Docsity
Docsity

Prepare for your exams
Prepare for your exams

Study with the several resources on Docsity


Earn points to download
Earn points to download

Earn points by helping other students or get them with a premium plan


Guidelines and tips
Guidelines and tips

WIndows Server 2016 Technical Feature Comparison DETAILED, Study Guides, Projects, Research of Computer Science

Windows_Server_2016_Technical_Feature_Comparison_DETAILED

Typology: Study Guides, Projects, Research

2016/2017

Uploaded on 09/25/2017

karthirk2k7
karthirk2k7 🇮🇳

3 documents

1 / 59

Toggle sidebar

This page cannot be seen from the preview

Don't miss anything!

bg1
©
2016 Microsoft Corporation. All rights reserved. This document is for informational purposes only. Micro soft makes no warranties express or implied, with respect to the
information presented here .
Contents
How to use this comparison guide ............................................................................................................................................................................................... 2
Windows Server 2016 The cloud-ready operating system .............................................................................................................................................. 2
Windows Server 2016 editions ....................................................................................................................................................................................................... 3
Azure Hybrid Use Benefit .................................................................................................................................................................................................................. 4
Security ..................................................................................................................................................................................................................................................... 4
Identity ................................................................................................................................................................................................................................................... 10
Compute ................................................................................................................................................................................................................................................ 15
Storage ................................................................................................................................................................................................................................................... 20
Networking ........................................................................................................................................................................................................................................... 25
Virtualization ........................................................................................................................................................................................................................................ 34
High availability .................................................................................................................................................................................................................................. 43
Management and automation ...................................................................................................................................................................................................... 46
Remote Deskto p Services (RDS) ................................................................................................................................................................................................... 51
Application development ............................................................................................................................................................................................................... 54
Take the next step. Learn more at http://www.microsoft.com/WindowsServer2016
Technical Feature
Comparison
Guide
Windows Server 2016, Windows Server 2012 R2
,
and Windows Server 2008 R
2
pf3
pf4
pf5
pf8
pf9
pfa
pfd
pfe
pff
pf12
pf13
pf14
pf15
pf16
pf17
pf18
pf19
pf1a
pf1b
pf1c
pf1d
pf1e
pf1f
pf20
pf21
pf22
pf23
pf24
pf25
pf26
pf27
pf28
pf29
pf2a
pf2b
pf2c
pf2d
pf2e
pf2f
pf30
pf31
pf32
pf33
pf34
pf35
pf36
pf37
pf38
pf39
pf3a
pf3b

Partial preview of the text

Download WIndows Server 2016 Technical Feature Comparison DETAILED and more Study Guides, Projects, Research Computer Science in PDF only on Docsity!

© 2016 Microsoft Corporation. All rights reserved. This document is for informational purposes only. Microsoft makes no warranties express or implied, with respect to the information presented here.

Contents

How to use this comparison guide ............................................................................................................................................................................................... 2

Windows Server 2016 – The cloud-ready operating system .............................................................................................................................................. 2

Windows Server 2016 editions ....................................................................................................................................................................................................... 3

Azure Hybrid Use Benefit .................................................................................................................................................................................................................. 4

Security ..................................................................................................................................................................................................................................................... 4

Identity ................................................................................................................................................................................................................................................... 10

Compute ................................................................................................................................................................................................................................................ 15

Storage ................................................................................................................................................................................................................................................... 20

Networking ...........................................................................................................................................................................................................................................

Virtualization ........................................................................................................................................................................................................................................

High availability ..................................................................................................................................................................................................................................

Management and automation ......................................................................................................................................................................................................

Remote Desktop Services (RDS)...................................................................................................................................................................................................

Application development ...............................................................................................................................................................................................................

Take the next step. Learn more at http://www.microsoft.com/WindowsServer

Technical Feature

Comparison Guide

Windows Server 2016, Windows Server 2012 R2,

and Windows Server 2008 R

How to use this comparison guide

This feature comparison guide compares selected features of Microsoft Windows Server 2008 R2, Windows Server 2012 R2, and Windows Server 2016. Its goal is to help customers understand the differences between the version they are running today and the latest version available from Microsoft.

