Security at the OS level
Windows Server 2016 includes built-in breach resistance to help thwart attacks on your systems and meet compliance goals. Even if someone finds a way into your environment, the layers of security built into Windows Server 2016 limit the damage they can cause and help detect suspicious activity.
- Protect your virtual machines. Use the unique Shielded Virtual Machines feature to encrypt your VMs with BitLocker and help ensure they can run only on hosts approved by the Host Guardian Service.
- Help secure admin credentials. Protect admin credentials from Passthe-Hash attacks using Credential Guard and Remote Credential Guard, and control administrator privileges with Just-In-Time Administration and Just Enough Administration, which together help minimize the time and capability granted for specific privileges.
- Protect the operating system. Resist breaches with built-in Control Flow Guard, which helps prevent memory corruption attacks, and Windows Defender, optimized for server roles. Help ensure only trusted software can be run on the server with Device Guard.
- Improve ability to detect attacks. Use advanced auditing capabilities to help detect malicious behavior.
- Isolate applications. Help protect container-based applications with Windows Server containers with Hyper-V isolation, which do not share the host kernel with other containers. Use the distributed firewall, a software-defined networking capability, to control internal and external network traffic to VMs.
“We’re moving towards a world where we don’t need to know where our data is— on-premises or in the cloud. The combination of Storage Spaces Direct, Hyper-V, scale-out flash storage, and SMB3 allows us to focus on functionality rather than location. With Windows Server 2016, migration is no longer a project, just a task.” – Ulf Preisler IT Director Danske Fragtmænd
Evolve your infrastructure
Datacenter operations are struggling to reduce costs while handling more data traffic. New applications stretch the operational fabric and create infrastructure backlogs that can slow business. As organizations push the boundaries of highly virtualized environments, they can use Windows Server 2016 capabilities to meet operational and security challenges, freeing up IT resources to plan a strategy that uses the cloud for future applications and solutions.
Run your datacenter with a highly automated, resilient server operating system.
- Trust your workloads to an enterprise-class hypervisor. You can be confident your workloads will perform on Hyper-V, which Microsoft uses to run hyperscale datacenters around the globe. When needed, you also can easily migrate a Hyper-V workload from on-premises to a Windows Server VM in Azure.
- Upgrade efficiently. Upgrade infrastructure clusters to Windows Server 2016 with zero downtime for your Hyper-V or Scale-out file server workloads, and without requiring new hardware, using Mixed OS Mode cluster upgrades.
- Stay open. Deploy applications on multiple operating systems with best-in-class support for Linux on Hyper-V.
- Automate server management. Use PowerShell and Desired State Configuration to automate routine operations.
- Control Windows servers remotely. Use PowerShell or GUI solutions such as Server Manager or Microsoft Management Console (MMC) tools.
Affordable high-performance storage
Storage systems are critical to the performance of most business applications. But traditional, expensive, manually configured storage systems can prevent organizations from realizing the efficiency benefits of a software-defined datacenter. In contrast, the Azure-inspired, software-defined storage capabilities in Windows Server 2016 use policies and automation to reduce costs and add scale.
- Reduce cost. Build highly available, scalable software-defined storage solutions at a fraction of the price of SAN or NAS. With Storage Spaces Direct, you can use industry-standard servers with local storage, including high speed solid-state drives.
- Create affordable business continuity. Prepare for the worst using Storage Replica synchronous storage replication for disaster recovery among datacenters.
- Prioritize storage resources. Ensure critical applications receive priority access to storage resources using storage Quality of Service (QoS) policies.
“Most of our application portfolio consists of older legacy applications that are cumbersome to update. By moving these applications into Windows Server containers and embracing a microservices architecture, we can break these big applications apart and update the pieces independently. This will reduce customer downtime and increase business agility.” – Stephen Tarmey Chief Architect Tyco International