With all the commotion surrounding Windows 7, one could almost forget that most companies have not even made the leap to Vista. Does Windows 7 have what it takes to make these customers skip Vista? Or will Redmond be forced to deploy every trick in the book to avoid a repeat of Vista's less-than-stellar reception?
Users and Administrators at Odds
Illustrating the disconnect between IT professionals and home users, the most publicized complaint about Vista among end users is its most heralded feature among system administrators: User Account Control (UAC). Windows 7, on the other hand, promises a fine-tunable checks-and-balances system, which may prove more inviting to average because of its less-intrusive behavior.
For system administrators and power users, Windows 7 may be tempting because of its seemingly endless list of new features that may prove to be just a tad more useful than Vista's Sidebar (which will disappear in Windows 7, although Gadgets remain). Below is a list of some of these features that I think are particularly promising.
Both Windows Server 2008 R2 and Windows 7 will include this PowerShell on steroids upgrade to the much loved original PowerShell. A GUI that will look familiar to Visual Studio users (complete with debugging features and color-coding), and more than 200 new cmdlets should make even UNIX users jealous. Additionally, PowerShell 2.0 will make remote executing available to administrators, thus enabling them to execute scripts on multiple networked computers at once.
For an inside look at PowerShell's progress from Microsoft, be sure to bookmark the PowerShell Team Blog.
With DirectAccess, Microsoft seems to be acknowledging the growing number of telecommuters and the need to effectively manage their systems: mobile users will be able to connect to the corporate network without the hassle of having to set up a VPN.
DirectAccess uses IPv6-over-IPsec (IPv6 should already be on every administrator's mind anyway — I wrote about IPv6 here), and the advantages are obvious: through Group Policy settings, mobile computers can be managed any time the computer has Internet connectivity (and not only when the computer connects to the network). This ensures that even mobile computers stay updated and in line with local policies.
Is that the sound of your WAN breathing a sigh of relief?
BranchCache allows the administrator to enable intranet-accessed data to be cached locally at the branch office, resulting in "like-local" access speeds. BranchCache's Hosted Cache Mode hosts the locally cached data on a branch office Windows Server 2008 R2 system, while Distributed Cache caches the data directly on branch PCs.
Windows Troubleshooting Platform
Windows Troubleshooting Platform aims to be a programmable platform — it's based on PowerShell — to facilitate user troubleshooting. The tool will allow administrators to use, customize, and develop Windows Troubleshooting Packs to target specific user issues.
Bitlocker To Go
Bitlocker's drive encryption functionality is being extended to include USB sticks. Administrators will have control over password length, and can even prevent users from writing to USB storage devices before Bitlocker protection has been applied.
In this day and age of data leaks and insider threats, this is a welcome new twist.
Applocker greatly tightens an administrator's control over what applications users can, and more importantly, cannot run. "Publisher rules" allow the administrator, through Group Policy, to fine tune installation rules based on an application's digital signature.
Whereas Microsoft has been offering the Shared Computer Toolkit (or SteadyState for XP and Vista) as a separate download for those looking for a reliable way to lock down their computers in multiple-user situations, PC SafeGuard will be integrated into Windows 7. While few details has been released, it seems like PC SafeGuard will be able to both lock (portions of) hard drives, and erase all user activity after the user logs off.
Four settings will be available: "Never notify", "Notify when programs try to make changes", "Always notify" and the current Vista-default behavior of "Always Notify and Wait for my Response". Without a doubt, this flexibility will be loved by some and loathed by others.
I have been using the excellent Roboform Password Manager (which not only safeguards all your passwords in a password repository, but also has the ability to automatically log you in to website interfaces) for years. I'll be very interested to see how Windows 7's Windows Credentials stacks up, as it is touted to have exactly those capabilities as well.
As you can see, Windows 7 promises a good mix of tools to help administrators manage systems on their corporate networks and exert better control over their user environments. Now, the wait begins.
About the Author
Dries Janssens is the director of IT for State Continuing Education, a Texas-based company providing continuing education for 9 professions in 48 states.
This article was first published on EnterpriseITPlanet.com.