the web application proxy, you can publish HTTP- and HTTPS-based web applications to devices on and off your network. The Routing functionality provides very similar functionality to a traditional router, including network address translation (NAT) and other methods needed to perform routing on an IP network.
Remote Desktop Services
Previously known as Terminal Services, Remote Desktop Services lets users access virtual desktops to run software just as they would if they were on their own desktops. This can be very helpful when you have limited licenses for applications, and the application can be used in this way. It can be especially helpful for client/server-style applications where upgrades can be an overwhelming effort due to configuration changes that need to occur after an upgrade. You can make the changes on each RDS server once, instead of having to do it on hundreds of desktops.
Volume Activation Services
This role creates a Key Management Service (KMS) server, which can manage all the keys for your Windows products and take care of automatic keying and activation for domain-joined systems, servers and clients alike. You can even set requirements like requiring systems to check in with the KMS server every 15 days or the key will no longer be valid. This can help to ensure that laptops find their way back on premises for patches and other things at least every 15 days as well.
Web Services
Web Server installs the Windows-based web server known as Internet Information Services (IIS). IIS can be used to host multiple websites and supports many of the server-side languages you know and love, like PHP and ASP. It also provides support for FTP services. With the Microsoft Web Platform installer, setting up applications like ASP.NET, Microsoft SQL Server, and non-Microsoft applications like WordPress or Joomla is very simple.
Windows Deployment Services
Windows Deployment Services (WDS) makes managing images for servers and desktops very simple. WDS is part Preboot Execution Environment (PXE) server and part Trivial File Transfer Protocol (TFTP) server with a nice, user-friendly graphical user interface (GUI) console to manage it. If you aren’t familiar with PXE, it allows a server with no operating system to boot from the network so that a system administrator can configure it and choose an operating system image for it. TFTP is used to transfer the image over the network. Images are saved as .wim files and can be kept up to date with tools already available on the system. Systems that are imaged by WDS are booted from their network interface card (NIC) and are able to get the settings for the WDS server from DHCP options 66 and 67.
Windows Server Update Services
Windows Server Update Services (WSUS) is exactly what the name implies: a server role that installs software, which allows you to centrally manage security patches and other updates for all your Microsoft products. It scales well and can be deployed as a single server that does it all, or as an upstream server that downloads updates from Microsoft and then makes those updates available to other downstream WSUS servers.
Understanding Server Features
Roles get a lot of attention, but features provide the necessary support for roles and other applications to perform their functions. Features can provide everything from frameworks to support applications to management tools and encryption functionality.
.NET 3.5
Provides support for .NET 3.5 and legacy support for .NET 2.0 and .NET 3.0 APIs. APIs allow applications to interact with the operating system or services. This may be required for the application you’re are trying to install; vendor documentation will usually be very explicit in telling you what needs to be installed as a prerequisite for the application.
.NET 4.8
Windows Server 2022 ships with the newer .NET 4.8, which is installed by default. This feature can also add support for ASP.NET 4.8 and adds support for WCF Services. Many newer applications are taking advantage of these features. Check with your application vendor to see if it supports .NET 4.8.
Background Intelligent Transfer Service
Background Intelligent Transfer Service (BITS) is used to transfer files between servers and clients and will provide progress information on the status of those transfers. It’s very commonly used by the Windows operating system to download updates.
The cool thing about BITS is that if the connection is for some reason lost, BITS will suspend the transfer. When the connection is back up, BITS will resume the transfer as if something happened.
There is a service installed by default with the Windows Server 2022 OS, so you don’t need to install this feature unless an application requires the feature to serve its purpose.
BitLocker Drive Encryption
BitLocker Drive Encryption is responsible for encrypting the entire hard drive and its contents on systems where it has been enabled. On modern systems with a TPM 1.2 or later chip, BitLocker ensures that the system has not been tampered with while the system was offline. Assuming the hardware checks out okay, it will boot.
Systems with older TPM chips can still use BitLocker, but it is not as user-friendly. Older TPM chips (pre-1.2) do not check for system integrity like the newer TPM chips do either.
BitLocker can lock the startup process until the user enters a PIN. This ensures that the user is the authorized user and will prevent data loss from an unencrypted drive if the system is stolen while offline.
BitLocker Network Unlock
The BitLocker Network Unlock feature was introduced in Windows Server 2012. It gives systems the ability to automatically unlock BitLocker if the system is on the corporate network. This can make patch management simpler if a company is using a Wake on LAN technology to wake systems up for patching or software installations.
BitLocker Network Unlock does have some dependencies on DHCP, so make sure that you’re running DHCP in your environment if you want to use it.
BranchCache
You may recall from the File and Storage Service role that BranchCache is a bandwidth optimization technology that copies files from main office
