Microsoft Windows Server 2008 is the advanced next generation server operating system that is designed to provide a secure, reliable, and robust environment with maximized control over the infrastructure. It powers the next generation networks, applications, and web services through new Web tools, virtualization technologies, security enhancements, unprecedented availability, and management capabilities.
It helps in saving time, reducing costs, and increasing the technological efficiency and value of an organization with an ability to develop, deliver, and manage rich user experiences and applications. IPv6
Windows Server 2008 was called as Longhorn and in May 2007, Bill Gates announced its current official title. Its Release Candidate 0 was released in 2007 to the general public. Its official release to manufacturing will take place in February 2008.
Various editions of Windows Server 2008 are given below.
- Windows Server 2008 Standard Edition (x86 and x86-64)
- Windows Server 2008 Enterprise Edition (x86 and x86-64)
- Windows Server 2008 Datacenter Edition (x86 and x86-64)
- Windows Web Server 2008 (x86 and x86-64)
- Windows Storage Server 2008 (x86 and x86-64)
- Windows Small Business Server 2008 (Codenamed “Cougar”) (x86-64) for small businesses
- Windows Essential Business Server 2008 (Codenamed “Centro”) (x86-64) for medium-sized businesses
- Windows Server 2008 for Itanium-based Systems (IA-64)
System requirements of Windows Server 2008 are given below.
As Windows Server 2008 is based on the code of Windows Vista Service Pack 1, it shares the same architecture and functionality. Besides inheriting the technical, security, management and administrative features of Windows Vista, Windows Server 2008 has many new features. Some of the important features are given below.
- Server Core – it is a scaled-back installation that has no Windows Explorer shell installed. The complete configuration and maintenance are done either through command line interface windows, or by connecting to the machine remotely using Microsoft Management Console. It does not include the .NET Framework and Internet Explorer.
- Active Directory Domain Services (ADDS) – The existing Active Directory roles are expanded to identity, certificate and rights management services such as Active Directory Federation Services (ADFS), Active Directory Lightweight Directory Services (ADLDS), Active Directory Certificate Services (ADCS), and Active Directory Rights Management Services (ADRMS).
- Terminal Services -Terminal Services include TS Remote programs, TS Gateway, TS Web Access, and TS Easy Print.
- Windows PowerShell – It is the Microsoft’s new extensible command line shell and task-based scripting technology.
- Self-healing NTFS – NTFS worker thread spawns in the background to perform a localized fix-up of damaged data structures with only the corrupted files/folders.
- Hyper-V – Implements operating system-level virtualization and partitions a single physical server into multiple small computational partitions.
- Windows System Resource Manager – It provides resource management through enforcing restrictions on the resource usage by a process that matches the criteria.
- Server Manager – A roles-based management tool to manage server and Security Configuration Wizard.
Windows Server 2008 offers many benefits and some of them are
- Better ability to deliver rich web-based experiences efficiently and effectively at lower costs
- Increased hardware utilization, optimized infrastructure, and improved server availability through virtualization technology
- Highly secure with many security innovations Most flexible and robust server operating system to date.
Windows Server 2008 and IPv6
Windows Server 2008 provides complete support for IPv6 and all of its features. There is no need for additional installation or configuration. Some of the changes to IPv6 in Windows Server 2008 are as follows.
- Dual IP layer architecture
- Automatic default installation
- GUI-based configuration
- IPSec Full Support
- Multicast Listener Discovery version 2 (MLDv2) support
- Link-local Multicast Name Resolution (LLMNR) support
- Literal IPv6 addresses in Uniform Resource Locators (URLs)
- IPv6-literal.net names’ support
- IPv6 over the Point-to-Point Protocol (PPP)
- Dynamic Host Configuration for IPv6 (DHCPv6) support
- Random interface IDs
- Internet Protocol Security (IPSec) improvements
IPSec in Windows Server 2008
Windows Server 2008 has the following improvements to Internet Protocol Security (IPSec).
- Firewall and IPSec Configuration – To provide an authenticating firewall, the Windows Firewall and IPSec configuration has been integrated into a single tool.
- IPSec Policy Configuration – IPSec offers an optional behavior while negotiating IPSec protection and helps to improve the performance of unprotected connections to hosts.
- IPSec for Domain Controllers – IPSec policy in the domain can be configured to request protected traffic, but not require it. Also it can be configured to require protected traffic for domain controllers.
- Load Balancing and Clustering Server – The timeout for a cluster node failure is substantially reduced and IPSec is more tightly integrated into the Next Generation TCP/IP stack.
- IPSec Authentication – IPSec nodes authenticate with a health certificate. They specify user-based or health based authentication during a second authentication. An additional level of authentication that is based on Kerberos credentials of the logged in user account, NTLM v2 credentials of the computer account, NTLM v2 credentials of the logged in user account, a user certificate, and a computer health certificate are also supported.
- Cryptography – Additional key derivation algorithms like Diffie-Hellman (DH) Group 19 and DH Group 20 are supported in main mode negotiation. Algorithms used for data encryption like Advanced Encryption Standard (AES) with cipher block chaining (CBC) and a 128-bit key size (AES 128), AES with CBC and a 192-bit key size (AES 192), and AES with CBC and a 256-bit key size (AES 256) are supported.
- Communication Configuration -Many additional settings can be set to simplify traffic configuration. These settings include
- By application name -to simplify the protected traffic configuration
- All or multiple ports – to specify all TCP or UDP ports or multiple TCP or UDP ports
- For all addresses in a numeric range – to specify a range of IP addresses using a numeric range
- For all addresses on the local subnet – to specify a set of predefined addresses that are dynamically mapped to the set of addresses defined by IPv4 address or IPv6 local subnet prefix.
- For all wireless adapters – to protect traffic based on the interface type
- By Active Directory user or computer account – to specify the list of computer or user accounts or groups that are authorized to initiate protected communication
- By ICMP or ICMPv6 Type or Code value – to specify ICMP or ICMPv6 messages with values of the ICMP or ICMPv6 message Type and Code fields
- For services – to specify the exception to apply to any process or services
- Integrated IPv4 and IPv6 Support -IPsec support for IPv6 traffic is the same as that for IPv4, and can be configured using Windows Firewall or IP Security Policies snap-ins.
- Extended Events and Performance Monitor Counters – IPsec performance counters help in identifying performance and networking issues with IPsec-protected traffic.
- Network Diagnostics Framework Support-This extensible architecture helps in recovery and troubleshooting problems with network connections.