have taken a big leap forward. They also work seamlessly with SharePoint and IIS and can help get intranets off of old systems that still suck power and crank BTUs in an overtaxed data center. Hyper-V includes tools for migrating from old servers, or you can try Novell’s PlateSpin, which pays for itself with highly useful discovery tools and pre-migration analysis to help squeeze extra server moves into overnight change windows.
Take out all the bloat ware, remove the interactive GUI, strip off unused features, and you return Windows to command line-only computing. Server Core is plain and simple Windows -- a fully functional server without the extras, just a C:\ prompt and enough services running to join the domain. With Server Core, important infrastructure servers use a much smaller footprint, and according to Microsoft, they require half the reboots and patching, since things like IIS and Print Spooler are not there to introduce security issues (although they can be added). These are fully functional servers that can operate as locked-down domain controllers, for example. Using scripts and batch files, even Hyper-V works on Server Core, which is perfect for running a data center with little or no human presence.
Windows Server 2008 R2 features can improve your data center
There are always new, cool features rolling out with any operating system, but that’s one reason some really useful ones get lost in the marketing noise. If these Windows Server 2008 R2 features look worthwhile, ask around and see how they can improve your data center.
What did you think of this feature? Write to SearchDataCenter.com's Matt Stansberry about your data center concerns at email@example.com.