The comparison table includes comments about each feature, as well as notation about how well each feature is supported in each release. The legend for this notation is given in the table below.

Level of feature support

Feature name

Not Supported

Partially Supported

Fully Supported

Feature description

Windows Server 2016 – The cloud-ready operating system

Windows Server 2016 is the cloud-ready operating system that delivers new layers of security and Azure-inspired innovation for the applications and infrastructure that power your business. Increase security and reduce business risk with multiple layers of protection built into the operating system. Evolve your datacenter to save money and gain flexibility with software-defined datacenter technologies inspired by Microsoft Azure. Innovate faster with an application platform optimized for the applications you run today as well as the cloud-native apps of tomorrow.

Built-in security

Windows Server 2016 includes built-in breach resistance to help thwart attacks on your systems and meet compliance goals. Even if someone finds a way into your environment, the layers of security built into Windows Server 2016 limit the damage they can cause and help detect suspicious activity.

  • Help prevent risks associated with compromised administrative credentials. Use new privileged identity management features to limit administrative access by enabling “just enough” and “just-in-time” administration capabilities. Use Credential Guard to prevent administrative credentials from being stolen by Pass-the-Hash attacks.
  • Protect your virtual machines using the unique Shielded Virtual Machine feature. A shielded VM is encrypted using BitLocker and can only run on approved hosts.
  • Protect against unknown vulnerabilities by ensuring only permitted binaries are executed using additional security features such as Control Flow Guard and Device Guard as well as Windows Defender optimized for server roles.
  • Use Hyper-V containers for a unique additional layer of isolation for containerized applications.

Software-defined infrastructure

Datacenter operations are struggling to reduce costs while handling more data traffic. New applications stretch the operational fabric and create infrastructure backlogs that can slow business. Windows Server 2016 delivers a more flexible and cost-efficient operating system for datacenters, using software-defined compute, storage, and network virtualization features inspired by Azure.

Resilient compute

Run your datacenter with a highly automated, resilient, virtualized server operating system.

  • Reduce your datacenter footprint, increase availability, and reduce resource usage with “just enough” OS using the Nano Server installation option, with an image that is 25x smaller than the Windows Server 2016 Server with Desktop Experience installation option.
  • Upgrade infrastructure clusters to Windows Server 2016 with zero downtime for your Hyper-V or Scale-out file server workloads, and without requiring new hardware, using Mixed OS Mode cluster upgrades.

For the Standard and Datacenter editions, there are three installation options:

  • Server Core : The Server Core installation option removes the client UI from the server, providing an installation that runs the majority of the roles and features on a lighter install. Server Core does not include MMC or Server Manager, which can be used remotely, but does include limited local graphical tools such as Task Manager as well as PowerShell for local or remote management.
  • Nano Server : The Nano Server installation option provides an ideal lightweight operating system to run “cloud-native” applications based on containers and micro-services. It can also be used to run an agile and cost-effective datacenter host with a dramatically smaller OS footprint. Because it is a headless installation of the Windows Server, management is done remotely via PowerShell Core, the web-based Server management tools,, or existing remote management tools such as MMC.
  • Server with Desktop Experience : The Server with Desktop Experience installation option provides an ideal user experience for those that need to run an app that requires local UI or for Remote Desktop Services Host. This option has the full Windows client shell and experience, consistent with Windows 10 Anniversary edition Long Term Servicing Branch (LTSB), with the server Microsoft Management Console (MMC) and Server management tools available locally on the server.

Azure Hybrid Use Benefit

When you are ready to transition workloads to the public cloud, you can leverage your existing investment in Windows Server. The Azure Hybrid Use Benefit lets you bring your on-premises Windows Server license with Software Assurance to Azure. Rather than paying the full price for a new Windows Server virtual machine, you will only pay the base compute rate. More information can be found at http://azure.microsoft.com/en-us/pricing/hybrid-use-benefit/.

