webinar - windows server 2016 for nonprofits and libraries - 2017-01-10
TRANSCRIPT
![Page 1: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/1.jpg)
Introduction to Windows Server for Nonprofits and Public Libraries
Jeff Woolsey, MicrosoftJanuary 10, 2017
![Page 2: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/2.jpg)
. © TechSoup Global | All rights reserved2
Using ReadyTalk
• Chat to ask questions
• All lines are muted
• If you lose your Internet connection, reconnect using the link emailed to you.
• If you lose your phone connection, re-dial
the phone number and re-join.
• ReadyTalk support: 800-843-9166
Your audio will play through your computer’s speakers. Hear an echo? You may be logged in twice and will need to close one instance of ReadyTalk.
![Page 3: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/3.jpg)
. © TechSoup Global | All rights reserved3
You Are Being Recorded…
• You can find upcoming and past webinars on the TechSoup website: www.techsoup.org/community/events-webinars
• You can also view recorded webinars and videos on our YouTube channel: https://www.youtube.com/TechSoupVideo
• You will receive an email with this presentation, recording, and links within a few days.
• Tweet us @TechSoup or using hashtags: #tswebinars
![Page 4: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/4.jpg)
. © TechSoup Global | All rights reserved4
Presenters
Becky WiegandWebinar Program Manager
TechSoup
Assisting with chat: Susan Hope Bard, TechSoup
Jeff WoolseyPrincipal, Windows Server
Microsoft
![Page 5: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/5.jpg)
. © TechSoup Global | All rights reserved5
Objectives
![Page 6: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/6.jpg)
6
About TechSoup
![Page 7: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/7.jpg)
. © TechSoup Global | All rights reserved7
The Need Is Global – And So Are We• TechSoup’s mission is to build a dynamic bridge that enables civil society organizations and social
change agents around the world to gain effective access to the resources they need to design and implement solutions for a more equitable planet.
Countries Served TechSoup Partner Location NetSquared Local Group
Where are you on the map?
![Page 8: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/8.jpg)
. © TechSoup Global | All rights reserved8
www.TechSoup.Global
![Page 9: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/9.jpg)
Six Reasons You’ll Love Windows Server 2016Jeff WoolseyMicrosoftJanuary 2017
![Page 10: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/10.jpg)
Windows Server is the platform for building an infrastructure of connected
applications, networks, and web services, from the workgroup to the
data center.Windows Server includes popular
technologies: Hyper-V, Active Directory, File Server, Print and much more…
What is Windows Server?
![Page 11: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/11.jpg)
WindowsServer2016
20 years of innovation
Moving to cloud
Windows Server NT4
Windows Server 2000
Windows Server 2008
Windows Server 2012
www.20yearsofwindowsserver.com
System Center 2016First choice for management
Datacenter Enterprise Era and Y2K
Server for the Masses
![Page 12: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/12.jpg)
Windows Server The foundation of our cloud
On-premises datacenter Microsoft Azure Stack
![Page 13: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/13.jpg)
Cloud Services
Load Balancer
WEB ROLEINSTANCES
Tables/NoSQL
TYPE Y
STORAGE SOLUTIONSDatabase
CACHE
Blobs/Files
TYPE X
QUEUE
Virtual Machines
VIRTUAL MACHINES
STORAGE BLOBS / FILES (Virtual Disks)
…
Windows
Linux
SQL
GalleryLoad Balancer
VIRTUALNETWORK
COMPUTEVirtualMachines
Get full control over a server in the cloud and maintain it as your business requires.
CloudServices
Managed Virtual Machines with specific web and worker roles that are stateless
Batch
For running large scale parallel and high performance computing (HPC) applications
Scheduler
Create jobs that run reliably on simple or complex schedules to invoke any type of service.
Remote App
Access Windows apps that run within the Service on VM’s from any device and any location.
NETWORKINGVirtualNetwork
Provision and manage VPNs in Azure and securely link to your on-premises IT infrastructure.
ExpressRoute
Connect on-premises and cloud data centers directly through dedicated, non-internet lines.
Traffic Manager
Load-balance incoming global traffic across multiple services running in multiple data centers.
IDENTITY & ACCESSActiveDirectory
Identity and access management for cloud applications and ability to link to on-premises Server AD.
Multi-FactorAuthentication
Safeguard access to data and apps with additional physical layer of security control.
