Review: Much to like in Windows Server 2008

Today, Microsoft released to manufacturing the latest and greatest version of its Windows Server software, nearly five years after the debut of Windows Server 2003. What's Microsoft been doing during all of that time? I've broken down the release, having worked with it in detail for more than two years, and looked at everything that has changed, that's new or that has been improved.

Read on for the full scoop on Windows Server 2008, and how it might work for your organization.

The biggest changes

Unlike the transition from Windows 2000 Server to Windows Server 2003, which was a fairly minor "point"-style update, Windows Server 2008 is a radical revision to the core code base that makes up the Windows Server product.

Windows Server 2008 shares quite a bit of fundamental code with Windows Vista, which was derived directly from the secure development model (SDM). This is a sea change in programming methodologies at Microsoft; it puts secure code at the forefront of all activity. Thus, a lot of new features and enhancements you will see in both Vista and Windows Server 2008 are the result of a more secure code base and an increased focus on system integrity and reliability.

The most radical changes to Windows Server 2008 include Server Core and the new Internet Information Services 7.0. Let's begin with them.

Server Core

Server Core is a minimal installation option for Windows Server 2008 that contains only a subset of executable files and server roles. Management is done through the command line (see Figure 1) or through an unattended configuration file.

According to Microsoft, "Server Core is designed for use in organizations that either have many servers, some of which need only to perform dedicated tasks but with outstanding stability, or in environments where high security requirements require a minimal attack surface on the server." Accordingly, there are limited roles that Core servers can perform. They are:

• Dynamic Host Configuration Protocol (DHCP) server
• Domain Name System (DNS) server
• File server, including the file replication service, the distributed file system (DFS), distributed file system replication (DFSR), the network file system and single instance storage (SIS)
• Print services
• Domain controller, including a read-only domain controller
• Active Directory Lightweight Directory Services (AD LDS) server
• Windows server virtualization
• IIS, although only with a portion of its normal abilities -- namely, only static HTML hosting, and no dynamic Web application support
• Windows Media Services (WMS)

Additionally, Server Core machines can participate in Microsoft clusters, use network load balancing, host Unix applications, encrypt their drives with Bitlocker, be remotely managed using Windows PowerShell on a client machine and be monitored through Simple Network Management Protocol (SNMP).

Most administrators will find that placing Server Core machines in branch offices to perform domain controller functions is an excellent use of slightly older hardware that might otherwise be discarded. The smaller footprint of Server Core allows the OS to do more with less system resources, and the reduced attack surface and stability make it an excellent choice for an appliance-like machine. Plus, with a branch office, you can combine Server Core with the ability to deploy a read-only domain controller and encrypt everything with BitLocker, giving you a great, lightweight and secure solution.

Server Core is a fantastic new installation option that is sure to find an appropriate home in all but the smallest organizations.