Microsoft Windows Server 2016 What You Need To Know
With every new Windows server that comes out, we have come to expect for there to be a whole host of new and exciting features. Certainly the new Windows Server 2016, which has just recently come out, having been released at Microsoft’s Ignite Conference in late September 2016, does not disappoint. Many of these new features, such as Nano Server and the containers, come from Microsoft’s focus on the Cloud, but others, such as the Shielded VMs, place more of a focus on security, which some might say is a very good thing in today’s climate. There are also a host of new networking and storage capacities that build on previous platforms, such as that of 2012.
The whole premise behind the Windows Server 2016 is to assist customers in modernizing on-premise data centres so that workloads can be moved to its Azure public cloud service. The payments with the 2016 Server are slightly different to before in that customers pay per core rather than per processor. This might mean that they end up paying slightly more than originally expected which could be seen as a downside of the new system. There will of course likely be bugs and other issues that will need to be resolved and so IT departments internationally are going to probably wait to see this resolution take place before moving ahead with any large scale purchases. This means that uptake of the software is likely to be somewhat gradual. This said, many are expected to take the leap, albeit perhaps over a three to four year period. Microsoft would of course like the uptake to be somewhat swifter than this.
So, what might you expect to experience if you take it on? What’s new? Here are some of the key features:
The Nano Server is perhaps the headline update and the one that is going to be the most eye-catching to new and existing users who are looking to upgrade. In essence, it is a much scaled down version of the Windows server, with 92% fewer critical bulletins, a 93% small VHD size and 80% fewer reboots required. There is no GUI and no command prompt for this nano server – it is completely headless. It was first developed under the name ‘Tuva’ and is really a ready purpose built, scaled down operating system that can run cloud applications and work as a platform for containers. It will mean that restarting will be a much faster process, something that will likely be very attractive to companies. There will also be fewer updates required which have been known to have been very regular on previous server systems. As the operating system has fewer components it will also mean that security will be enhanced, which can only ever be a good thing.
The Nano Server focuses on a number of key areas. Firstly there are the ‘born in the cloud’ applications, as it gives a huge amount of support for various programming languages such as Python, C#, and Java. It also helps with the Microsoft Cloud infrastructure directly with support for compute clusters running Hyper V and storage clusters running Scale-out file server. There is also support for DNS server and IIS servers.
The core Hyper-V virtualisation platform which first appeared in the 2008 Server has experienced a number of key improvements in the 2016 server platform. Its functionality is perhaps the most important and useful of these changes. The upgrades will make it a lot easier and quicker to migrate the Hyper-V clusters in the first place to the new platform. Clusters already operating on the 2012 feature platform will continue to feature until everything is upgraded so there won’t be any issues with existing platforms although all users will be encouraged to upgrade before long.
Another key improvement as part of the Hyper-V is that it is now possible to hot-add virtual network adaptors and memory as well as support nested virtualisation. This can now be used for development or test situations.
Another key feature of the 2016 server platform is the support that is provided for containers. Containers have been threatening to take over from virtualization as a core technology for a number of years now. The new container support will make it far easier to adopt micro-services architectures. Containers provide a smaller scale alternative to full on virtualisation. Applications can be moved about and packaged far more easily and moved between servers. The technology that runs containers perhaps makes more sense for large data centres than for smaller companies but virtualisation is nonetheless still a useful feature for the improved server.
The Host Guardian Service
This new embedded security service enables shielded virtual machines as well as protecting all of the data embedded within them. It means that even Hyper-V administrators cannot access them. It is also perfectly possible now to create shielded VMs using the Azure Management Pack Portal. BitLocker can be used to encrypt Hyper-V virtual disks.
There have been some key storage service improvements to the 2016 server in an attempt to bring all storage together and reduce costs which are involved in running private clouds. Storage Spaces and Scale Out File Server is carrying on but has been improved. Storage Spaces Direct now allows organisations to put their internal storage in standard servers so that they can easily scale virtualised storage.
Upgrades to the storage now come in a rolling format so that storage clusters can be easily upgraded without downtime. There have also been improvements to the monitoring capacities. The Storage Spaces Direct technology in Windows Server 2016 enables a cluster to access JBOD storage in an external enclosure such as Windows Server 2012 R2 and it can also access SAS and JBOD storage that are inside existing cluster nodes. Storage Spaces Direct allows for data tiering, SSD and HDD disks.