MEDIA & CDNContent DeliveryNetwork (CDN)
Cache content for your apps at 100’s of edge locations to improve user experiences.
MediaServices
Range of services that support video on-demand and live streaming workflows.
WEB & MOBILEWeb Apps
Managed web platform, get started for free and scale as you go using many tools/ languages.
Add backend capabilities to mobile apps, with native client support on most device platforms.
MobileApps
APIManagement
Publish and Manage APIs to developers, partners and employees securely and at scale.
Create and surface your app logic as APIs for other services and apps to consume.
APIApps
LogicApps
Build/execute business processes by linking your own custom API’s with an API Gallery/Marketplace
NotificationHubs
Deliver millions of cross platform push notifications from any application backend, anywhere.
GALLERY DEPLOY
YOUR CODE
APP TYPES
Load Balancer
API MARKETPLACE…
API APP WEB APPLOGIC APP MOBILE APP
Windows PhoneiOSAndroidNokia X
Windows StoreiOSAndroidHTML5/JS
APP INSTANCES
App Services
STORAGE & BACKUPBackup
Managed service that handles backup/restore of Windows Server machines/backup agent.
StorSimple
Automated, policy driven solution to extend on-premises primary storage for backup / DR.
SiteRecovery
Coordinate replication and recovery of System Center private clouds
Storage Blobs& Files
Store binary application data and web content – store for dedicated and shared virtual disks for VM’s
Import/Export
For massive data transfer – ship encrypted disks to move data in/out of blob storage.
DATASQLDatabase
Managed relational database service with high availability and selectable performance levels.
DocumentDB
Store/retrieve millions of JSON objects from a highly scalable NoSQL document database.
RedisCache
Make applications scale and be more responsive under load by keeping data closer to app logic.
Search
Managed, scalable search service for your apps, create tunable search results and ranking models.
Tables
Massive scale for semi-structured key/value type data in this schema-less NoSQL store.
ANALYTICSHDInsight
Big Data (based on Apache Hadoop) analytics that integrate easily with Microsoft Office.
MachineLearning
Mine historical data with compute power to predict future trends or behavior.
StreamAnalytics
Process data streams in real-time to discover and react to trends.
DataFactory
Ingest data from multiple sources to combine into a cloud based Data Warehouse.
EventHubs
Ingest, persist, process millions of events per second from millions of devices.
Ingest, persist, process millions of events per second from millions of devices.
MobileEngagement
DEVELOPER SERVICESVisual StudioOnline
Store code, plan and track projects, build, deploy and test apps in the cloud collaboratively.
ApplicationInsights
Analyze app usage, availability and performance to detect issues and solve problems proactively.
MANAGEMENTAutomation
Run durable PowerShell scripts to automate frequent, long running, complex Azure tasks.
Portal
Web based experience to provision, control and monitor all Azure services.
OperationalInsights
Analyze and troubleshoot on-premises IT infrastructure without using instrumented code.
KeyVault
Safeguard and control keys and secrets in cloud scale hardware security modules.
HYBRID INTEGRATIONBiztalkServices
Build EDI and Enterprise App Integration (EAI) solutions in the cloud.
HybridConnections
Connect apps in Azure with on-premises resources without a VPN or dedicated line.
ServiceBus
Messaging capabilities (pub/sub, queues) and on-premises to cloud connectivity solution.
StorageQueues
Simple message queue for application de-coupling architecture for scale out.
Store /Marketplace
Find and manage other services provided by third parties.
VM Depot
Find free open source VM images that you can download and run in Azure Virtual Machines.
