Microsoft just unveiled Windows Server 2022, a new version of their premier Windows Server operating system. It includes the most up-to-date and important features accessible to Microsoft clients for executing mission-critical workloads. Customers can take cybersecurity and hybrid cloud operations to the next level with several new features and functionality in Windows Server 2022. Let’s take a closer look at the new features in Windows Server 2022 and how they will help businesses.
What’s New in Windows Server 2022
Windows Server 2022 has a slew of exciting new features that make it the most advanced and intricate Windows Server OS to date. The new Windows Server 2022 enhancements include the following improvements:
- Hybrid cloud
- Windows Admin Centre
- Application improvements
a. Secure Core
In conjunction with the deployment of Windows Server 2022, Microsoft has launched a Secured-core server. What is a Secured-core server, and how does it work?
The Secured-core server is a solution that expands on Microsoft’s Secure-core PC, which was released as part of Windows 10 earlier this year. With a Safe-core server, Microsoft delivers the same fundamental characteristics that establish a secure platform based on several security pillars integrated into the operating system.
Microsoft is working with close partnerships on Secured-core servers to guarantee that OEM server hardware has both hardware and firmware security measures required to support the Secured-core model’s capabilities. Furthermore, Microsoft has offered it as part of the Security dashboard accessible in Windows Admin Center as part of the ease of ensuring your server is set up utilizing the Secure-core concept.
Let’s have a look at the Secured-core server’s different components. These are some of them:
Secure Boot is used by the Microsoft Secured-core server to ensure that the boot firmware is certified and verified by the OEM hardware manufacturer. It also verifies the validity and authorization of boot certificates and UEFI firmware drivers. During the boot phase, this validation step serves to defend from boot sabotage and other malicious software injection.
A TPM, or Trusted Platform Module, is a hardware component that performs security-related functions. The TPM mechanism is a cryptographic key generator, storage, and protection device. The secured keys are utilized for attestation, which detects any malicious code or modification by attackers. As part of the Secure-core server concept, Windows Server 2022 may take advantage of TPM 2.0 features and functionality to provide comprehensive security measures.
Microsoft Windows Defender System Guard protection is a part of the Secured-core server implementation. The major purpose of the System Guard Secured-core server component is to guarantee that the Windows system is not tampered with. To ensure the integrity of the system, the System Guard module employs both local and remote attestation.
Windows Server 2022 System Guard defends against malicious bootkits and stops any unwanted firmware or application from activating itself before the Windows bootloader with Secured-core server implementations on contemporary hardware.
Drive-by Direct Memory Access (DMA) assaults are protected by the Secured-core Boot DMA Protection module. Hot-plug PCI peripherals or internal/external PCIe port controllers can be used to launch these kinds of attacks. DMA drive-by attacks are risky because they can allow malware to be injected and security features like the lock screen to be bypassed. The DMA Protection module prevents malicious drivers from initiating or starting DMA.
Virtualization-based Security (VBS) is a Secured-core server module that employs hardware virtualization to build a safe area, or secure section of ram, separate from the os. For security-related activities, this isolated region memory is carved off. The operating system has access to the memory’s specialized section. The VBS-protected memory, on the other hand, has only restricted access. Protected information, such as password hashes and other confidential material, is significantly more difficult for hackers to compromise with this protection.
HVCI is an acronym for Hypervisor Enforced Code Integrity. It helps safeguard Windows from hostile drivers and unsecured or harmful system files when used with Virtualization Based Security (VBS). It also keeps an eye on CFG, Control Flow Guard, for corruption and guarantees that legitimate certificates are utilized with Windows security features like Credential Guard.
b. Secure Connectivity
Apart from the Secured-core server capabilities in Windows Server 2022, Microsoft has strengthened security with connectivity services.
Implementing the most up-to-date security standards and protocols is a wonderful method to guarantee that your business-critical data isn’t compromised by flaws in lower-level standards and frameworks. HTTPS and TLS 1.3 are automatically enabled in Windows Server 2022.
DNS-over-HTTPS makes DNS more secured in Windows Server 2022. (DoH). DNS requests are encrypted utilizing the HTTPS protocol with the new DNS-over-HTTPS feature. Eliminating monitoring by an intruder or anybody spying around the network, helps to make private DNS requests safe.
Organizations want to guarantee that file transfers through Server Message Block (SMB) are as safe as feasible. For SMB and signing, Windows Server 2022 now supports AES-256-GCM and AES-256-CCM encryption. To connect with previous versions of Windows, Microsoft provides built-in compatibility with older encryption suites. However, in ultra-secure situations, Group Policy can be used to force the usage of more strong encryption ciphers.
Security has also been improved in Windows Failover Server Cluster (WFSC), with the ability of encryption and sign intra-node storage interactions for WFSC’s Cluster Shared Volumes. Moreover, when utilizing Storage Spaces Direct (S2D), you may enable encryption for intra-server cluster east-west connections to provide the highest level of data protection.