Internet Information Services (IIS) 10 supports HTTP, HTTPS, FTP, FTPS, SMTP and NNTP. The addition with IIS 10 is that HTTP/2 is now also supported. HTTP/2 is an upgrade in terms of the reworking of how HTTP semantics flow over TCP connections. Users have had to put up with almost two decades of HTTP/1.1 and so this is a very welcome upgrade. It reduces the impact of latency and also reduces the connection load on web servers. It is now possible to deal with multiple requests that are coming in at exactly the same time. It does this by reusing existing connections rather than waiting for new connections to be established. HTTP/2 has also introduced HPACK, which is a compression scheme for HTTP headers which makes the redundancy between requests a much lesser issue. Further, it introduces the concept of ‘push’, whereby the client can cache and reuse info on other pages, but in a way that the server does not reduce the latency benefits of inlining.
Docker is an open-source engine that can be used for managing, running and building containers and so it is a linked but fundamental aspect of the improved container technology. This particular aspect of technology was originally built as part of the Linux capacity but this new Windows server now provides a basis for Docker technology as well. Docker can be used to manage both Hyper V containers and Windows Server technology.
Web Application Proxy
HTTP has now been redirected to HTTPS and client IP addresses have now been propagated to backend applications. HTTP basic is the authorization protocol used by a lot of protocols, including ActiveSync to connect an Exchange Mailbox with anything that is considered a ‘rich client’, such as a smartphone. The new version of Web Application Proxy which is available through the Windows Server 2016 allows for the support of the publication of an application using HTTP basic by allowing the HTTP app to receive a non-claims relying party trust for the application to the Federation Service.
The external URL for apps can now also include a Wildcard which will enable the user to publish multiple apps from just a specific domain – this will massively simplify the process of publishing any apps using SharePoint.
Windows Powershell 5.1
This direct means of PowerShell is already a fantastic automation management tool. However, it has been quite complex to practically use in the past. Your host networking configuration, firewall policies and security policies are all of concern when it comes to running PowerShell remotely against VMs. This new direct PowerShell system means that you can now run any commands you might have in the guest OS of a VM without the need for going through all of the various layers that were previously required. It requires no configuration at all when it connects with the guest VM. All you need are your authentication details for the VM’s guest OS.
Active Directory Federation Services
ADFS principally provides users with the ability to add a single sign on to systems and apps which are located across organizational boundaries. These apps can include Office 365 or any apps on the corporate network. The ADFS in the 2016 Server enables the user the option to sign on without the need for passwords. This could be seen by some as a step backward but in reality, passwords can be lost or hacked and so the need for no password at all could also be said to be a security improvement. There are three key ways that Microsoft have enabled for this to happen.
Firstly, there is the Azure Multi-Factor Authentication capability which has built on the allowances in the 2012 system. An Azure MFA code is all that is required on this basis, eliminating the need for a username or password. This login could be text, voice or OTP based.
Secondly, access could be granted on the basis of device compliance. The device could be registered to have positive credentials. This is possible for both intranet and extranet systems.
Finally, it is possible to provide sign-in facilities through the use of the Microsoft Passport system. Windows 10 introduced Windows Hello and the Microsoft Passport which replaced passwords with things like a fingerprint, facial recognition or a PIN number. Whilst they might not be strict innovations for the 2016 platform they have been carried across and are still perfectly possible so it is worth noting them down here.
Virtual Memory Network Adaptors
Another brilliant new feature of the Windows Server 2016 system is that you can now remove or add virtual memory or any virtual network adaptors at the same time as the virtual system is running. Previously you needed to use dynamic memory to change the maximum and minimum RAM settings. You now have the ability to change the RAM that has been allocated automatically while the virtual memory itself is active. You can also add or remove adaptors whilst the virtual memory is running. This is likely to be very useful indeed for users.
Similarities to Windows 10
Windows Server 2016 has been designed concurrently with Windows 10 and the desktop interface in the new Windows Server is exactly the same as the Windows 10 Anniversary update. This was probably a deliberate move by Microsoft who have been accused of jumping too far astray in the past in terms of design for users. Chief Windows Server architect has said of the 2016 Windows Server LTSB that ‘it will be the same as Windows 10 LTSB, because it really is the same thing’. Things that are lost are Cortana, the Edge browser, apps like Mail and Calendar, and rather strangely, the calculator app, which many people find quite useful. Although it is in essence, incredibly similar.
So, there we have it, the Microsoft Windows Server 2016, offering a vast wave of new innovations for something that is really focused on making the whole system faster, more efficient and therefore more effective. It has been stripped back and a greater amount of enhancement in terms of security and usability has been added. It is also clearly another attempt by Microsoft to move closer towards an enhanced universal Cloud service. As has been mentioned earlier in this article, it is likely that uptake will be fairly slow due to suspected clients having concerns about immediate issues that will need to be ironed out. Nonetheless, this platform appears to be a positive step forward for Microsoft and will enhance the user experience.
Windows Server 2016 is available now on our Dedicated Servers