COMMERCE
![Page 14: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/14.jpg)
Azure StorSimpleAzure in OpenAzure GovernmentAzure SQL DatabaseRights Management (RMS)Azure API ManagementAzure Site RecoveryAzure AutomationInstance Level Public IpsAzure Redis CacheAzure BatchAzure MarketplaceAzure Data FactoryStream AnalyticsEvent HubsOperational InsightsPremium StorageVirtual Machine Converter 3.0Cloud Platform System (CPS)Antimalware for Cloud Services and VMsIdentity Manager vNextAnalytics Platform System (APS)Visual Studio Community 2013Visual studio 2015 Preview.NET 2015Azure RemoteAppAzure AD BasicSSD-based instances for Microsoft Azure VMs and Cloud ServicesAzure SQL Database AuditingLive Channels for Azure Media ServicesAAD Application ProxyNew experiences in Power BIAzure DocumentDBAzure SearchHDInsight for Storm Public Preview & GAAzure Zone Redundant StorageHDInsight for HbaseWSSC vNext tech previewContent Protection pub previewIntune - Nov update and Dec updateAzure AAD premium featuresMulti-Factor Auth enhancementsCloudera and Hortonworks on clustered Azure VMsAzure Instance level IPAzure Role Based Access ControlsVPN support pub previewTiP Testing pub previewAzure AD Workday A148 IntegrationAzure Standard SSG ExpressRoute S2S, P2S GAAzure Multiple NICsAzure Networking AppliancesAzure Traffic Manager Nested policiesAzure VM Image Gallery expansionAzure VnetAzure Web JobsVSO datacenter expansionVSO REST Hooks pub previewAustralia datacenter Forced TunnelingWSSC Azure PacksAzure G-Serves InstancesAzure Key VaultDrivers for SQL ServerMDM for Office 365 public preview and GAAzure Media Services Content ProtectionAzure Mobile EngagementNode.js Tools for Visual StudioVisual Studio 2013 updatesAuto-HA for SQL Server VMAuto-Patching and Backup for SQL Server VMsAzure SQL Database Increased CompatibilityAzure AD Connect Health pub previewAzure AD MFA Per App / Conditional access pub previewAzure RMS controlled user deploymentAzure RMS departmental templates pub previewAzure Site Recovery SAN ReplicationASP.NET 5 PreviewAzure SDK 2.5.1Team Foundation Server 2015 previewAzure Machine Learning GAAzure HDInsight for Linux Pub PreviewAzure HDInsight Support for Hadoop 2.6 pub previewAzure SQL Database security feature - Data Masking pub previewAzure SQL Database security features - EncryptionAzure SQL Database security features - Row Level securityAzure AD: API for SIEMMicrosoft Intune monthly updatesRemote Desktop Client for Windows Phone 8.1Azure App ServiceAzure CDN IntegrationAzure Media Encoder PremiumAzure AD Premium & Basic in CSPAzure IoT SuiteWindows Server ContainersHyper-V ContainersWindows Server Nano ServerAzure Media Player GAAzure Service FabricAzure IoT SuiteAzure Site Recovery: Protect VMWare and Physical Servers in Public PreviewAzure Backup Generally Available Azure API Management Premium simplifies high availability and massive scale for APIsExpressRoute for Office 365Azure Active Directory Dynamic Membership For GroupsAutomatic Password Change for Social Media Shared AccountsCompute-Intensive A10 and A11 Virtual Machine InstancesRemote Desktop app for Windows Phone support for Gateway and Remote ResourcesInformatica Cloud Agent availability in Linux and Windows Virtual MachinesAzure DocumentDB Hadoop ConnectorAzure HDInsight support for more VM sizesEnterprise-Grade Array-Based Replication and Disaster Recovery with ASR and System Center GA
500+New releases in
the last 12 months
![Page 15: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/15.jpg)
![Page 16: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/16.jpg)
![Page 17: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/17.jpg)
IT is being pulled in two directions Support business agility and innovation
Provide secure, controlled IT resources
By 2017, 50% of total IT spending will be spent outside of the formal IT organization*
*Source: Gartner Group, 2016
![Page 18: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/18.jpg)
Demands on the overwhelmed IT department
CFOCEO
DevelopersCheaper FasterBetter
Security is top priority. I don’t want to be the next headline for a breach.
We need apps that keep us ahead of the competition.
We need to run IT more efficiently.
Where is that compliance report?
I can’t wait for IT to get organized when I can get it done faster outside.
But my app worked great when I handed
it off.
![Page 19: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/19.jpg)
Windows Server design points
Provide layered security for emerging threats
1
Build the software-defined datacenter
2
Accelerate business agility with apps built on Windows Server 3
![Page 20: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/20.jpg)
Let’s Dig In…
![Page 21: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/21.jpg)
Privileged identity
6
![Page 22: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/22.jpg)
Malicious Attachment ExecutionBrowser or Doc Exploit Execution
Stolen Credential Use
Internet Service Compromise
Kernel-mode MalwareKernel Exploits
Pass-the-Hash
Malicious Attachment DeliveryBrowser or Doc Exploit
Delivery
Phishing Attacks
Attack
ESPIONAGE, LOSS OF IPDATA THEFT RANSOMLOST PRODUCTIVITYBUSINESS DISRUPTION
Enter
Establish
Expand
Endgame
Network
Anatomy of an attackUser
Device
![Page 23: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/23.jpg)
Historically, the network is seen as the primary attack surface.
