MCSA Windows Server 2012 R2 Complete Study Guide. Panek William
Чтение книги онлайн.
Читать онлайн книгу MCSA Windows Server 2012 R2 Complete Study Guide - Panek William страница 17
Let’s dive right into the server by talking about some of the new features and advantages of Windows Server 2012 R2.
Features and Advantages of Windows Server 2012 and Server 2012 R2
Before I show how to install and configure Windows Server 2012 R2, let’s take a look at some of the new features and the advantages it offers.
I will talk about all of these features in greater detail throughout this book. What follows are merely brief descriptions.
Active Directory Certificate Services Active Directory Certificate Services (AD CS) provides a customizable set of services that allow you to issue and manage public key infrastructure (PKI) certificates. These certificates can be used in software security systems that employ public key technologies.
Active Directory Domain Services Active Directory Domain Services (AD DS) includes new features that make deploying domain controllers simpler and that let you implement them faster. AD DS also makes the domain controllers more flexible, both to audit and to authorize for access to files. Moreover, AD DS has been designed to make performing administrative tasks easier through consistent graphical and scripted management experiences.
Active Directory Rights Management Services Active Directory Rights Management Services (AD RMS) provides management and development tools that let you work with industry security technologies, including encryption, certificates, and authentication. Using these technologies allows organizations to create reliable information protection solutions.
BitLocker BitLocker is a tool that allows you to encrypt the hard drives of your computer. By encrypting the hard drives, you can provide enhanced protection against data theft or unauthorized exposure of your computers or removable drives that are lost or stolen.
BranchCache BranchCache allows data from files and web servers on a wide area network (WAN) to be cached on computers at a local branch office. By using BranchCache, you can improve application response times while also reducing WAN traffic. Cached data can be either distributed across peer client computers (distributed cache mode) or centrally hosted on a server (hosted cache mode). BranchCache is included with Windows Server 2012 R2 and Windows 8.
DHCP Dynamic Host Configuration Protocol (DHCP) is an Internet standard that allows organizations to reduce the administrative overhead of configuring hosts on a TCP/IP-based network. Some of the new features are DHCP failover, policy-based assignment, and the ability to use Windows PowerShell for DHCP Server.
DNS Domain Name System (DNS) services are used in TCP/IP networks. DNS will convert a computer name or fully qualified domain name (FQDN) to an IP address. DNS also has the ability to do a reverse lookup and convert an IP address to a computer name. DNS allows you to locate computers and services through user-friendly names.
Failover Clustering Failover Clustering gives an organization the ability to provide high availability and scalability to networked servers. Failover clusters can include file share storage for server applications, such as Hyper-V and Microsoft SQL Server, and those that run on physical servers or virtual machines.
File Server Resource Manager File Server Resource Manager is a set of tools that allows administrators to manage and control the amount and type of data stored on the organization’s servers. By using File Server Resource Manager, administrators have the ability to set up file management tasks, use quota management, get detailed reports, set up a file classification infrastructure, and configure file-screening management.
Hyper-V Hyper-V is one of the most changed features in Windows Server 2012 R2. Microsoft’s new slogan is “Windows Server 2012 R2, built from the cloud up,” and this has a lot to do with Hyper-V. It allows an organization to consolidate servers by creating and managing a virtualized computing environment. It does this by using virtualization technology that is built into Windows Server 2012 R2.
Hyper-V allows you to run multiple operating systems simultaneously on one physical computer. Each virtual operating system runs in its own virtual machine environment. I cover Hyper-V in detail in Chapter 9: “Use Virtualization in Windows Server 2012.”
IPAM IP Address Management (IPAM) is one of the features introduced with Windows Server 2012 R2. IPAM allows an administrator to customize and monitor the IP address infrastructure on a corporate network.
Kerberos Authentication Windows Server 2012 R2 uses the Kerberos authentication (version 5) protocol and extensions for password-based and public key authentication. The Kerberos client is installed as a security support provider (SSP), and it can be accessed through the Security Support Provider Interface (SSPI).
Managed Service Accounts (gMSAs) Stand-alone managed service accounts, originally created for Windows Server 2008 R2 and Windows 7, are configured domain accounts that allow automatic password management and service principal names (SPNs) management, including the ability to delegate management to other administrators.
Networking There are many networking technologies and features in Windows Server 2012 R2, including BranchCache, Data Center Bridging (DCB), NIC Teaming, and many more.
Remote Desktop Services Before Windows Server 2008, we used to refer to this as Terminal Services. Remote Desktop Services allows users to connect to virtual desktops, RemoteApp programs, and session-based desktops. Using Remote Desktop Services allows users to access remote connections from within a corporate network or from the Internet.
Security Auditing Security auditing gives an organization the ability to help maintain the security of an enterprise. By using security audits, you can verify authorized or unauthorized access to machines, resources, applications, and services. One of the best advantages of security audits is to verify regulatory compliance.
Smart Cards Using smart cards (referred to as two-factor authentication) and their associated personal identification numbers (PINs) is a popular, reliable, and cost-effective way to provide authentication. When using smart cards, the user not only must have the physical card but also must know the PIN to be able to gain access to network resources. This is effective because even if the smart card is stolen, thieves can’t access the network unless they know the PIN.
TLS/SSL (Schannel SSP) Schannel is a security support provider (SSP) that uses the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols together. The Security Support Provider Interface is an API used by Windows systems to allow security-related functionality, including authentication.
Windows Deployment Services Windows Deployment Services allows an administrator to install Windows operating systems remotely. Administrators