Security

Windows Server 2016 delivers layers of protection that help address emerging threats and meet your compliance needs, making Windows Server 2016 an active participant in your security defenses. These include the new Shielded Virtual Machine feature that protects VMs from attacks and compromised administrators in the underlying fabric, extensive threat resistance components built into the Windows Server 2016 operating system and enhanced auditing events that will help security systems detect malicious activity.

Shielded Virtual Machines

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Shielded Virtual Machines and Guarded Fabric help provide hosting service providers and private cloud operators the ability to offer their tenants a hosted environment where protection of tenant virtual machine data is strengthened against threats from compromised storage, network and host administrators, and malware. For example: If you are running your domain controllers or sensitive SQL databases as a virtual machine, you would want to shield them from fabric attacks.

A Shielded Virtual Machine is a generation 2 VM (supports Windows Server 2012 and later) that has a virtual TPM, is encrypted using BitLocker and can only run on healthy and approved hosts in the fabric. You can configure to run a Shielded Virtual Machine on any Hyper-V host. For the highest levels of assurance, the host hardware requires TPM 2.0 (or later) and UEFI 2.3.1 (or later).

Credential Guard

2008 R 2012 R 2016

Credential Guard helps prevent pass the hash attacks by utilizing virtualization-based security to credential artifacts from administrators.. Credential Guard offers better protection against advanced persistent threats by protecting credentials on the system from being stolen by a compromised administrator or malware.

Credential Guard can also be enabled on Remote Desktop Services servers and Virtual Desktop Infrastructure so that the credentials for users connecting to their sessions are protected.

Remote Credential Guard

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Remote Credential Guard helps you protect your credentials over a Remote Desktop connection by redirecting the Kerberos requests back to the device that's requesting the connection. It also provides single sign on experiences for Remote Desktop sessions. If the target device is compromised, your credentials are not exposed because both credential and credential derivatives are never sent to the target device.

Device Guard

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Device Guard uses Virtualization Based Security to ensure that only allowed binaries can be run on the system. If the app or driver isn’t trusted, it can’t run.

Device Guard can also help protect Remote Desktop Services to lock down what applications can run within the user sessions.

AppLocker

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

AppLocker can help you protect the digital assets within your organization, reduce the threat of malicious software being introduced into your environment, and improve the management of application control and the maintenance of application control policies. AppLocker and Device Guard can be used in tandem to provide a wide set of software restriction policies that meets your operational needs.

Privileged Access: Just Enough

Administration

2008 R 2012 R 2016

Administrators should only be able to perform their role and nothing more. For example: A file server administrator can restart services, but should not be able to browse the data on the server.

Just Enough Administration (JEA) provides a role based access platform through PowerShell. It allows specific users to perform specific adminstrative tasks on servers without giving them administrator rights.

JEA is built into Windows Server 2016 and you can also use WMF 5.0 to take advantage of JEA on Windows Server 2008 R2 and higher.

Privileged Access: Just-in-Time

Administration

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

The concept of Just-in-Time Administration helps transform administration privileges from perpetual administration to time-based administration. When a user needs to be an administrator, they go through a workflow that is fully audited and provides them with administration privilege for a limited time by adding them to a time-based security group and automatically removing them after that period of time has passed.

The deployment of Just-in-Time Administration includes creating an isolated administration forest, where the controlled administrator accounts will be managed.

Virtualization Based Security

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Virtualization Based Security (VBS) is a new protected environment that provides isolation from the running operating system so that secrets and control can be protected from compromised administrators or malware. VBS is used by Device Guard to protect kernel code, Credential Guard for credential isolation and Shielded VMs for the virtual TPM implementation.

Virtual TPM: Trusted Platform

Module

2008 R 2012 R 2016

Implemented in Windows Server 2016 Hyper-V, a Generation 2 virtual machine (Windows Server 2012 and later) can now have its own Virtual TPM so that it can use it as a secure crypto-processor chip. The virtual TPM is a new synthetic device that provides TPM 2.0 functionality.

Virtual TPM does not require a physical TPM to be available on the Hyper-V host, and its state is tied to the VM itself rather than the physical host it was first created on so that it can move with the VM. VMs with a virtual TPM can run on a guarded fabric.