Microsoft has fixed several performance difficulties in prior Windows versions that were caused by the use of SMB Direct and RDMA encryption to encrypt SMB data transfer. The performance hit was caused by encryption prohibiting direct data insertion, according to Microsoft. Data is now encrypted before being placed in Windows Server 2022, which dramatically increases the speed with these technologies
You may now utilize the QUIC protocol alongside SMB 3.1.1 in Windows Server 2022. It enables users to access content from Azure edge file servers without the requirement for a VPN connection.
2. Hybrid Cloud
It’s been simple to witness the evolution of hybrid cloud technologies and interaction with Microsoft Azure with each new Windows Server operating system. In the field of hybrid cloud solutions, Windows Server 2019 made substantial breakthroughs.
The fact that Azure integration will be incorporated into every Windows version going forward has been etched in stone, especially with Windows Server 2019. Microsoft makes it simple to integrate the Windows Server operating system with Azure.
There is a slew of Azure services that work hand-in-hand with Windows Server 2022. In addition, Microsoft’s Windows Admin Centre management tool makes integrating with Azure easier than ever. From the Windows Admin Centre interface and extensions, administrators can easily control on-premises servers and interact with Azure services.
It’s simpler than ever for IT managers to take advantage of Azure’s hybrid services thanks to the close connectivity throughout Windows Admin Centre, Windows Server 2022, and Microsoft Azure.
3. Windows Admin Centre
The Windows Admin Centre utility is the most up-to-date method of administering Windows Servers. It was introduced alongside Windows Server 2019, and Microsoft has been steadily improving the tool since then.
There are no difficult-to-remember or-install MSC dashboard console tools. Once you’ve deployed Windows Admin Centre in Gateway mode, you may use it to administer numerous distant Windows Servers from a single management workstation/server, all through a contemporary and easy-to-use web interface.
By default, Windows Admin Centre for Windows Server 2022 does not come installed. It is, nonetheless, accessible for a free download on the Microsoft Evaluation site. Although Windows Admin Centre isn’t new in Windows Server 2022, its development since Windows Server 2019 gives Windows Server 2022 a more robust experience.
4. Application enhancements
Containers in Windows Server 2022 are a significant step forward in terms of executing contemporary apps on containerized infrastructure. The container image has been lowered by 40% in Windows Server 2022. With containers and container-based apps, maintaining compact, economical containers underpinning the applications is critical to performance and other important benefits.
Utilizing group Managed Services Accounts (gMSA) on a Windows Server 2022 container host lets you execute apps that rely on Azure Active Directory without having to join a domain. Microsoft Distributed Transaction Control (MSDTC) and Microsoft Message Queuing are now supported by containers in Windows Server 2022.
Also worth noting are the following Kubernetes improvements:
Alongside Windows Server 2022 and its storage capabilities, there have been several enhancements. An improved version of the Storage Migration Service is one of the primary upgrades in Windows Server 2022 storage. With Windows Server 2022, you can use the Storage Migration Service to do the following tasks:
- Migrating local groups and users to the new server.
- Migrate data from failover clusters, migrate to failover clusters and migrate between standalone and failover clusters
- Use Azure File Sync to sync migrated shares in Azure.
- Switch to new networks like Azure.
- Migrate Linux Samba shares
- Migration of NetApp CIFS hosts from NetApp FAS arrays.
User-adjustable storage repair speed is yet another additional Storage Spaces Direct (S2D) function. This new feature provides greater control over the data resync process, allowing you to fix data copies without losing speed. Additionally, in Windows Server 2022, new SMB compression capabilities enable compression during a networked copy. This function eliminates the need to compress a file before transferring it across a network. Finally, independent servers may now use storage bus ca
Microsoft has improved the networking performance of its products across the board. Among the new enhancements are:
- Improvements to UDP performance, such as UDP Segmentation Offload (USO), UDP Receive Side Scaling, and a better UDP data flow
- TCP performance enhancements — TCP HyStart++, RACK, and a faster network flow of data are all included in Windows Server 2022.
- Improved performance in network activity from an external host and received by a virtual NIC, as well as virtual NIC to virtual NIC communication in Hyper-V virtual switches
The ability to employ AMD CPUs in nested virtualization is one of the exciting new virtualization technologies in Windows Server 2022. Nested virtualization allows you to run Hyper-V within another Hyper-V virtual machine. It’s a great tool for laboratories, proofs-of-concept, and other test settings.
The new Windows Server 2022 version adds a slew of new capabilities to the Windows Server OS as a whole. It efficiently combines hybrid cloud characteristics for enterprises to benefit from Microsoft Azure’s capability. Windows Admin Centre is intended to assist IT, administrators, in achieving the best administration experience and quickly unlocking the hybrid cloud capabilities in Windows Server 2022. Safety, apps, network, storage, and virtualization are all improved in Windows Server 2022.