Identity is the new attack surface.
![Page 24: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/24.jpg)
Attackers have a few dangerous weapons1. Search Engine
2. Organizational Charts
Found this org chart <10 seconds
3. Human Nature
![Page 25: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/25.jpg)
Over 50% of people click anything sent to them“The e-mail and Facebook accounts were set up with the ten most common names in the age group of the targets. The Facebook profiles had varying levels of publicly accessible profile and timeline data—some with public photos and profile photos, and others with minimal data. The messages claimed the links were to photos taken at a New Year's Eve party held a week before the study. Two sets of messages were sent out: in the first, the targets were addressed by their first name; in the second, they were not addressed by name, but more general information about the event allegedly photographed was given. Links sent resolved to a webpage with the message "access denied," but the site logged the clicks by each student.”-Ars Technica, Sept. 2016
![Page 26: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/26.jpg)
Challenges in protecting credentials
Ben Mary Jake Admin Domain admin
Typical administrator
Capa
bilit
y
Time
Social engineering leads to credential theft.Most attacks seek out and leverage administrative credentials.Administrative credentials often inadvertently provide more privilege than necessary—and for an unlimited time.
Privileged
identity
![Page 27: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/27.jpg)
Typical administrator
Protecting privileged credentials
Ben Mary Jake Admin Domain admin
Just Enough and Just in Time administration
Capa
bilit
y
Time
Credential Guard Prevents Pass-the-Hash and Pass-the-Ticket attacks by protecting stored credentials through virtualization-based security.
Remote Credential Guard Works in conjunction with Credential Guard for RDP sessions to deliver Single Sign-On (SSO), eliminating the need to pass credentials to the RDP host.
Just Enough AdministrationLimits administrative privileges to the bare-minimum required set of actions (limited in space).
Just-in-Time AdministrationProvides privileged access through a workflow that is audited and limited in time.
Capability and time
needed
Privileged
identity
![Page 28: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/28.jpg)
Works with Azure Multi-factor Authentication
Privileged
identity
No on-premises Multi-factor Authentication (MFA) server needed.Use as primary or additional authentication method.Configure AD FS farm via PSH.Then enable Azure MFA in AD FS policy (as you would with other providers).
Users must proof up in AAD/O365 (no inline proofing in the AD FS user experience).
![Page 29: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/29.jpg)
Security5
![Page 30: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/30.jpg)
Challenges in protecting the OSNew exploits can attack the OS boot-path all the way up through applications operations.Known and unknown threats need to be blocked without impacting legitimate workloads.
??
Security
![Page 31: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/31.jpg)
Features to help protect the OSDevice GuardEnsure that only permitted binaries can be executed from the moment the OS is booted.
Windows Defender Actively protects from known malware without impacting workloads.
Control Flow Guard Protects against unknown vulnerabilities
by helping prevent memory corruption attacks.
Security
![Page 32: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/32.jpg)
Customer
Fabric
HypervisorHypervisor
Fabric
Storage
Host OS CustomerGuest VM
Challenges protecting virtual machines
Healthy host?
Any compromised or malicious fabric administrators can access guest virtual machines.
Health of hosts not taken into account before running VMs.
Tenant’s VMs are exposed to storage and network attacks.
Virtual machines can’t take advantage of hardware-rooted security capabilities such as TPMs.
Guest VM
Security
![Page 33: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/33.jpg)
Features to help protect virtual machinesShielded Virtual Machines Use BitLocker to encrypt the disk and state of virtual machines protecting secrets from compromised admins and malware.
Host Guardian Service Attests to host health releasing the keys required to boot or migrate a Shielded VM only to healthy hosts.
Generation 2 VMsSupports virtualized equivalents of hardware security technologies (e.g., TPMs) enabling BitLocker encryption for Shielded Virtual Machines.