The Shielded VM functionality uses the Virtual TPM for BitLocker encryption.

Client machines running on Virtual Desktop Infrastructure can now use a vTPM as well.

BitLocker encryption

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Windows BitLocker drive encryption provides better data protection for your computer, by encrypting all data stored on the Windows operating system volume and/or data drives.

SMB 3.1.1 security improvements

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Security improvements to SMB 3.1.1 include pre-authentication integrity and SMB encryption improvements.

Pre-authentication integrity provides improved protection from a man-in-the-middle attacker tampering with SMB’s connection establishment and authentication messages. Pre-Auth integrity verifies all the “negotiate” and “session setup” exchanges used by SMB with a strong cryptographic hash (SHA-512). If your client and your server establish an SMB 3.1. session, you can be sure that no one has tampered with the connection and session properties.

SMB 3.1.1 offers a mechanism to negotiate the crypto algorithm per connection, with options for AES-128-CCM and AES- 128-GCM.

PowerShell 5.1 security features

2008 R 2012 R 2016

There are several new security features included in PowerShell 5. 1. These include: Script block logging, Antimalware Integration, Constrained PowerShell and transcript logging.

PowerShell 5.1 is also available for install on previous operating systems starting from Windows Server 2008 R2 and on.

Identity

Identity is the new control plane to secure access to on-premises and cloud resources. It centralizes your ability to control user and administrative privileges, both of which are very important when it comes to protecting your data and applications from malicious attack. At the same time, our users are more mobile than ever, and need access to computing resources from anywhere.

Active Directory Domain Services

Active Directory Domain Services (AD DS) stores directory data and manages communication between users and domains, including user logon processes, authentication, and directory searches. An Active Directory domain controller is a server that is running AD DS.

New domain services capabilities

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

New in Windows Server 2016:

  • Privileged Access Management. This capability, which allows organizations to provide time-limited access to administrator accounts, is described in the Security section of this document.
  • Azure Active Directory Join. There are enhanced identity experiences when devices are joined to Azure Active Directory. These include applying Modern settings to corporate-owned workstations, such as access to the Windows Store with corporate credentials, live tile and notification settings roaming, and backup/restore.
  • Microsoft Passport. Active Directory Domain Services now supports desktop login from Windows 10 domain joined devices with Microsoft Passport. Microsoft Passport offers stronger authentication than password authentication with device specific and TPM protected credentials.

Active Directory Federation Services

Active Directory Federation Services (AD FS) is a standards-based service that allows the secure sharing of identity information between trusted business partners (known as a federation) across an extranet. The service builds on the extensive AD FS capabilities available in the Windows Server 2012 R2 timeframe. Key enhancements to AD FS in Windows Server 2016 include better sign-on experiences, smoother upgrade and management processes, conditional access, and a wider array of strong authentication options, are described in the topics that follow.

Better sign-on to Azure AD and

Office 365

2008 R 2012 R 2016

One of the most common usage scenarios for AD FS continues to be providing sign-on to Office 365 and other Azure AD based applications using your on-premises Active Directory credentials.

AD FS extends hybrid identity by providing support for authentication based on any LDAP v3 compliant directory, not just Active Directory. This allows you to enable sign in to AD FS resources from:

  • Any LDAP v3 compliant directory including AD LDS and third party directories.
  • Un-trusted or partially trusted Active Directory domains and forests.

Support for LDAP v3 directories is done by modeling each LDAP directory as a “local” claim that providers trust. This enables the following admin capabilities:

  • Restrict the scope of the directory based on OU.
  • Map individual attributes to AD FS claims, including login ID.
  • Map login suffixes to individual LDAP directories.
  • Augment claims for users after authentication by modifying claim rules.

Improved sign-on experience

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

AD FS now allows for customization of the sign-on experience. This is especially applicable to organizations that host applications for a number of different customers or brands. With Windows Server 2016, you can customize not only the messages, but images, logo and web theme per application. Additionally, you can create new, custom web themes and apply these per relying party.

Users on Windows 10 devices and computers will be able to access applications without having to provide additional credentials , just based on their desktop login, even over the extranet.

