Three Windows Server 2012 features that will please the CIO
These days, articles about Windows 8 are popping up everywhere. I’ve personally taken a dual role in explaining both why Windows 8 might be good for business and why it might not. However, Windows 8 has a big brother. Whereas the jury is still out on whether or not Windows 8 will gain enterprise traction, its big brother, Windows Server 2012, is a heavyweight that brings with it new capabilities that make the adoption decision much easier.
From an enterprise perspective, it’s obvious that Windows Server 2012 has a clear target customer: business. After all, it’s a server product that doesn’t need to satisfy anyone in the consumer space. And, Windows Server 2012 is a powerhouse.
For CIOs, one item to note is that Microsoft has simplified Windows Server licensing a bit. First off, for the enterprise, there are now just two editions of Windows Server: Standard and Datacenter. The Enterprise edition is history. Further, whereas the Standard edition used to carry fewer features (i.e. clustering) and had lower hardware limits, the two editions now are identical from a features and capabilities perspective. The key difference between the two revolves around virtualization. With the Standard edition, you are allowed to run the host plus two Windows additional virtual machines on that host. With the Datacenter edition, you are allowed to run the host and an unlimited number of Windows instances.
If you’d like to learn more about the licensing changes in Windows Server 2012, including the additional two editions that are targeted at smaller environments, read my article Windows Server 2012 editions: What you need to know here at TechRepublic.
New DR capabilities with Hyper-V Replica
I’m going to discuss the new Hyper-V later, but I wanted to call out one specific new feature that is a boon for cost-effective disaster recovery: Hyper-V Replica. To start, I don’t see Replica as a replacement for high-end disaster recovery tools. Instead, I see it as a way for the SMB to achieve some semblance of disaster recovery for critical business applications without having to incur a massive cost. There remain many, many SMBs that do not have disaster recovery processes and procedures in place and this is due, in large part, to the perceived cost and complexity of such undertakings. After all, when you boil it down, DR is insurance and is a part of risk management. Organizations must answer the “how much insurance should I buy?” question. I see Hyper-V Replica as being well-positioned to allow these kinds of organizations to take essential steps to protecting key systems and in testing the broader DR waters.
ZDnet’s Mary Jo Foley has provided a fantastic overview of Hyper-V Replica in an article entitled One of Windows Server 2012’s secret weapons: Hyper-V Replica, written by Aidan Finn.
For the CIO looking for ways to implement or improve DR, Hyper-V along with the Hyper-V Replica might be one possible answer and it’s included in Server 2012 at no additional charge.
New Dynamic Access Control improves security and policy compliance
Data leakage and security are significant problems for many organizations, particularly as more data is stored in more locations and accessed from more devices than ever before. As has always been the case, organizations need to have reliable ways to protect their data, from deciding who has what level of access to understanding who actually accessed specific information. Not all organizations will need all such features, but it’s important for the ability to be there.
Windows Server 2012 introduces a feature Microsoft calls Dynamic Access Control. DAC adds a centralized access and authorization layer to systems that enhances the level of control that an organization can exercise over its information assets. Specifically, a number of enhancements have been made to Windows Server 2012.
Addition of centralized access policies
If you think about today’s file servers, you have two sets of permissions: share permissions and NTFS permissions. Users are allowed access to information based on the most restrictive set of permissions when a resource is accessed over the network. For example, if a user has Full Control NTFS permissions but only has Read share permissions, the Read rights win out.
However, such permissions need to be set on each server.
Centralized access policies provide what Microsoft considers to be a safety net across the environment. It also adheres to the principle of least permission. So, if a user has all of the local rights necessary to access a resource, but a central policy forbids such access, the user will be denied access.
Addition of central audit policies
Understanding who has access to what and controlling that access is critical in today’s heavily regulated environment. It’s also important to know who has attempted to access certain pieces of information. For example, with Dynamic Access Control, an audit policy can be created that indicates vendors who have attempted to access project files for projects outside their scope.
The use of Dynamic Access Control requires deployment of Windows Server 2012-based file servers and domain controllers. DAC is more than just a role; it’s a function that spans the Windows system.
These are just three features in Windows Server 2012 that will be of interest to many CIOs charged with paying for Windows, maintaining DR sites and holding responsibility for information security.