Microsoft Windows Server 2008
- Windows Server 2008 is significantly faster than Windows Server 2003; easy to configure and manage host based security
- The anticipated feature, the Hyper-V server virtualisation tool, is missing;
Windows Server 2008 is definitely faster, more manageable and secure. But it's still missing the virtual link.
Price$ 999.00 (AUD)
Microsoft's long-awaited Windows Server 2008 delivers advancements in speed, security and management, but its virtualisation and network-access control features come up short.
In our testing of Windows Server 2008 we found that Microsoft has made a number of improvements to its flagship server operating system.
For example, new server administrative role schemes boost security, the Server Manager program improves manageability, Internet Information Server (IIS) Web management functionality is revamped, Active Directory is easier to control, and Windows Terminal Services has been redesigned. Windows Server 2008 is also significantly faster than Windows Server 2003, especially when client machines are running Vista.
Unfortunately, a highly anticipated feature of Windows Server 2008, the Hyper-V server virtualisation tool, is missing. Microsoft includes a beta version of Hyper-V with Windows Server 2008 editions, but it will not release final code until the third quarter of this year.
Also missing is compatibility between non-Windows (and older Windows) clients and Microsoft's Network Access Protection (NAP) scheme, Microsoft's version of NAC.
The Microsoft NAP scheme uses client-side 'health certificates' to either give or deny clients access to the network. An 'unhealthy' client is vectored to remediation servers for necessary antivirus updates or security patches (compare NAC products).
We tested the NAP scheme as implemented in Windows Server 2008 and found that it works as long as the client is running Windows XP or Vista. But it won't let clients running any other brand of operating system have access to its protected resources, thus hampering the potential success of the NAP scheme, because all client types must be vetted for NAC to work effectively.
Rethinking server roles
Microsoft wants administrators of Windows Server 2008 editions (it will ship in the usual flavours of Standard, Enterprise, Data Center and Itanium-specific code) to think of the server as playing certain roles.
Server roles are aggregated objects that suit commonly thought-of services, such as print services, file sharing, DNS, DHCP, Active Directory Domain Controller and IIS-based Web services. Microsoft has defined 18 roles in all.
There's even a minimalist installation called Windows Server Core that can run various server roles (such as DNS, DHCP, Active Directory components) but not applications (like SQL Server or IIS dynamic pages). It's otherwise a scripted host system for headless operations.
There's no GUI front end to a Windows Server Core box, but it is managed by a command line interface (CLI), scripts, remotely via System Manager or other management applications that support Windows Management Instrumentation (WMI), or by Remote Terminal Services. It's also a potential resource-slimmed substrate for Hyper-V and virtualisation architectures.
The services running on any role-based server are partitioned and enabled through Server Manager, Microsoft's renamed, revamped administrative application – either through its GUI or CLI front end.
It's a vast improvement over the 'Configure Your Server' routines found in Windows 2000 and 2003 editions. Once successfully enabled, the roles can be easily changed. The CLI version allows scripted initial or remote role changes for administrators. Server Manager adds an important improvement over prior management applications: it checks application dependencies thoroughly before it effects installation, changes, deletions or other alterations.
We got a nearly immediate taste of higher security these server roles allow when we installed Windows 2008 Server – strong administrative passwords are now required as the default.
Active Directory Certificate Services have been redesigned, and now join with Group Policy settings to allow easier certificate enrolment, discovery and storage. The public-key infrastructure that was formerly very difficult to establish, monitor and maintain in Windows 2003 Server editions has improved dramatically as choices for certificate management (including storage, issuance and certificate vetting) are wider than ever before.
A side benefit is that IPSec encryption can be used with a number of previously unavailable cryptography methods, such as elliptic-curve Diffie-Hellman or Advanced Encryption Standard choices, allowing a simple but heretofore difficult security hole to be patched: Windows 2008 can provide comprehensive network encryption services, network-wide.
In addition to Server Manager, server-based Windows Firewall MMC snap-in helped us configure and manage host based security more easily. Windows Firewall on Windows 2008 Server-based networks can be now controlled by system enforced Group Policy Objects (GPO) within Active Directory.
The ability to enforce Windows Firewall settings within an Active Directory domain provides a hierarchically enforced mechanism that thwarts branch office or subsidiary server settings made by local administrators. It's an iron-fist policy that has teeth, and we really like that.
The GPOs can now define server IP address admittance, allowing servers to simply ignore traffic from all but specific addresses, reducing their attack surface dramatically. Policies for specific routes are inherited by all clients and servers admitted to the Active Directory-controlled network, which then allows possible intruder activity to be more readily discerned from the noise of general traffic.
However, this admittance control alone doesn't reduce the effects of TCP SYN DOS attacks, but other TCP/IP settings shipping with only Windows Server 2008 can be used to reduce the effect of TCP connection-focused distributed denial-of-service (DoS) attacks.
Join the Good Gear Guide newsletter!
