From the Jan./Mar. 2008 Issue
It’s fall 2007, and I’m sitting down to write a column that will appear in early 2008. So I’m thinking to myself, ‘What’s happening early in 2008,’ and then it hits me: That’s when Windows Server 2008 (Codename Longhorn Server) will be released. So I thought this might be the perfect opportunity to share from my perspective some of the new and exciting stuff that’s coming with the release of the new server operating system. Now, don’t get me wrong, I know anyone in the accounting profession most likely won’t be worrying about a new server operating system in the February timeframe. There are other fish to fry during traditional “busy season.” But moving up to Windows Server 2008 may be something to consider after the dust settles.
This is certainly a ‘hot’ topic and you have probably already read or heard something about virtualization. If not, here is a shameless plug for my article on virtualization published in the September 2007 issue of this magazine (see www.CPATechAdvisor.com/go/1655). At any rate, Microsoft ups the ante against market leader and rival in the virtualization market VMWare with the incorporation of virtualization into Windows Server 2008. The only caveat is you really will have to wait for this addition. Microsoft announced that virtualization won’t be part of the initial launch of Windows Server 2008. Rather, it will be released “within” 180 days of launch. That timeframe should work out nicely for practicing accountants. The virtualization piece will only run on 64-bit hardware. Don’t stress about this; you may already have 64-bit capable hardware. Chipmakers have had 64-bit versions for several years, waiting for the software to catch up. You might be wondering if 32-bit applications will run on a 64-bit platform. The answer is maybe. For the older/wiser group, remember when we had the same concern about 16-bit software running on 32-bit hardware? The same process will be employed: 32-bit software will be “thunked” or, in other words, 32-bit software calls on the hardware will be translated into 64-bit streams.
Another new option with Windows Server 2008 is a ‘Core’ installation of the operating system. This is essentially a head-less, GUI-less version of the server operating system. The total size on the disk will be less than 1GB, yet it will run many of the key infrastructure roles like file and print services. This smaller ‘footprint’ means a smaller attack surface and less to maintain for patching. A Server 2008 Core machine will also make a great host machine for virtual servers. The drawback is that interacting with the server will have to be done at the command line locally or using the graphical tools in a remote session.
NETWORK ACCESS PROTECTION
This new technology, which is part of Windows Server 2008, will prevent ‘unhealthy’ computers from accessing your network. Health for this purpose is defined as current anti-virus updates and operating system patches. So if you give that staff person access to the network, but you are worried the home machine they’re connecting from may propagate a virus on your network … worry no more. Connection requests are now granted only where the health policy is met and, if not, the policy server can even put the sub-standard machine in a restricted network with remediation servers to get updated. This should ease some concerns about catching a virus from outside.
This encryption technology has received a lot of press in Vista Pro editions; it will provide the same functionality for Windows Server 2008. By enabling the encryption on the entire hard disk, if that disk is removed, the perpetrator will need the significant key or decryption device in order to access the data on the drive.
Most practitioners have used the functionality in terminal services. This allows for connecting to an office machine from a home or other remote location and running programs remotely as only the keyboard, mouse and video refreshes come across the wire. There are significant improvements in the Terminal Services area with Windows Server 2008. One new addition is the support of remote applications. For those of you who have used Citrix servers previously, this is similar to what Citrix refers to as seamless windows. Essentially, the end user is presented with a web page with links to published applications. When one of those is selected, the application loads up and runs as if it were loaded locally, but in reality it’s running on the terminal server. Applications can be published through Active Directory so that each user will only see applications they are specifically authorized to run.
To up the security, the remote desktop software has been re-written. Now remote users will have to provide credentials prior to the beginning of the connection process. Older desktop operating systems (XP and Windows Server 2003) will be able to install the new version of the remote desktop software while Vista and Windows Server 2008 will come with the new version native. Oh, and another name change here: The new version is referred to as RDC (Remote Desktop Connection) 6.0.
Finally, in the Terminal Services area is the ability to connect to your office machine without first having to connect to your private network using a VPN (Virtual Private Network) connection. Similar to the functionality in ‘Outlook Anywhere,’ where Outlook can connect to the Exchange Server without a VPN, is Terminal Server Gateway. The TS Gateway receives remote desktop network traffic, which has been ‘encapsulated’ inside HTTPS packets. This HTTPS traffic is much more common and, consequently, is allowed to flow through the myriad of firewalls and NAT devices out there. The bottom line is a connection that is established faster and can be connected to from virtually any outside network.
There’s a lot more, but that should give you a taste of some of the new functionality coming in Windows Server 2008.