IT halduse lihtsustamiseks on lisandunud mitmeid mõnusaid uuendusi. Andres Nurk rääkis põhilisematest nagu: Windows Server 2016, Windows 10 E3, ATP, OMS. Uuenduste tuules on muutunud ka WinServeri litsentsimine. Aleksei Räim andis kiire ülevaate, mida peab silmas pidama.
2. IT is being pulled in two directions
Support business agility and
innovation
Provide secure,
controlled IT resources
By 2017, 50% of total IT spending will be
spent outside of the formal IT organization*
*Source: Gartner Group, 2016
7. Typical administrator
Protecting privileged credentials
Ben Mary Jake Admin
Domain
admin
Just Enough and Just in Time administration
Capability
Time
Credential Guard
Prevents Pass-the-Hash and Pass-the-Ticket attacks
by protecting stored credentials through
virtualization-based security.
Remote Credential Guard
Works in conjunction with Credential Guard
for RDP sessions to deliver Single Sign-On (SSO),
eliminating the need to pass credentials to the RDP host.
Just Enough Administration
Limits administrative privileges to the bare-minimum
required set of actions (limited in space).
Just-in-Time Administration
Provides privileged access through a workflow
that is audited and limited in time.
Capability and
time needed
8. Features to help protect virtual machines
Shielded Virtual Machines
Use BitLocker to encrypt the disk and state
of virtual machines protecting secrets from
compromised admins and malware.
Host Guardian Service
Attests to host health releasing the keys
required to boot or migrate a Shielded
VM only to healthy hosts.
Generation 2 VMs
Supports virtualized equivalents of
hardware security technologies (e.g., TPMs)
enabling BitLocker encryption for Shielded
Virtual Machines.
Hyper-V
Virtual machine
Computer room
Building perimeter
Physical machine
Hyper-V
Shielded virtual
machine
*
`
11. Capability
Windows Server 2012/2012 R2
Standard and Datacenter
Windows Server 2016
Standard and Datacenter
Physical (Host)
Memory Support
Up to 4 TB per
physical server
Up to 24 TB per
physical server (6x)
Physical (Host) Logical
Processor Support
Up to 320 LPs Up to 512 LPs
Virtual Machine
Memory Support
Up to 1 TB
per VM
Up to 12 TB
per VM (12x)
Virtual Machine Virtual
Processor Support
Up to 64
VPs per VM
Up to 240 VPs
per VM (3.75x)
Windows Server 2016 Hyper-V scalability
12. Increase reliability with cluster enhancements
Cluster OS Rolling Upgrade
Upgrade your fabric to Windows Server 2016,
without downtime to workloads running on
Hyper-V virtual machines.
Mixed OS Mode cluster
Provides ability for Windows Server 2012 R2
cluster nodes to operate with Windows Server
2016 nodes.
VM resiliency
Designed for cloud-scale environments, this helps
preserve VM session state in the event of transient
storage or network disruptions.
Fault domain-aware clusters
Enhances key operations during cluster lifecycle
such as failover behavior, placement policies,
heartbeating between nodes, and quorum
behavior.
13. Nano Server installation option
Just enough OS
Third-party
applications
RDS experience
Existing VM
workloads
Provides higher density,
reduced attack surface and
servicing requirements
Ideal for reducing datacenter
footprint
•
Ideal for next generation app
development
•
•
14. Complete software-defined storage solution
Storage Replica
Create affordable business
continuity and disaster recovery
among datacenters.
Storage Quality of Service
Prevent noisy neighbors from
impacting high priority workloads
with a Storage QoS policy.
Storage Spaces Direct
Use standard servers with local
storage to build highly available
and scalable software-defined
storage.
Site 1 Site 2
15. Converged solution
On-premises disaggregated solution
Scale components separately
in this model.
Simultaneous scaling is possible
when compute (Hyper-V) and storage
components (Storage Spaces Direct)
reside on the same cluster.
Hyper-converged
Scale compute, storage simultaneously
Storage Software
SMB3
Virtual
machines on
Hyper-V host
Scale-out
file server
Storage Software
Virtual
Machines
Scale-out
file server
Storage Software
18. Introducing containers for Windows Server
Containers
Traditional virtual machines = hardware virtualization
VM VM VM
Applications
Kernel
= Operating system virtualization
Container Container Container
Windows Server containers
Maximum speed and density
Container Container Container
Hyper-V containers
Isolation plus performance
Container Container Container
19. Operations collaborates with
developers to provide app metrics
and insights.
Physical/Virtual Servers
Operations automates deployment
and monitors deployed apps from
central repository.