Epson WorkForce ET-4550
Linksys AC5400 MU-MIMO Gigabit router
Smart LED Bulb LB130
Everki ContemPRO Roll Top Laptop Backpack
Microsoft L5V-00027 Sculpt Ergonomic Keyboard Desktop
Epson EcoTank Expression ET-2500
UE Boom 2 Bluetooth speaker
Lexar® JumpDrive® S57 USB 3.0 flash drive
Lexar® JumpDrive® S45 USB 3.0 flash drive
Lexar® Portable SSD
3SIXT Ultra HD Sports Action Camera
Belkin MIXIT Metallic Lightning to USB Cable
Epson WorkForce DS-360W
Huawei Mate 9
Logitech G403 Prodigy mouse
Google Daydream VR headset
Acer Swift 7
HP Pavilion x360 13”
Dell Inspiron 5000 series 2-in-1
Dell XPS 13 laptop
Surface Pro 4
HD Pan/Tilt Wi-Fi Camera with Night Vision NC450
Garmin Fenix Chronos smartwatch
Lexar® Professional 1800x microSDHC™/microSDXC™ UHS-II cards
Lexar® JumpDrive® C20c USB Type-C flash drive
Blade 28 backpack by Arc’teryx
Audio-Technica ATH-ANC70 Noise Cancelling Headphones
Most Popular Reviews
- 1 Gigabyte Aorus GA-AX370-Gaming 5 AMD Ryzen AM4 motherboard review
- 2 Kogan curved 4K UHD 55-inch LED LCD TV review
- 3 Panasonic Blu-ray recorder PVR set-top box review
- 4 Garmin Fenix Chronos fitness tracker smartwatch review
- 5 Star Wars Death Star Bluetooth levitating rotating speaker review
Latest News Articles
- Samsung unveils Bixby voice assistant for upcoming Galaxy S8
- Pwn2Own hacking contest ends with two virtual machine escapes
- It's time to turn on HTTPS: the benefits are well worth the effort
- Windows Vista has just 30 days to live
- Panasonic pushes buttons with smart home prototypes at SXSW
PCW Evaluation Team
A smarter way to print for busy small business owners, combining speedy printing with scanning and copying, making it easier to produce high quality documents and images at a touch of a button.
I've had a multifunction printer in the office going on 10 years now. It was a neat bit of kit back in the day -- print, copy, scan, fax -- when printing over WiFi felt a bit like magic. It’s seen better days though and an upgrade’s well overdue. This HP OfficeJet Pro 8730 looks like it ticks all the same boxes: print, copy, scan, and fax. (Really? Does anyone fax anything any more? I guess it's good to know the facility’s there, just in case.) Printing over WiFi is more-or- less standard these days.
As a freelance writer who is always on the go, I like my technology to be both efficient and effective so I can do my job well. The HP OfficeJet Pro 8730 Inkjet Printer ticks all the boxes in terms of form factor, performance and user interface.
I’d happily recommend this touchscreen laptop and Windows 10 as a great way to get serious work done at a desk or on the road.
Ultimately, I think the Windows 10 environment is excellent for me as it caters for so many different uses. The inclusion of the Xbox app is also great for when you need some downtime too!
For me, the Xbox Play Anywhere is a great new feature as it allows you to play your current Xbox games with higher resolutions and better graphics without forking out extra cash for another copy. Although available titles are still scarce, but I’m sure it will grow in time.
- Behind the scenes with Team Walkinshaw at V8 Supercars Melbourne 2017
- And the 2017 winner of the Formula 1 Best Pit Lane Boom Gantry is...
- First look at the Formula 1 2017 pit lane in Melbourne, Australia
- Which flagship TV is best? Sony 4K HDR Bravia 2016 versus LG 4K HDR OLED 2016
- 10 Blu-ray movies / Best looking Blu-ray movies
- FTSocial Media ExecutiveNSW
- FTSenior Applications Support AnalystSA
- FTSenior C# DeveloperNSW
- TPGIS Developer - 6 month ContractQLD
- FTGIS Software DeveloperQLD
- FTSenior .Net Developer (Silverlight)VIC
- FTSenior Java EngineerACT
- CCBusiness Analyst Digitalisation projectsQLD
- FTWeb Support LeadQLD
- FTHR Business Analyst / Performance Management SMENSW
- FTMicrosoft Designer / ArchitectVIC
- CCProject AdministratorNSW
- FTHadoop Service AdministratorNSW
- CCOrganisational Change LeadNSW
- TPSQL Server Developer | 3 month contract |NSW
- CCAgile Project ManagerNSW
- FTSenior Security AnalystACT
- FTSenior Security Sales SpecialistVIC
- TPNetwork AdministratorWA
- FTTest SpecialistSA
- FTApplication Support Analyst - Accounting SoftwareNSW
- CCVirtualisation Engineer - IP NetworksVIC
- FTData Centre Technical SpecialistACT
- CCMEAN Stack Developer - Contract - SydneyNSW
- TPSenior Software DeveloperQLD