Feeds

Windows Server 8 plays catch-up with VMware and Unix

Microsoft rolls 'cloud-based operating system'

Business security measures using SSL

A time to replicate

Another key feature is Hyper-V Replica. At its most basic, all you need is two Hyper-V hosts, and you can set up VM replication via a right-click option in the Hyper-V manager. Once initialised, replication only copies differences, and uses VSS (Volume Shadow copy Service) for application-level consistency. Once configured, Hyper-V will failover to the replica if there is a failure.

Hyper-V virtual networks are transformed from the simple affair in earlier versions. Hyper-V now has an extensible virtual switch, which handles network traffic between VMs, the external network, and the host server. You can now create private VLANs (Virtual sub-networks) which are isolated from one another for safe multi-tenancy. Port ACLs (Access Control Lists) let you restrict traffic by source or destination.

Bandwidth control lets you specify maximum and minimum bandwidth per VLAN, which means you can guarantee the level of service for specific customers, or prevent one customer from using too much bandwidth.

Hyper-V virtual networks can also be extended with third-party filters for capturing, filtering or redirecting traffic.

The theme here is obvious: making Windows Server work properly for multi-tenanted hosts.

Desktops in the remote sense

Microsoft's remote desktop services, once known as terminal services, get both usability and feature improvements in Server 8. Microsoft now defines three types of virtual desktop:

  • Remote Desktop Session Host (RDSH) is the original lightweight remote desktop based on a user session on the server.
  • Pooled Virtual Desktop: each user has their own VM, but are drawn from a pool so they may get a different one on each log-on. In Server 8, both personalization and performance is improved by storing user state separately, so it is no longer solely dependent on what is in the roaming profile. Patching pooled VMs is simplified by use of a golden image VM. To patch the machines, you need only update the golden image. This is then rolled out to users when they log out, or on a schedule, or in emergency as an instant update.
  • Personal Virtual Desktop, where users have their own dedicated VM. In this type of VDI (Virtual Desktop Infrastructure), VMs are now treated in a similar way to physical machines, and patching is managed by Windows Software Update Services.

Setting up these VDI options is simplified in Server 8. You need do little more than specify what kind of VDI you want, and a wizard will set it up with default options.

Performance of remote desktops is also improved. Fast graphics and video is possible with a feature called RemoteFX, which can adapt to both software and hardware GPUs depending on what is available, and there is now multi-touch support, perhaps in preparations for Windows 8 VMs.

One thing that Microsoft's VDI offering does not support is the ability to take a VM offline and sync it back later. Microsoft's Remote Desktop program manager Ashwin Palekar told us that he sees no value in offline VDI.

But there is hope for official Remote Desktop clients for non-Microsoft platforms such as iOS and Android. "We are actively evaluating support," said Palekar.

What about VDI licensing? Mike Neil, general manager of Windows Server Planning and Management, admitted: "The feedback we've had from our customers is that our licensing is Byzantine." He stopped short of promising to fix it, but at least the issue is on the table.

The IIS have it

Microsoft's web server has been revamped for better scalability and multi-tenancy. One example of this is in SSL certificate management. In previous versions, certificates are stored in the Windows certificate store and bound individually to websites, with all certificates loaded into memory even when not in use. Microsoft has now figured out that you can simply store SSL certificates on a file server and infer which to use for a particular site by matching the site name. This change lifts the limit of SSL sites on a single server from 500 to 10,000 or more, as well as improving performance.

Another change is better support for NUMA (Non Uniform Memory Access), where memory has an affinity with a specific processor. Apparently IIS handled this badly before, crossing NUMA boundaries in its memory usage so that performance might actually get worse on many core systems. That has been fixed, with systems of greater than 32 cores showing most benefit.

A key feature for multi-tenanted servers is CPU throttling, where you limit the processor time available to specific sites. This feature was present in earlier versions but did not work well, because it averaged CPU usage over a period. The new CPU throttling works as you would expect, letting cloud-hosting providers sell CPU time effectively to their customers, or allowing enterprises to ensure even performance across all sites.

What else is new? Quite a lot.

There's Dynamic Access Control, which is a new approach to authorizing access to shared files and folders. It is based on claims, tags and expressions. A simple example would be to require that users be from the same company department as the file, where "department" is a both tag on a shared folder and a claim in Active Directory.

New hybrid storage solutions

More from The Register

next story
'Windows 9' LEAK: Microsoft's playing catchup with Linux
Multiple desktops and live tiles in restored Start button star in new vids
Not appy with your Chromebook? Well now it can run Android apps
Google offers beta of tricky OS-inside-OS tech
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
iOS 8 release: WebGL now runs everywhere. Hurrah for 3D graphics!
HTML 5's pretty neat ... when your browser supports it
Greater dev access to iOS 8 will put us AT RISK from HACKERS
Knocking holes in Apple's walled garden could backfire, says securo-chap
NHS grows a NoSQL backbone and rips out its Oracle Spine
Open source? In the government? Ha ha! What, wait ...?
Google extends app refund window to two hours
You now have 120 minutes to finish that game instead of 15
Intel: Hey, enterprises, drop everything and DO HADOOP
Big Data analytics projected to run on more servers than any other app
SUSE Linux owner Attachmate gobbled by Micro Focus for $2.3bn
Merger will lead to mainframe and COBOL powerhouse
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Security and trust: The backbone of doing business over the internet
Explores the current state of website security and the contributions Symantec is making to help organizations protect critical data and build trust with customers.