Developers push containers
to central repository.
Developers build, test and
update apps in containers, using
development environment;
i.e., Visual Studio.
Containers are central to DevOps process
20. Ready for
the cloud
Improve IT efficiency
& productivity
Safeguard your
business
Just in Time & Just Enough
Administration
Windows Defender for malware
protection
Trusted/Secure boot
Shielded Virtual Machines
Host Guardian Services
Enhanced Containers
Stretch Clusters
Rolling Cluster OS upgrades
Storage Spaces Direct
Storage Replica
Storage Quality of Service
Remote Desktop Services
Encrypted Virtual Machines and
Containers
Azure Backup, Azure Storage,
Azure Site Recovery1
Azure Active Directory1
RSMT Azure Remote Server
Management Tools1
Operations Manager Suite1
21. Unlimited Windows Server containers
Nano Server as deployment option
Unlimited VMs
Unlimited Hyper-V containers
Storage features including: Storage
Replica & Storage Spaces Direct
New Networking Stack
Shielded VMs and Host Guardian
Service
2 VMs
2 Hyper-V containers**
Essentials Edition
25 users / 50 devices
No server CALs required
1 physical or virtual*
Must be root of domain
Workgroup / Standard
Procs 1 / 2
RAM 32GB / 12TB
SMB links 250 / Unlimited
Max Users 50 / Unlimited
Disk number 6 / Unlimited
Enterprise class technology to drive any sized business
Basic functionality of Windows Server Core functionality of Windows Server
Unlimited, based on CALsUnlimited, based on CALs
24. Private clouds
(Azure Stack, Hyper-V, VMware, OpenStack)
Windows
Server
(Guest)
Windows
Server
(Guest)
Windows
Server
(Guest)
Windows
Server
(Guest)
Linux
(Guest)
Operations
Management Suite
25. A single portal for all your
management tasks. No infrastructure
to maintain.
It’s simple
Onboard fast. No content to create.
Connects to your on-premises
datacenter.
Time to value
Add new servers, or connect to your
existing management tools within
minutes.
Easy to integrate
Manage workloads across Windows
and Linux, hybrid and public clouds,
Azure and AWS.
Hybrid and open
Complements your System Center
investment to unleash new
management scenarios.
Extend System Center
26. Gain visibility across your
hybrid enterprise cloud
Log analytics Automation
Orchestrate complex and
repetitive operations
Availability
Increase data protection
and application availability
Security
Help secure your
workloads, servers, and
users
28. Pay as you
go
Simplified ITBest-in-class
security
Does your business process sensitive data, operate in a
regulated industry, or develop software in-house? Or is your
business publicly traded? If so, get the increased security,
controls and IT support that you need with Windows 10
Enterprise E3. Delivered as a cloud service and managed by
your Microsoft Partner.
29. Microsoft empowers your users with best-in-class productivity across devices while providing IT
security & control.
Windows
Enterprise E3
Enterprise
Mobility Suite
Office 365
These products can help your organization grow and stay
agile while controlling costs with:
Value:
save by licensing
users instead of
devices
Manageability:
eliminate the need to
count devices, for
easier purchasing
and compliance
Flexibility:
scale up or down
depending on your
needs with no need
to commit up front
30. New Per User Licensing Model:
• Simple and consistent license management based on users,
eliminating the need for device counting
• Easier to stay compliant
• Re-assign licenses as needed
• Align the management of your device licenses with other cloud-
based services, such as Office 365
Windows Enterprise with
Software Assurance
x86 PC/Mac
Per Device (Traditional Model)
Deployed on the desktop
Windows 10 Enterprise E3
x86 PC/Tablet PC/Mac Tablet/Phone/Chromebook
(RT/WinPhone/iOS/Android)
Per User (New Model)
Deployed in the cloud
31. Enterprise-grade security
Windows Hello*
Windows Information Protection (to be delivered in the future)
BitLocker
Credential Guard
Device Guard
AppLocker Management
Managed User Experience
Deployment flexibility and enhanced controls
Dynamic Provisioning
Current Branch for Business
Mobile Device Management
Azure Active Directory Domain Join
Domain Join and Group Policy
Windows Store for Business
Windows Update
Windows Update for Business
Client Hyper-V
Remote Desktop
App-V
UE-V
Branch Cache
Direct Access
Telemetry
COIN
Simplified licensing
Subscription-based Access
Per-User Licensing
Central Partner Portal
Cloud-based Provisioning
Partner-managed IT
Additionalprotection,
flexibility,andcontrol
Pro Enterprise
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H
H