Hyper-V
Virtual machine
Computer roomBuilding perimeter
Physical machine
Hyper-V
Shielded virtual machine
ServerAdministrator * StorageAdministrator NetworkAdministrator Backup operator Virtualization-host administrator Virtual machine
*Configuration dependent
Should have access and does Should not have
access and doesn’t Should not have access but does
`
Security
![Page 34: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/34.jpg)
Server management tools
4
![Page 35: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/35.jpg)
Overview
Nano Server provides “Just Enough” OS to reduce the security and servicing footprint of the OS, but removes the familiar local GUI that many admins use.
Server management tools is a free toolset, hosted in the Azure portal, that enables you to manage any Windows Server 2016 instance remotely, alongside PowerShell or other management tools.
Deployment is as simple as installing a software gateway in your infrastructure, then adding machines into the Azure portal.
Server Management Tools (SMT)
![Page 36: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/36.jpg)
Remote Server management toolsWeb-based and cross-platform.Includes replacements for local-only tools, including:Task ManagerRegistry EditorEvent ViewerDevice ManagerSconfigControl PanelPerformance MonitorDisk ManagementUsers/Groups ManagerFile Explorer
Also manages Server Core and Server with GUI.
Server Management Tools (SMT)
![Page 37: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/37.jpg)
Use cases
Single location for visibility to machines on-premises or hosted within Azure, and accessible no matter where the admin is.
Provides management tools for GUI-less Nano Server, ensuring that admins can continue to use familiar UX to manage their machines despite local GUI being removed.
Supports cross-platform management allowing admins to use their client of choice to manage Windows Server.
The service will continue to be updated frequently, adding new tools and capabilities without necessitating upgrades to on-premises infrastructure.
Server Management Tools (SMT)
![Page 38: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/38.jpg)
Compute3
![Page 39: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/39.jpg)
Performance
“I need to remove bottlenecks and optimize resource utilization for all my virtual machines.”
Reliability
“I need to perform updates without impacting any workloads, and make sure hardware disruptions don’t turn into business disruptions.”
Flexibility
“I need to efficiently integrate more operating systems, storage types, and hardware configurations into my solution and manage it seamlessly.”
Challenges customers face Compute
![Page 40: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/40.jpg)
Windows Server 2016 Hyper-V scale limitsCapability Windows Server 2012/2012
R2 Standard and DatacenterWindows Server 2016
Standard and DatacenterVMware vSphere 6.5
Enterprise Plus
Physical (Host) Memory Support
Up to 4 TB per physical server
Up to 24 TB per physical server (6x)
Up to 6 TB per physical server (12 TB for specific OEM
certified platform)
Physical (Host) Logical Processor Support
Up to 320 LPs Up to 512 LPs Up to 480 LPs
Virtual Machine Memory Support
Up to 1 TB per VM
Up to 12 TB per VM (12x)
Up to 6 TB per VM
Virtual Machine Virtual Processor Support
Up to 64 VPs per VM
Up to 240 VPs per VM (3.75x)
Up to 128 VPs per VM
Source: http://www.vmware.com/pdf/vsphere6/r60/vsphere-60-configuration-maximums.pdf
Compute
![Page 41: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/41.jpg)
High-performance live migrationComplete virtual machine migration flexibilityFastLive migration over TCP/IP
FASTERLive migration with compression
FASTESTLive migration over SMB (direct)
StorageLive migration
Shared NothingLive migration
Compute
![Page 42: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/42.jpg)
Flexibility: Linux support on Hyper-VBroad support: Run Red Hat, SUSE, OpenSUSE, CentOS, Ubuntu, Debian and Oracle Linux, with full support.Increased utilization: Run Windows and Linux side-by-side, driving up utilization and reducing hardware costs.Enhanced networking: Highest levels of networking performance in Linux guests with virtual Receive Side Scaling (vRSS) support.Storage enhancements: Hot-add and online-resize of storage for enhanced administration flexibility.Better protection: Better-than-physical backup support for virtualized Linux guests on Hyper-V.Simplified management: Single experience for managing, monitoring, and operating the infrastructure.PowerShell support: Use PowerShell Desired State Configuration to declaratively specify the configuration of Linux servers.
Compute
![Page 43: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/43.jpg)
Storage2
![Page 44: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/44.jpg)
Challenges customers faceMove faster “Data volume grows faster than anything in my datacenter, and I have to be able to move faster than it does. Scaling current storage systems takes a lot of time and energy.”
Reduce cost“Cost structure is too high for purchasing and maintaining SAN and NAS arrays.”
Gain flexibility“I want to assign storage for each application based on priority and budget.”
