Windows Server 2016 Highlighted Features

2018-09-26 // By Penny Morgan

Whether you have already decided to take the plunge and deploy Windows Server 2016, or you're on the fence about upgrading, there are many features of Windows Server 2016 that may deserve your attention.

Windows Server 2016 has been available for purchase and download directly from Microsoft's website and authorized resellers worldwide since October 2016. It includes several important changes to the core operating system and a number of new features designed to help organizations achieve Microsoft’s ultimate goal of integrating local resources with both public and private cloud infrastructures to provide a greater degree of manageability over various computing environments (virtualized and physical), while keeping it seamless for businesses and users to be productive.

New and Improved Features

The most advertised new and improved features include the following:

Nano Server: Similar to Windows Server Core mode, Nano Server reduces the attack surface of the server by removing the GUI and any unnecessary optional installations. It has been optimized for use in private clouds and data centers, as well as running web services, such as DNS or IIS, providing an installation option 93% smaller than traditional Windows Server deployments.. Nano Server must be remotely administered, as it provides no local logon capability and only supports 64-bit applications. As you will read later in this article, Nano Server was later deprecated in a future update of Windows Server in favor of using Nano Containers.
Windows containers: Unlike virtual machines, containers allow for operating system-level virtualization by providing just enough access to the OS, libraries, and underlying resources to host applications in an isolated user-space. In simple terms, containers provide an isolated environments where applications and services can run without affecting the system and vice versa.
Active Directory Domain Services: Privileged Access Management (PAM) helps to address the theft of credentials by working with Microsoft Identity Manager (MIM) to protect the Active Directory (AD) forest from accounts with privileged access. PAM will provide a way for administrators to isolate the use of privileged accounts to reduce the risk of those credentials being stolen.

Additionally, new processes are in place for requesting administrative access and monitoring of such accounts, including the expiring links feature, which limits the administrative window period based on a specified time frame.
Active Directory Federation Services (ADFS) continues to provide simple, secure identity federation and Single Sign-On (SSO) between ADFS-secured enterprises and partner organizations. New in 2016 is the ability to authenticate users stored in LDAP or cloud-based providers.
Hyper-V introduces hot management of virtual networking adapters and memory for virtual machines. Meaning, you can now add a NIC or more memory while the virtual machine remains running. For security-minded administrators, Windows Server 2016 includes shielded virtual machines that minimize tampering with or the theft of data and virtual machine states by encrypting both and preventing the inspection of video signals and disks.
Windows Defender: Microsoft's Windows Server Antimalware application is installed by default in Windows Server 2016 in an effort to detect and neutralize malware threats in real-time with automatic updating.
Storage Spaces Direct takes Storage Spaces, introduced in Windows 8 and Windows Server 2012 to provide RAID-like functionality but in software, to another level. Storage Spaces Direct enables the building of high-availability storage using only direct attached disks, including JBODs stored locally or networked as part of a storage pool.
PowerShell 5.0: Continuing the trend towards being Microsoft's de facto management terminal, PowerShell retains its backwards compatibility while introducing new cmdlets and modules for remote management and scripting of clients, servers, and applications. Windows Server 2016 introduces a significant number of new PowerShell cmdlets focused on specific functionality, including 21 DNS-related commands, 11 for Windows Defender, 36 for Hyper-V, 17 for IIS administration, and 141 commands related to the Network Controller, just to name a few.

On October 17, 2017, Microsoft released Windows Server, version 1709 as part of its announced Semi-Annual Channel releases. This version includes new features and advancements for Nano Server, virtualization, and containerization, and it adds support for managing Linux subsystems.