Strong authentication options

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

AD FS in Windows Server 2016 provides more ways to authenticate different types of identities and devices. In addition to the traditional Active Directory based logon options (and new LDAP directory support), you can now configure device authentication or Azure MFA as either primary or secondary authentication methods.

Using either the device or Azure Multi-Factor Authentication (MFA) methods, you can create a way for managed, compliant, or domain joined devices to authenticate without the need to supply a password, even from the extranet. In addition to seamless single sign-on based on desktop login, Windows 10 users can sign-on to AD FS applications based on Microsoft Passport credentials, for a more secure and seamless way of authenticating both users and devices.

Seamless sign-on from Windows 10 and Microsoft Passport

2008 R 2012 R 2016

Domain Join in Windows 10 has been enhanced to provide integration with Azure AD, as well as stronger and more seamless Microsoft Passport based authentication. This provides the following benefits after being connected to Azure AD:

  • SSO (single-sign-on) to Azure AD resources from anywhere.
  • Strong authentication and convenient sign-in with Microsoft Passport and Windows Hello.

AD FS in Windows Server 2016 provides the ability to extend the above benefits and device policies to on-premises resources protected by AD FS.

Developer focus

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

AD FS for Windows Server 2016 builds upon the Oauth protocol support to enable the most current and industry standard-based authentication flows among web apps, web APIs, browser and native client-based apps. In Windows Server 2016, the following additional protocols and features are supported:

  • OpenId Connect support.
  • Additional Oauth authorization code grant types. o Implicit flow (for single page applications). o Resource Owner password (for scripting apps).
  • Oauth confidential clients (clients capable of maintaining their own secret, such as app or service running on web server)
  • Oauth confidential client authentication methods: o Symmetric (shared secret / password). o Asymmetric keys. o Windows Integrated Authentication (WIA).
  • Support for “on behalf of” flows as an extension to basic Oauth support.

Registering modern applications has also become simpler using AD FS in Windows Server 2016. Now instead of using PowerShell to create a client object, modeling the web API as an RP, and creating all of the authorization rules, you can use the new Application Group wizard.

Active Directory Lightweight Directory Services (AD LDS)

AD LDS is a Lightweight Directory Access Protocol (LDAP) directory service that provides flexible support for directory-enabled applications, without the dependencies that are required for Active Directory Domain Services (AD DS). AD LDS provides much of the same functionality as AD DS, but it does not require the deployment of domains or domain controllers.

Active Directory Lightweight Directory Services

2008 R 2012 R 2016

There are no significant enhancements to AD LDS in Windows Server 2016.

Existing capabilities that continue to be offered in AD LDS include:

  • Role support for Server Core installations.
  • Ability to back up and restore databases to an existing AD LDS instance.
  • Ability to concurrently run multiple instances of AD LDS on a single computer with an independently managed schema for each AD LDS instance.

Web Application Proxy

The Web Application Proxy is a Windows Server service that allows for secure publishing of internal resources to users on the Internet.

Web Application Proxy

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Web Application Proxy supports new features including pre-authentication support with AD FS for HTTP Basic applications such as Exchange Active Sync. Additionally, certificate authentication is now supported.

The following new features build on the existing application publishing capabilities found in the Web Application Proxy:

Pre-authentication for HTTP basic application publishing: HTTP Basic is the authorization protocol used by many protocols, including ActiveSync, to connect rich clients, including smartphones, with your Exchange mailbox. Web Application Proxy traditionally interacts with AD FS using redirections which is not supported on ActiveSync clients.

