Feeds

Windows Server 8 plays catch-up with VMware and Unix

Microsoft rolls 'cloud-based operating system'

Combat fraud and increase customer satisfaction

A time to replicate

Another key feature is Hyper-V Replica. At its most basic, all you need is two Hyper-V hosts, and you can set up VM replication via a right-click option in the Hyper-V manager. Once initialised, replication only copies differences, and uses VSS (Volume Shadow copy Service) for application-level consistency. Once configured, Hyper-V will failover to the replica if there is a failure.

Hyper-V virtual networks are transformed from the simple affair in earlier versions. Hyper-V now has an extensible virtual switch, which handles network traffic between VMs, the external network, and the host server. You can now create private VLANs (Virtual sub-networks) which are isolated from one another for safe multi-tenancy. Port ACLs (Access Control Lists) let you restrict traffic by source or destination.

Bandwidth control lets you specify maximum and minimum bandwidth per VLAN, which means you can guarantee the level of service for specific customers, or prevent one customer from using too much bandwidth.

Hyper-V virtual networks can also be extended with third-party filters for capturing, filtering or redirecting traffic.

The theme here is obvious: making Windows Server work properly for multi-tenanted hosts.

Desktops in the remote sense

Microsoft's remote desktop services, once known as terminal services, get both usability and feature improvements in Server 8. Microsoft now defines three types of virtual desktop:

  • Remote Desktop Session Host (RDSH) is the original lightweight remote desktop based on a user session on the server.
  • Pooled Virtual Desktop: each user has their own VM, but are drawn from a pool so they may get a different one on each log-on. In Server 8, both personalization and performance is improved by storing user state separately, so it is no longer solely dependent on what is in the roaming profile. Patching pooled VMs is simplified by use of a golden image VM. To patch the machines, you need only update the golden image. This is then rolled out to users when they log out, or on a schedule, or in emergency as an instant update.
  • Personal Virtual Desktop, where users have their own dedicated VM. In this type of VDI (Virtual Desktop Infrastructure), VMs are now treated in a similar way to physical machines, and patching is managed by Windows Software Update Services.

Setting up these VDI options is simplified in Server 8. You need do little more than specify what kind of VDI you want, and a wizard will set it up with default options.

Performance of remote desktops is also improved. Fast graphics and video is possible with a feature called RemoteFX, which can adapt to both software and hardware GPUs depending on what is available, and there is now multi-touch support, perhaps in preparations for Windows 8 VMs.

One thing that Microsoft's VDI offering does not support is the ability to take a VM offline and sync it back later. Microsoft's Remote Desktop program manager Ashwin Palekar told us that he sees no value in offline VDI.

But there is hope for official Remote Desktop clients for non-Microsoft platforms such as iOS and Android. "We are actively evaluating support," said Palekar.

What about VDI licensing? Mike Neil, general manager of Windows Server Planning and Management, admitted: "The feedback we've had from our customers is that our licensing is Byzantine." He stopped short of promising to fix it, but at least the issue is on the table.

The IIS have it

Microsoft's web server has been revamped for better scalability and multi-tenancy. One example of this is in SSL certificate management. In previous versions, certificates are stored in the Windows certificate store and bound individually to websites, with all certificates loaded into memory even when not in use. Microsoft has now figured out that you can simply store SSL certificates on a file server and infer which to use for a particular site by matching the site name. This change lifts the limit of SSL sites on a single server from 500 to 10,000 or more, as well as improving performance.

Another change is better support for NUMA (Non Uniform Memory Access), where memory has an affinity with a specific processor. Apparently IIS handled this badly before, crossing NUMA boundaries in its memory usage so that performance might actually get worse on many core systems. That has been fixed, with systems of greater than 32 cores showing most benefit.

A key feature for multi-tenanted servers is CPU throttling, where you limit the processor time available to specific sites. This feature was present in earlier versions but did not work well, because it averaged CPU usage over a period. The new CPU throttling works as you would expect, letting cloud-hosting providers sell CPU time effectively to their customers, or allowing enterprises to ensure even performance across all sites.

What else is new? Quite a lot.

There's Dynamic Access Control, which is a new approach to authorizing access to shared files and folders. It is based on claims, tags and expressions. A simple example would be to require that users be from the same company department as the file, where "department" is a both tag on a shared folder and a claim in Active Directory.

High performance access to file storage

More from The Register

next story
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Microsoft lobs pre-release Windows Phone 8.1 at devs who dare
App makers can load it before anyone else, but if they do they're stuck with it
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Oh no, Joe: WinPhone users already griping over 8.1 mega-update
Hang on. Which bit of Developer Preview don't you understand?
Internet-of-stuff startup dumps NoSQL for ... SQL?
NoSQL taste great at first but lacks proper nutrients, says startup cloud whiz
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Ditch the sync, paddle in the Streem: Upstart offers syncless sharing
Upload, delete and carry on sharing afterwards?
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
prev story

Whitepapers

Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.