Hands-on: Windows Longhorn Server Beta 2

Radical code revision focuses on security, system integrity and reliability.

1 2 3 4 5 Page 2
Page 2 of 5

IIS Improvements

The venerable Microsoft Web server has undergone quite a bit of revision in Longhorn Server. IIS 7 is, for the first time, fully extensible and fully componentized -- you only install what you want, so the service is lighter, more responsive and less vulnerable to attack. The administrative interface for IIS has also been completely redesigned. Key improvements include the following:

  • Newly rearchitected componentized structure. For the first time in IIS history, administrators exercise complete control over exactly what pieces of IIS are installed and running at any given time. You can run the exact services you required -- no more, no less. This is of course more secure, not to mention easier to manage and better performing.

  • Flexible extensibility model. IIS 7 allows developers to access a brand-new set of application programming interfaces (API) that can interact with the IIS core directly, making module development and customization much easier than it ever has been. Developers can even hook into the configuration, scripting, event-logging and administration areas of IIS, which opens a lot of doors for enterprising administrators and third-party software vendors to extend IIS' capabilities sooner rather than later.

  • Simplified configuration and application deployment. Configuration can be accomplished entirely through XML files. Central IIS configuration can be spread across multiple files, allowing many sites and applications hosted by the same server to have independent but still easily managed configurations. One of Microsoft's favorite demos of IIS 7 involves setting up a Web farm with identically configured machines. As new members of the farm are brought online, the administrator simply uses XCopy and moves existing configuration files over to the new server, and in a matter of seconds, the IIS setup on the new machine is identical to that on the existing machines. This is perhaps the best change in IIS 7.

  • Delegated management. Much like Active Directory allows an administrator to assign permissions to perform certain functions to other users, IIS administrators can delegate control of some functions to other people, like site owners.

  • Efficient administration. IIS Manager has been completely redesigned and is joined by a new command-line administration utility, appcmd.exe. Figure 1 shows the new administrative console for managing IIS.

Figure 1 - IIS Manager in Longhorn Server Beta 2

Figure 1 - IIS Manager in Longhorn Server Beta 2

(Click image to see larger view)

Networking Improvements

The Longhorn server team has made a special effort at improving network performance and efficiency in Beta 2. For the first time, there is a dual-IP layer architecture for native IPv4 and IPv6 support together, simultaneously. (If you've ever configured IPv4 and IPv6 on a Windows Server 2003 machine, you'll know what a pain it is to get them to interoperate without falling all over each other.)

Communications security is enhanced through better IPsec integration throughout the various pieces of the TCP/IP stack. Hardware is used more efficiently and robustly to speed up performance of network transmissions, intelligent tuning and optimization algorithms run regularly to ensure efficient communication, and APIs to the network stack are more directly exposed, making it easier for developers to interact with the stack. Let's take a look at some of the improvements in what the team is calling the next-generation TCP/IP Stack.

TCP/IP Stack Enhancements

One improvement to the TCP/IP stack is the autotuning TCP window size: Longhorn Server can automatically tune the size of the receive window by each individual connection, increasing the efficiency of large data transfers between machines on the same network. Microsoft quotes the following example: "On a 10 Gigabit Ethernet network, packet size can be negotiated up to 6MB in size." I was unable to replicate this in my testing, but that may well be due to limitations in my equipment more than a faulty software implementation.

The dead gateway detection algorithm present in Windows Server 2003 has been slightly improved in the Beta 2 release. Windows now tries every so often to send TCP traffic through what it thinks to be a dead gateway. If the transmission doesn't error out, then Windows automatically changes the default gateway to the previously detected dead gateway, which is now live.

And Longhorn Server supports offloading network-processing functions from the CPU itself to the processing circuitry on the network interface card (NIC), freeing up the CPU to manage other processes.

There are also improvements to network scaling. For example, in previous versions of Windows Server, one NIC was associated with a single physical processor. However, with the right network card, Longhorn Server supports scaling NICs and their associated traffic among multiple CPUs -- a feature called receive-side scaling -- permitting much higher amounts of traffic to be received by one NIC on a highly loaded server. This should benefit multiprocessor servers in particular because more scale can be added simply by adding processors or NICs and not by adding entirely new servers.

Changes to Terminal Services

Network applications are growing in popularity with each passing week. Longhorn Server sees more work in the Terminal Services/Remote Desktop area than might have been expected, and some of the new capabilities are very welcome improvements. Aside from three brand-new features, the team worked on improving the core processes that make Terminal Services tick, including single sign-on to TS sessions, monitor spanning and high-resolution support for sessions, integration with the Windows System Resource Manager to better monitor performance and resource usage, and themes that make TS sessions seamless to the client.

There are three key new features added in the Longhorn Server release. The first is Terminal Services Remote Programs. Like the functionality offered by Citrix MetaFrame years ago, Longhorn Server will support out-of-the-box the ability to define programs to be run directly from a TS-enabled server but be integrated within the local copy of Windows, adding an independent Taskbar button, resizable application window areas, Alt-Tab switching functionality and more.

Users will have no idea that their application is hosted elsewhere, except for the occasional slow response because of network latency or server overload. It's also simple to enable this functionality: administrators create .rdp files, which are text-based profiles of a TS connection that the client reads and uses to configure an Remote Desktop Protocol (RDP) session for that particular program.

Next, there's the Terminal Services Gateway. This feature allows users to access Terminal Services-hosted applications from a Web portal anywhere on the Internet, secured via an encrypted HTTPS channel. The gateway can send connections through firewalls and correctly navigate Network Address Translation situations that stymied the use of this technology before.

This saves corporations from having to deploy Virtual Private Network access to remote users for the sole purpose of accessing a Terminal Services machine; plus, since the data is sent over HTTPS, almost anyone can access the sessions, even at locations where the RDP is blocked by the firewall. Administrators can set connection authorization policies, or CAPs, that define user groups that are permitted to access TS through the TS Gateway machine.

Finally, in conjunction with the Remote Programs feature I just discussed, we also see in Longhorn Server the TS Web Access feature, which lets administrators publicly display available TS Remote Programs on a Web page. Users can browse the list for the application they want to run, click on it and then be seamlessly embedded in the application -- using all the features of TS Remote Programs -- while retaining the ability to launch other programs from the same Web Access site.

The service is smart enough to know that multiple programs launched by the same user should reside in the same Terminal Services session, making resource management a bit simpler, and you can even integrate TS Web Access within SharePoint sites using an included Web Part.

1 2 3 4 5 Page 2
Page 2 of 5
7 inconvenient truths about the hybrid work trend
Shop Tech Products at Amazon