No need to call the homicide squad after you take a look at Windows Server 2008: You won't find any killer features in this release. But that's not to say there's nothing to get excited about. There's a great deal that's new, and depending on the set up of your organization, it's almost certain you'll find some or all of it extremely valuable.
Any ranking is bound to be subjective, and bearing that in mind, here are what we believe to be the 10 most interesting new features in Windows Server 2008.
Although it will not be available with the initial launch of Server 2008, Microsoft's Hyper-V hypervisor-based virtualization technology promises to be a star attraction of Server 2008 for many organisations.
Although some 75 percent of large businesses have started using virtualization, only an estimated 10 percent of servers out are running virtual machines. This means the market is still immature. For Windows shops, virtualization using Server 2008 will be a relatively low-cost and low-risk way to dip a toe in the water.
At the moment, Hyper-V lacks the virtualized infrastructure support virtualization market leader VMware can provide. Roy Illsley, senior research analyst at U.K.-based Butler Group, noted that Microsoft is not as far behind as many people seem to think, however. "Don't forget Microsoft's System Center, which is a fully integrated management suite and which includes VM Manager. Obviously it only works in a Wintel environment, but if you have Server 2008 and System Center, you have a pretty compelling proposition.
"What Microsoft is doing by embedding virtualization technology in Server 2008 is a bit like embedding Internet Explorer into Windows," said Illsley. "This is an obvious attempt to get a foothold into the virtualization market."
At launch, Microsoft is unlikely to have a similar product to VMware's highly popular VMotion (which enables administrators to move virtual machines from one physical server to another while they are running), but such a product is bound to available soon after.
2. Server Core
Many server administrators, especially those used to working in a Linux environment, instinctively dislike having to install a large, feature-packed operating system to run a particular specialized server. Server 2008 offers a Server Core installation, which provides the minimum installation required to carry out a specific server role, such as for a DHCP, DNS or print server. From a security standpoint, this is attractive. Fewer applications and services on the sever make for a smaller attack surface. In theory, there should also be less maintenance and management with fewer patches to install, and the whole server could take up as little as 3Gb of disk space according to Microsoft. This comes at a price there's no upgrade path back to a "normal" version of Server 2008 short of a reinstall. In fact there is no GUI at all everything is done from the command line.
IIS 7, the Web server bundled with Server 2008, is a big upgrade from the previous version. "There are significant changes in terms of security and the overall implementation which make this version very attractive," said Barb Goldworm, president and chief analyst at Boulder, Colorado-based Focus Consulting. One new feature getting a lot of attention is the ability to delegate administration of servers (and sites) to site admins while restricting their privileges.
4. Role-based installation Role-based installation is a less extreme version of Server Core. Although it was included in 2003, it is far more comprehensive in this version. The concept is that rather than configuring a full server install for a particular role by uninstalling unnecessary components (and installing needed extras), you simply specify the role the server is to play, and Windows will install what's necessary nothing more. This makes it easy for anyone to provision a particular server without increasing the attack surface by including unwanted components that will not do anything except present a security risk.
5. Read Only Domain Controllers (RODC)
It's hardly news that branch offices often lack skilled IT staff to administer their servers, but they also face another, less talked about problem. While corporate data centers are often physically secured, servers at branch offices rarely have the same physical security protecting them. This makes them a convenient launch pad for attacks back to the main corporate servers. RODC provides a way to make an Active Directory database read-only. Thus, any mischief carried out at the branch office cannot propagate its way back to poison the Active Directory system as a whole. It also reduces traffic on WAN links.