Storage
![Page 45: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/45.jpg)
ChoicePartner SAN
Cloud-powered SAN• Azure Site Recovery (ASR) management of
hardware replication and cross-site failover.• Backup of traditional storage array to the cloud.
Single-pane-of-glass management• End-to-end management with SCVMM.• SMAPI for broad ecosystem interoperability.• Deep health and availability insight of storage.• Storage QoS for control of noisy neighbors.
Reducing disaster recovery costs• In-box software replication with Storage Replica• Lowering RPO with both sync and async
replication• Lowering RTO with Stretch Cluster and ASR
automation
Hyper-V
Fibre Channel/iSCSI/FCoE
Storage Array(s)
Managed by System Center
Storage
![Page 46: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/46.jpg)
ChoiceOn-premises storage Storage
Microsoft offers industry leading portfolio for building on-premises clouds.Microsoft embraces your choice of storage.Microsoft offers solutions to reduce storage costs.
Storage Spaces Direct
File Based Storage
Storage Spaces
SAN Alternative
SAN PartnersFibre
Channel/iSCSI/FCoE
Block Storage
NASSMB3
File Based Storage
Microsoft Azure Stack/Object
Storage
Cloud Fabric
![Page 47: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/47.jpg)
Converged solutionOn-premises disaggregated solution
Scale components separately in this model.
Simultaneous scaling is possible when compute (Hyper-V) and storage components (Storage Spaces Direct) reside on the same cluster.
Hyper-convergedScale compute, storage simultaneously
Storage SoftwareSMB3
Virtual machines on Hyper-V host
Scale-out file server
Storage Software
Virtual Machines
Scale-out file serverStorage Software
Storage
![Page 48: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/48.jpg)
Storage Replica Synchronous replication: Storage agnostic mirroring of data in physical sites with crash-consistent volumes ensuring zero data loss at the volume level.
Increase resilience: Unlocks new scenarios for metro-distance cluster to cluster disaster recovery and stretch failover clusters for automated high availability.
Flexible: Server to server, cluster to cluster, and stretch cluster. Local disks, Storage Spaces Direct, clustered disks. NTFS, REFS, CSVFS. TCP, RDMA. Synchronous and asynchronous.
Streamlined management: Graphical management for individual nodes and clusters through Failover Cluster Manager and Azure Site Recovery. Full PowerShell and SMAPI support.
Site 1 Site 2
Storage
![Page 49: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/49.jpg)
Remote Desktop Services (RDS)
1
![Page 50: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/50.jpg)
Challenges with desktop virtualization
Graphic-heavy apps can be slow to load and offer a poor user experience.
Adding cloud-based capacity adds challenges for managing and securing VMs.
Limited connections can lock out users at peak times.
Remote Desktop Services (RDS)
![Page 51: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/51.jpg)
Key Windows Server 2016 RDS improvements Remote Desktop
Services (RDS)
Better graphics experienceIncreased performance and app compatibilityEnhanced connection brokerScale management, shared SQL connectionsMore efficient cloud deploymentReduced number of VMs neededSupport for cloud-managed domain services
![Page 52: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/52.jpg)
vGPU evolutionRemote Desktop Services (RDS)
Windows Server 2016vGPU• OpenGL & OpenCL API• 1GB dedicated VRAM• Up to 4k resolution• Server VM support• Improved performance
DDA• Full API Support• Native GPU driver
support• Maximum Performance
Windows Server 2008 R2vGPU• Hyper-V integration• DX 9 support
Windows Server 2012vGPU• DX 11.0• VM connect with vGPU• GPU management
Windows Server 2012 R2vGPU• DX 11.1 support• Higher video memory• 2560 x 1600 resolution• HCK conformant
![Page 53: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/53.jpg)
Graphics enhancements – vGPUTwo ways to support vGPUs in WS 2016; DDA is new and differentiatedRemoteFX VGPU Direct device assignmentPara-virtualizedOpenGL/OpenCL/DX111GB VRAM/ 4K res~30fpsBest scale
Host: WS 2016, Win 10Guest: WS 2016, Win 10, Win 7 SP1, Win 8.1
1-1 Assignment to GPUFull API supportAzure’s N-Series VMs supported~60fpsLow scaleHost: WS 2016 Guest: WS 2016, WS 2012r2, Win 10 w/November update and Linux
Remote Desktop Services (RDS)
![Page 54: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/54.jpg)
Graphics enhancementCodec investments
High Quality 4:4:4 mode using standard H.264/AVC 4:2:0 hardware decoders.