Nano Container: Nano Server has been deprecated and replaced by Nano Container. Essentially, a Nano running within a container image, bringing with it an almost 80% reduction in image size.
Server Core as a container: The Server Core container image is almost 60% smaller, while being further optimized for life-and-shift scenarios, as well as migrating applications into containers.
Linux support: By installing the optional Windows Subsystem for Linux feature, users can download, install, and run Linux distributions on Windows Server.
Software-defined networking: One of the newest features is the encryption of traffic between virtual machines on a virtual switch, utilizing Datagram Transport Layer Security (DTLS) to encrypt packets between VMs on encryption-enabled subnets to prevent eavesdropping, tampering, and forgery of data in transit.
Docker support: Docker's container-as-a-service was already allowed in Windows Server 2016; in version 1709, you can install Docker natively, and support Windows-based and Linux-based Docker containers from within Windows.
Storage Replica: The Storage Replica protections added in Windows Server 2016 have been expanded to include Test Failover, which mounts snapshots of replicated storage for temporary testing or backup purposes. Also included is Project Honolulu support, a graphical management console for server-to-server replication, which previously required PowerShell to manage.

The real focus of Windows Server, version 1709 lies squarely on Server Core, containers, and microservices in an effort to reduce image sizes when hosting services or migrating existing code bases. The shift from previous versions of Windows Server allows systems administrators and developers to deploy containerized images that have been reduced dramatically and further optimized, while providing modernized security to protect virtual machines (VMs), encrypt network transmissions using software-defined networking, and provide enhanced storage and disaster recovery protection through failover and replication features.

Installing Windows Server 2016

In addition to these highlighted features, the installation method of Windows Server 2016 has been modified so that, by default, the Server Core versions of the OS are installed. The full install, or "Desktop Experience" version, is still available as an option during the initial installation process for users that require the additional resources

Performance Enhancements

Along with new and improved features, Windows Server 2016 also offers some performance enhancements.

Windows Server 2016 boosts the physical host memory support six times over the current Windows Server products and it increase virtual machine memory support by 16 times as well. These performance boosts primarily provide a way to push Hyper-V scalability and support new scenarios around data analytics and machine learning.

You can find references to this information, as well as more details at the following locations:

https://www.techrepublic.com/article/windows-server-2016-the-smart-persons-guide/
https://searchwindowsserver.techtarget.com/essentialguide/The-essential-guide-to-Microsoft-Windows-Server-2016
https://redmondmag.com/articles/2016/08/26/windows-server-2016-performance-specs.aspx
https://www.computerworld.com/article/2998888/virtualization/the-best-new-features-in-windows-server-2016.html

These highlighted features may be enough to draw your attention to Microsoft’s latest and greatest server edition and begin making your plans for future deployments. If you are looking for even more information about deploying and administering Windows Server 2016, or if you could.benefit from some hands-on experience using these features and more, check out the following courses on our upcoming schedule for Microsoft Official Courses on Windows Server 2016 by visiting www.LrsEducationServices.com:

MS20740 – Installation, Storage, and Computer with Windows Server 2016
MS20741: Networking with Windows Server 2016
MS20742: Identity with Windows Server 2016
MS20743: Upgrading Your Skills to MCSA: Windows Server 2016

We’d love to have you attend in person, virtually, or by using the Microsoft On-Demand (MOD) training format. And in case you didn’t know, however you choose to attend these courses, you will also receive a FREE Pearson Vue Certification exam voucher to get you moving down the road to certification!
If you have any questions or would like more information regarding courses scheduled at LRS Education Services, please call 877 832.0688 ext: 1493 or email us at getsmart@LRS.com

Penny Morgan, MCT, MCSA, MCITP, MCTS, MCSE, MCP
LRS Education Services

Start Wide, Go Deep with Microsoft Security SC-200 Course

Microsoft designed their recently updated Microsoft Security Operations Analyst course (SC-200) using a method that lends itself well not only to learning, but also to implementation.

Winter 2024 Newsletter and Schedule

Read the Winter 2024 newsletter and course information.

Happy holidays or bah humbug due to cyber attacks?

Here are a few tips to help you stay safe online while buying gifts this holiday season.

Webinar Recording: The NIST Cybersecurity Framework 2.0 Initial Public Draft

This webinar discusses the NIST Cybersecurity Framework 2.0 Initial Public Draft, with updates making it easier to implement the tool to improve cybersecurity programs.

Microsoft Teams desktop client update!

Here we are, in October, with the newly released Microsoft Teams desktop client being made publicly available for Windows and Mac.