Advanced Firewall Microsoft Management Console (MMC)
A very advanced security feature which can compete with any popular independent security software is new with Windows Server 2008 - the built-in firewall. It’s a police force for your system’s safety.
Microsoft means it when they call it an “advanced Windows firewall.” The amount of control we have over this firewall really has impressed me. What’s in the advanced firewall? Let’s find out:
1. Bi-Directional Filters
With the advanced firewall, it is now possible to set filters not only for inbound but for outbound traffic, too. For example, a network administrator may want to configure the new Windows Firewall with some set of rules that will block all traffic sent to specific ports/IPs and similarly block all incoming traffic from specified ports/IP.
2. Automatic Configurations
The advanced firewall has the ability to automatically configure rules for new roles that are added to the server, provided these are Microsoft applications. If you wish to run any non-Microsoft application on your server that needs inbound network connectivity, it will need to have rules created for it manually.
3. Firewall and Profiles
There is a domain profile, private profile, and public profile for the firewall. These different profiles allow you to group inbound and outbound rules and then apply this group to your computer (it could be your laptop or other PC). You can choose any combination of inbound & outbound rules and group them together to easily apply on any computer.
With such a groundbreaking firewall, in terms of its policies and rules configuration, it is evident that Microsoft has created WFAS while keeping the features of Microsoft’s ISA Server in mind. The firewall has more default rules than those in earlier versions along with other modern functionalities, indicating that it is surely an advanced firewall as claimed by Microsoft.
Enhanced Terminal Services
Terminal Services in Windows Server 2008 is far better than in earlier versions of Windows Server. There are more advanced features added to fulfill our needs better, and they are easier to use:
TS Web Access
Terminal Services in Windows Server 2008 now comes with a feature called TS WA (Terminal Services Web Access), which allows businesses to supply users with a web-based interface to give access to applications published in a terminal server’s purlieu. The TSWA interface can be accessed in any browser that is connected to the internet.
With Terminal Services RemoteApp, organizations can provide users an interface from which they can access Windows based applications from any location. It also gives the ability to identify the main executable for common applications. From RemoteApps, applications can easily be published to a web-page using TS Web Access. This feature benefits users since they only need to go to their Web Access web page to get applications, and they will look as though they are running in local system.
Internet Information Services (IIS) 7.0
New IIS 7.0 comes with exciting and advanced features that have long been awaited. We have always wished that we could easily copy a web site’s configuration to another server like copying a single file. Now, we can with XML-based configuration as all IIS7 configuration settings are stored in XML. Not only does this allow you to simply copy existing configurations but also you can edit configurations through complete manipulation of the XML – this is great, especially for XML lovers!
Another feature that allows you to remotely administrate other servers from IIS7 is a slap-up. Now, Remote Administration can be done from within the IIS7 console, and there are no worries about security because IIS manager uses “https” protocol to connect to other IIS servers. It is a secure protocol so there are no worries of data theft.
What else? Now you can also see what is happening with web pages. IIS7.0 benefits us a lot but what about failures and monitoring? Yet another feature from IIS7 gives you thorough real-time information on running processes. It is possible to see what app pools are currently running, what requests and pages are being executed, and so on. Now all this information can be viewed from either the GUI console or from the command line tool. In case of any failure, logs can be viewed to find out the cause of the problem, when it happened, what triggered it, and more.
Windows PowerShell is a powerful feature in Windows Server 2008 that gives you access to an amazing command line scripting language, especially designed for system administrators.
Windows PowerShell allows you to manage many Windows Server 2008 roles such as Internet Information Services (IIS), Terminal Services Server, Microsoft Operations Manager 2007, and Microsoft Exchange Server 2007. More specifically, Powershell was created to allow administrators to manage IIS more effectively and easily.
Moreover, PowerShell benefits administrators by allowing them to automate any changes to Terminal Server configuration by using scripts.
NAP stands for Network Access Protection. It is a very new feature and doesn’t have any comparable tool in earlier versions of Windows Server. Its main purpose is to allow organizations to compare a security level in a specific computer with the organization’s own security policy and standards in order to determine how safe that computer is and to impose appropriate security to that computer, if necessary.
As an example, if a particular client is found to be non-compliant with the network’s health policy (for instance, if it doesn’t have an anti-virus program or local firewall installed), then appropriate IP filters are used to prevent the client from gaining full network access until the problem has been fixed.
More advanced NAP benefits include the following.
Fixing Unhealthy Machines
NAP offers many strategies to machines, once they are detected to be in ‘unhealthy’ state.
NAP can direct an unhealthy machine connected to a server that is used for remediation. This server is loaded with an SMS package that consists of antivirus signatures and other items to make the machine safer. In some cases, NAP also allows machines to connect to the network but with very limited access. The most NAP will do to an unhealthy machine is restrict it to connect to both the server and the internet until it can be cured completely.
It must be noted that although NAP has many remedies for curing unhealthy machines, it cannot detect or delete highly dangerous viruses or malware. Therefore, additional security software such as anti-malware applications must also be used for 100% protection.
NAP does not give any concessions to highly dangerous machines. It will not even give such machines IP address and, thus, restricts them from connecting to any network.
Windows Server 2008 is the most significant upgrade to the Windows Server product series since the release of Windows 2000. It comes with persuasive capabilities and modern characteristics that we have always dreamt of. It can proudly be said - Windows Server 2008 is Hot!!!