This new version of Web Application Proxy provides support to publish an app using HTTP basic by enabling the HTTP app to receive a non-claims relying party trust for the application to the Federation Service. For more information on HTTP basic publishing, see Publishing Applications using AD FS Pre-authentication

  • Wildcard Domain publishing of applications: To support scenarios such as SharePoint 2013, the external URL for the application can now include a wildcard to enable you to publish multiple applications from within a specific domain, for example, https://*.sp-apps.contoso.com. This will simplify publishing of SharePoint apps.
  • HTTP to HTTPS redirection: In order to make sure your users can access your app, even if they neglect to type HTTPS in the URL, Web Application Proxy now supports HTTP to HTTPS redirection.
  • Publishing of Remote Desktop Gateway Apps: For more information on RDG in Web Application Proxy, see Publishing Applications with SharePoint, Exchange and RDG
  • New debug log: for better troubleshooting and improved service log for complete audit trail and improved error handling. For more information on troubleshooting, see Troubleshooting Web Application Proxy
  • Administration Console UI improvements
  • Propagation of client IP address to backend applications

Nano Server OS capabilities

2008 R 2012 R 2016

Nano Server is available in Windows Server 2016 for:

  • Physical machines
  • Virtual machines
  • Hyper-V containers
  • Windows Server containers

Nano Server supports the following included optional roles and features:

  • Hyper-V, including container and shielded VM support
  • Datacenter Bridging
  • Defender
  • DNS Server
  • Desired State Configuration
  • Clustering
  • IIS
  • System Center Virtual Machine Manager
  • Secure Startup
  • Scale-out file server, including Storage Replica, MPIO, iSCSI initiator, Data deduplication

All supported optional roles and features can be installed either offline, by injecting it into a Nano Server image, or online, when Nano Server is running. To enable the fastest possible time from instantiating a new Nano Server instance to the point where a role or feature is up and running, the recommended approach is to inject the role or feature into the offline Nano Server image. The Nano Server roles and features are not included in the image, instead they are separate packages in order to minimize the footprint when Nano Server is deployed – any roles and feature not used are not in the image or consuming disk space.

Nano Server is not listed in Setup. Instead, there is a Nano Server folder on the media with a Nano Server WIM file and a packages folder. Included with Nano Server is a PowerShell module that can be used to create and configure a Nano Server image, including adding drivers, roles, and features to a Nano Server image.

Nano Server can join an Active Directory domain, but does not support Group Policy. To apply policy at scale, Nano Server supports DSC.

Nano Server does not have a local user interface, all management of Nano Server must be done remotely using PowerShell, MMC snap-ins, the new web-based Server management tools, or other remote management tools. Nano Server includes PowerShell Core and set of cmdlets as well as WMIv1 and WMIv2 providers for remote management and automation. The exception to no local user interface is the Nano Server Recovery Console. If keyboard and video access (locally, vmconnect, or BMC) is available there is a text mode logon that provides a simple menu to repair the network configuration. This is provided in case the network is misconfigured remotely and the remote management tools can no longer connect, the network can be repaired instead of redeploying.

Nano Server Hyper-V

2008 R 2012 R 2016

The Windows Server 2016 Hyper-V role can be installed on a Nano Server; this is a key Nano Server role, shrinking the OS footprint and minimizing reboots required when Hyper-V is used to run virtualization hosts. Nano server can be clustered, including Hyper-V failover clusters.

Hyper-V works the same on Nano Server as it does in Windows Server 2016, aside from a few caveats:

  • All management must be performed remotely, using another Windows Server 2016 computer. The Hyper-V Manager or PowerShell can be used from the remote server.
  • RemoteFX is not available.

Nano Server Storage Server

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Nano Server can run the Windows file server role, which works the same as it does on a full deployment of Windows Server 2016. The same management restrictions apply – all management must be performed remotely through PowerShell or management consoles.

Nano Server can also use Multi-Path IO for disk throughput and redundancy, and the file server role can also be joined to a failover cluster in Nano Server. In addition, there is full iSCSI support and Windows Server 2016 data deduplication can be used to conserve disk space. The combination of these features make Nano Server an excellent candidate for use as a scale-out file server cluster, which can back a Hyper-V private cloud using a low-footprint, lower-maintenance OS.

Nano Server also supports the new Storage Server capabilities introduced in Windows Server 2016, such as Storage Replica. For more details on these, see the Storage Server section below.

IIS on Nano Server

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

A subset of IIS 10.0 is supported on Nano Server in Windows Server 2016 with support for ASP.NET Core.

