Performance, security, and manageability
| Executive Summary:|
Microsoft’s senior technical product manager for Windows Server and senior product manager for Windows Client Deployment explain that customers who use Windows Server 2008 and Windows Vista together will benefit from improvements in system-wide performance, security, and manageability.
“The three areas that customers will get the most benefit from by using Windows Server 2008 and Windows Vista together are system- wide performance, improved security, and manageability.” Following the launch of Server 2008 and Vista SP1, these were the points emphasized by Microsoft’s Justin Graham, senior technical product manager for Windows Server, and his Vista colleague, Jeremy Chapman, senior product manager, Windows Client Deployment. “Within each of these three buckets,” Justin continued, “we have a number of key features that the server either enables or makes better when used with the client.”
Because the client and server now share a code base for all versions, from consumer through server, networking is unified and therefore faster. Justin pointed out, “On the networking side, our improvements are on things like the next generation TCP/IP stack. It’s completely redesigned. The benefits are native IPv6 support versus emulated IPv6 support in previous versions. Also, some other features that allow things like policy-based Quality of Service \[QoS\] and Receive Window Auto-Tuning. We also made improvements and have released a new SMB (Server Message Block) protocol called SMB 2.0. This is aimed at improving file sharing performance and also streaming video. The SMB protocol makes all of that happen much, much faster than in previous versions of Windows, including XP SP2.”
I asked Justin to elaborate on Receive Window Auto- Tuning. “This feature really benefits companies who have a lot of branch offices or remote offices that have varying speeds of WAN links,” Justin replied. “When the client and server are speaking over the network, they can sense the network conditions and automatically increase or decrease their Receive Window to match the conditions of the network—basically enabling the maximum consistent throughput on the network for the given conditions.”
Security and Manageability
The features that Microsoft touts as security and manageability advantages to using Vista and Server 2008 together are Network Access Protection (NAP)—which lets you monitor, isolate, and remediate the security of devices as they try to access your network—and Windows BitLocker Drive Encryption. Justin explained, “When you use NAP with Windows Vista, you get a couple of benefits. One is that the NAP client, which ensures that the client is healthy, is automatically included with Windows Vista. With Windows XP, you have to download and deploy an add-on client. That makes it a little more complex to deploy NAP in a Windows XP scenario. The last piece is that with Windows Vista, we support an additional enforcement mechanism called AuthIP. In XP you’re limited to deploying IPsec or using hardware-based 802.1x enforcement. The benefit to AuthIP is that it is an extension of IPsec that is more modular and easier to configure.” (For information about AuthIP, see technet.microsoft.com/en-us/library/bb878097.aspx.)
As for BitLocker, Justin said, “The real improvement here is we’re able to use Group Policy to force BitLocker Drive Encryption on certain groups of client and server machines. With just Windows Vista and not running Windows Server 2008 on the back end, there’s no way to force BitLocker Drive Encryption on the clients.”
Moving the discussion to the client side, Jeremy emphasized “end-to-end deployment,” including Windows Deployment Services (WDS) Multicast and Volume Activation. With availability of the Windows Automated Installation Kit (WAIK), Vista and Server 2008 let you take advantage of deployment tools that were previously available only to OEMs to support mass deployments. In addition, Jeremy said, the former Business Desktop Deployment (BDD), now called Microsoft Deployment Toolkit (MDT), provides “task sequencing functionality with very low reliance on scripting. And it will call the new Windows Server 2008 Server Manager, which allows you to apply a role to a server. After that role is applied, we can continue to configure that server to where it’s completely usable.”
WDS Multicast was a much-requested feature. Jeremy explained, “In the Windows Server 2003 WDS or \[Remote Installation Services\] RIS days, we were doing one image per device. If you’re deploying 1,000 machines and each image is 4GB to 5GB, you’re deploying 5,000GB over the network. Instead of 5,000GB, you’re doing 10GB. If the machine joins the multicast transmission later, it will even pick up the components it missed during the first transmission. So it might only take two loops to provision that image to 1,000 machines.”
Microsoft has gone to great lengths to demonstrate the value of implementing Vista and Server 2008 together. Do such features make you more likely to install both new OSs? I’m looking forward to your feedback.