Windows 10 Remote Desktop Clients use Hardware H.264/AVC decoder when available.
Enabled by default for RemoteFX vGPU RDP 10 sessions.Group Policy to enable on Windows 10 1511 & Windows Server 2016 TP4.
Currently MSTSC.EXE only, other Remote Desktop clients to follow.
Remote Desktop Services (RDS)
![Page 55: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/55.jpg)
High availability connection brokerRemote Desktop Services (RDS)
Use existing SQL Server cluster
or Azure SQL Database.Improved connection handling performance, 10K+concurrent connection requests supported in “log on storm” situations.
![Page 56: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/56.jpg)
Optimized server VM architecture for the cloud Remote Desktop
Services (RDS)
Tenant 1Tenant 1
VMVM
Network
Storage
Compute
RDSHVM
RDSHVM RDSH
VM
RDSHVM
RDCB RDLic RDGW RDWeb
APConnector
Tenant1 Virtual Network
Azure files
ADDDomainServices
Azure SQL
Database
Other tenant
services
Session desktop
collection
RemoteApp collection
(opt)
Management portal
Load balancer/VPN AAD AP
Azure services
Desktop hosting service
Azure fabric
RDS 2012R2 Infrastructure• 7 Role
Services• 8 VMs
RDS 2016+• 4 Role Services• 2 VMsAAD App Proxy removes external endpoints on RDGW VM so RDCB, RDLic can be combined into one VM since the VM is no longer exposed to the public internet
![Page 57: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/57.jpg)
Next stepsTake the next step:www.microsoft.com/WindowsServer2016
Watch in-depth technical videos.https://channel9.msdn.com/Blogs/windowsserver Windows Server Blog:http://blogs.technet.microsoft.com/windowsserver
Check out Office 365:www.Office365.com
Check out Azure:www.azure.Microsoft.com
![Page 58: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/58.jpg)
© 2016 Microsoft Corporation. All rights reserved. Microsoft, Windows, and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries.The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing marketconditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation.MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.
![Page 59: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/59.jpg)
. © TechSoup Global | All rights reserved61
Where can my organization get Windows Server?
![Page 60: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/60.jpg)
. © TechSoup Global | All rights reserved62
![Page 61: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/61.jpg)
. © TechSoup Global | All rights reserved63
Windows Server 2016www.techsoup.org/microsoft
www.techsoup.org/Microsoft-catalog--MSServers/MSWinServer
![Page 62: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/62.jpg)
. © TechSoup Global | All rights reserved64
Microsoft Donationshttp://www.techsoup.org/microsoft-software-nonprofits
![Page 63: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/63.jpg)
65
Questions?
![Page 64: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/64.jpg)
. © TechSoup Global | All rights reserved66
Learn and Share!
• Chat in one thing that you learned in today’s webinar or will try to implement.
• Will you share this information with your colleagues and within your network?
• Please complete the post-event survey that will pop up once the webinar ends!
![Page 65: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/65.jpg)
. © TechSoup Global | All rights reserved67
Get Your TechSoup Courses!
![Page 66: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/66.jpg)
. © TechSoup Global | All rights reserved68
Upcoming Webinars and Events
• 1/12: I Didn't Know Adobe Acrobat Pro DC Could Do That!
• 1/19: Finding and Cultivating Local Tech Expertise and Support for Nonprofits and Libraries
• 1/24: Get to Know GrantStation
• 1/26: Grant Writing 101: Practical Information to Help You Write Successful Grants
• 2/1: 10 Ways TechSoup Can Help Museums and Historical Sites
• 2/8: You Can Do I.T.! How to Empower Library Staff with Basic Tech Management Skills
Explore our webinar archives for more!
![Page 67: Webinar - Windows Server 2016 for Nonprofits and Libraries - 2017-01-10](https://reader038.vdocuments.us/reader038/viewer/2022110219/587e10e71a28abbc2e8b457f/html5/thumbnails/67.jpg)
. © TechSoup Global | All rights reserved69
ReadyTalk offers dedicated product demos for TechSoup organizations 4 times per week.
For more information: www.techsoup.org/readytalk
Please complete the post-event survey that will pop up once you close this window.
Thank You to Our Webinar Sponsor!