  • Individual IIS features can be added to a Nano Server installation of IIS 10 using DISM.exe, PowerShell IISAdministration module commands (remotely) or AppCmd.exe utility (remotely).
  • Web sites and related configuration tasks like binding HTTPS certificates can be performed using PowerShell or remote command-line tools. For the list of functionality supported on Nano Server, see http://technet.microsoft.com/en-us/windows-server- docs/compute/nano-server/iis-on-nano-server

Linux Secure Boot

2008 R 2012 R 2016

Linux operating systems running on generation 2 virtual machines can now boot with the Secure Boot option enabled.

Support Linux versions include: Ubuntu 14.04 and later, SUSE Linux Enterprise Server 12 and later, Red Hat Enterprise Linux 7.0 and later, and CentOS 7.0 and later.

PowerShell Desired State

Configuration for Linux

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

PowerShell Desired State Configuration (DSC) enables you to declaratively specify the configuration of your server, and PowerShell DSC will “make it so.” Originally released for Windows, PowerShell DSC is now available for your Linux servers, using the same declarative syntax.

PowerShell on Linux and

Mac OS X

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

See the Management and Automation section for details on this exciting new capability for Linux and Mac OS X.

Hot add and remove for network

adapters

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

You can now add or remove a network adapter while the virtual machine is running, without incurring downtime. This works for generation 2 virtual machines that run either Windows or Linux operating systems.

Manual hot add and remove

memory

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

You can now add or remove memory assigned to a virtual machine while the virtual machine is running, without incurring downtime. The “add” or “remove” operation is performed by an IT administrator, and is separate from “Dynamic Memory” functionality, where Hyper-V automatically adds or removes memory from guests in order to meet varying memory demand over time. Manual hot add and remove works for virtual machines that run either Windows or Linux operating systems.

Discrete Device Assignment

2008 R 2012 R 2016

You can now map some PCI Express devices attached to the Hyper-V host, and map them directly into the address space of a Windows or Linux guest. Applications and libraries running in user space in the guest can directly access the device. For example, Discrete Device Assignment (DDA) can be used to map a physical GPU into a Linux guest so that a High Performance Computing (HPC) application can use it for high-speed computation.

SR-IOV support for Linux Guests

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

SR-IOV is now available for Linux guests, just as it is available for Windows guests. When using physical NICs in the Hyper- V host that are SR-IOV capable, Linux guests can directly access NIC functions in order to achieve higher performance. Like with Windows guests, Linux guests in a Hyper-V cluster can be live-migrated when using SR-IOV, and will automatically fallback to a normal network path if the target Hyper-V host does not have equivalent SR-IOV capability.

Hyper-V Socket support for Linux

Windows Server 2008 R

Windows Server 2012 R

Windows Server 2016

Hyper-V Sockets provides a secure, general purpose communication channel between Hyper-V host and guest operating systems. Hyper-V Sockets communicates over the VMBus and therefore doesn’t require network connectivity between the guest and the Hyper-V host. Applications communicating over Hyper-V Sockets use standard “sockets” as the programming model, and appear in the Windows and Linux operating systems as a new socket address family type.

Storage

Microsoft offers an industry leading portfolio for building on-premises clouds. We embrace your choice of storage for your cloud – be it traditional SAN/NAS or the more cost-effective software-defined storage solutions using Storage Spaces Direct and Storage Spaces with shared JBODs. In Windows Server 2016, we support hyper-converged infrastructure with Storage Spaces Direct. The Microsoft hyper-converged solution offers the following advantages:

  • Cloud design points and management with standard servers and local storage. It supports modern device types such as SATA and NVMe SSD. Once deployed management tools are available through System Center Virtual Machine Manager (SCVMM), System Center Operations Manager (SCOM) and PowerShell.
  • Reliability, scalability and flexibility: This solution is fault tolerant to drives, servers, or even chassis or rack failures. It scales pools to a large number of drives with simple and fine grained expansion and automatic data rebalancing. VM creation performance and snapshotting has been optimized.
  • Simplifies the datacenter by collapsing storage and compute. The storage area network is no longer necessary with a software service acting as a storage controller.