Best New Features in Windows Server 2022
Windows Server 2022 was released this summer, ready to support production workloads with a host of new features. What’s new in the latest edition of Windows Server? We will take a look.
New network protocols
It’s no surprise that one of Microsoft’s primary goals in Windows Server is performance. Most Windows Server users use it to host critical business applications and services that directly support employees or customers. Either way, time is money, and the platform your critical systems run on must be both stable and efficient.
Microsoft has included notable network improvements in Windows Server 2022. To begin with, the Quick UDP Internet Connection (QUIC) protocol developed by Google has been added and improves UDP connections in several ways, including encryption, reduced latency, reuse of connection, version control. , and extension frames. UDP also gets a bit of love in the form of UDP segmentation offload (USO) and UDP receive-side merge (UDP RSC), each of which shifts a lot of the work to assemble UDP packets from processors and onto machines. network adapters that support protocols.
Server Message Block (SMB) on QUIC has several potential advantages for corporate networks, but perhaps the most intriguing is its ability as a method of secure file access. SMB over QUIC is tunneled by TLS 1.3 using port 443 (HTTPS) rather than port 445 (SMB), and all SMB traffic is contained within the tunnel, which means that no traffic is exposed to the network. Because of these capabilities, SMB over QUIC is a solid option for mobile users or organizations with increased security requirements.
TCP connections are not left out by Windows Server 2022. The HyStart ++ specification helps reduce packet loss when starting the connection, especially in high-speed networks, while RACK detects retry attempts and helps reduce retry waiting times (RTO). Both features are enabled by default in Windows Server 2022.
Storage security and performance
Many Windows Server storage enhancements focus on security without sacrificing performance. These include AES-256 crypto suites for SMB and encryption for high performance network attached storage using SMB Direct and RDMA. These enable encrypted traffic for workloads that require incredibly high performance, such as Storage Spaces Direct, Hyper-V, and Scale-out File Server, among others. Windows Server Datacenter: Azure Edition even supports SMB over QUIC, bringing the ultimate in security, reliability and performance.
SMB compression is a further improvement. It allows a user, administrator, or application to request that files transferred over the network be compressed in transit, eliminating the need to manually create a Zip file before transfer. Compressing and decompressing files slightly affects CPU performance on both ends, but it’s worth it, especially on networks with bandwidth limitations like Wi-Fi or even 1 Gbps Ethernet.
Microsoft Server 2022 includes performance improvements for storage, specifically Storage Spaces Direct. Introduced in Windows Server 2016, it provides the flexibility to create high-performance, highly available network storage. One of its key features is synchronization which allows for redundancy and performance optimization, but until Windows Server 2022 this synchronization was based on internally calculated priorities. Windows Server 2022 provides the ability to manage the storage repair speed setting, with five levels that help you choose whether to prioritize synchronization or use by active workloads.
The Storage Spaces Storage Bus Cache feature allows fast storage media like NVMe or SSD to be linked with slower storage like a hard drive, dramatically improving read and write performance while maintaining performance. manageable costs. Prior to Windows Server 2022, the storage bus cache was limited to domain-joined servers, but stand-alone servers can now take advantage of these features. Storage bus cache supports read and write caching for systems that do not require resiliency or as read cache for systems that require parity.
Transitioning applications and other business resources from legacy systems to new platforms has never been trivial. Virtualization and containers certainly help ease some of the pain, but they don’t go very far. The Storage Migration Service facilitates the simplified transfer of critical applications and services from source locations to the Azure cloud or Windows Server. With Windows Server 2022, additional capabilities and sources are supported, including local users and groups, migration from (and to) failover clusters, and even from Samba shares on Linux.
Microsoft is investing heavily in its Azure cloud services, and much of that is attracting customers who have been slow to embrace the cloud with new use cases that are too good to be overlooked. Azure Arc and Windows Server Admin Center are two examples. Although neither is directly related to a version of Windows Server, both provide management capabilities for new features in Windows Server 2022. For example, Windows Server Admin Center version 2110 offers a new security tool that allows you to take advantage of the new Secured-core server and virtualization-based security functionality.
Azure Automanage is a new holistic set of management tools primarily geared toward virtual machines running on Azure, but as this includes Azure Stack Hyper Converged Infrastructure (HCI) and Azure Arc Servers, it’s a fair game for one. use on site. Azure Automanage applies best practices to your server configuration during the onboarding process, including server monitoring, log analysis, anti-malware software, update management, and change tracking. Azure Automanage can even be used to install Windows Server Admin Center, although it does not currently support Azure Arc servers.
Azure Automanage manages system updates using Hotpatch, which is a new method of keeping Windows Server Azure Edition virtual machines up to date while minimizing downtime. The Hotpatch system operates using three distinct update types, each with its own cadence: scheduled baselines, unplanned baselines, and patches. Planned baselines are released regularly (initially it will be every three months) and will include all updates contained in the latest cumulative update for Windows Update. Unexpected references will only be released when needed, such as when a critical update addressing a zero-day vulnerability is released. Both base versions will include updates from the latest cumulative update and require a restart. Hotpatch releases are released more frequently and include only updates that do not require a restart. True to form, the Microsoft name makes it a bit confusing as it uses the term hotpatch for the overall system which leverages all three types of update as well as the specific type of update that does not require a restart. .
Containers and virtualization
Virtualization and container-based applications are focus areas for Windows Server 2022, including some features that rely heavily on hybrid features with Azure.
One of them is the HostProcess container type for Kubernetes, which is new in Windows Server 2022 but will also be backported to Windows Server 2019. HostProcess containers run directly on the host layer in the same network namespace as the host, with similar access to the host OS as a process running directly on the server. Due to the level of access that HostProcess containers have to the operating system, they can be used for management tasks and DevOps scenarios, taking advantage of both the access and the development and deployment tools inherently offered by containers.
New in Windows Server 2022 is support for nesting virtual machines on AMD processors. Previously, nested virtualization – running Hyper-V in a Hyper-V guest – was limited to Intel processors. Nested virtualization can be used for a variety of scenarios, including packaging and distributing multi-server systems for things like developing or training or rotating virtual machines from backup in isolated environments. .
Group Managed Service Accounts (gMSA) are not a new concept. In Active Directory, gMSAs provide a secure mechanism allowing applications, even those distributed over multiple nodes, to access network resources without requiring manual account management such as changing passwords; instead, Active Directory manages the account. New to gMSA in Windows Server 2022 is that gMSA can be operated on hosts not joined to an Active Directory domain. This is done by creating an account in Azure AD, providing the benefits of gMSA by allowing container applications to access resources through the Azure AD account. There are also additional benefits: removing the requirement to join the domain of worker nodes makes it easier to scale, and a secret store can be used to manage and share credentials among multiple container hosts.
Copyright Â© 2021 IDG Communications, Inc.