310 likes | 431 Views
Windows Server 2008 R2: Work Anywhere Infrastructure. Ashwin Palekar Principal Group Program Manager Microsoft Corporation Session Code: WSV208. Scott Roberts Senior Program Manager Lead Network Security Microsoft Corporation. Mobile Workforce. Increasingly Porous Perimeter. Mobile Data.
E N D
Windows Server 2008 R2: Work Anywhere Infrastructure AshwinPalekar Principal Group Program Manager Microsoft Corporation Session Code: WSV208 Scott Roberts Senior Program Manager Lead Network Security Microsoft Corporation
Mobile Workforce Increasingly Porous Perimeter MobileData Globalization
“Re-Perimeterization” • How to manage, monitor, and support remote users/machines all the time? • How to simplify remote workers’ access “My network is where my buildings are” “My network is where my users and assets are”
Industry Trends Assume the underlying network is always unsecure Redefine the corporate edge to protect the datacenter Enterprise Network Security policies based on identity, not location DirectAccess Server Internet Data Center and Business Critical Resources Local User Remote User
Windows Server 2008 R2 Addressing Enterprise Needs • Work Anywhere Infrastructure using Direct Access • Secure & Flexible Application access using Terminal Services
DirectAccess • Providing seamless, secure access to enterprise resources from anywhere
demo DirectAccess in Action
Benefits Of Direct AccessBringing the corporate network to the user More productive More secure More manageable and cost effective • Always-on access to corpnet while roaming • No explicit user action required – it just works • Same user experience on premise and off • Simplified remote management of mobile resources as if they were on the LAN • Lower total cost of ownership (TCO) with an “always managed” infrastructure • Unified secure access across all scenarios and networks • Integrated administration of all connectivity mechanisms • Healthy, trustable host regardless of network • Fine grain per app/server policy control • Richer policy control near assets • Ability to extend regulatory compliance to roaming assets • Incremental deployment path toward IPv6
Internet DirectAccess Client (Windows 7) DirectAccess Server (Server 2008 R2) Tunnel over IPv4 UDP, HTTPS, etc. Encrypted IPsec+ESP Native IPv6 Encrypted IPsec+ESP IPsec Gateway 6to4 Teredo IP-HTTPS
DirectAccess Server (Server 2008 R2) Enterprise Network Line of Business Applications No IPsec IPsec Integrity Only (Auth) Windows Server 2008 Non-Windows Server IPsec Integrity + Encryption IPsec Gateway
DirectAccess Components Server Client • Runs on Windows 7 • Domain-joined • Initial configuration done on Corpnet or over VPN • Runs on Windows Server 2008 R2 • Sits on network edge • Single box by default • Services can be split up for scalability
Direct Access Supporting Technologies Corporate Network Trusted, compliant, healthy machine DC & DNS(Server 2008 R2) Applications & Data Windows 7 client Forefront UAG IAG SP2 NAP (includes Server & Domain Isolation [SDI]) Forefront Client Security Windows Firewall BitLocker + Trusted Platform Module (TPM)
Direct Access Supporting Technologies Internet Forefront Client Security Non- Compliant Client Compliant Client Compliant Client NAP / NPS Servers IPsec/IPv6 Unmanaged Client IPsec/IPv6 DA Server CORPNET User Data Center and Business Critical Resources IAG SP2 CORPNET User CORPNETCompliant Network
Mobile Broadband • Windows 7 Solution Situation Today Standard driver model (plug & play experience for built-in and external 3G cards) Mobile Broadband connection experience integrated into standard Windows UI Standard APIs for building customized connection management experience Compatible with DirectAccess and VPN Reconnect • Internet connectivity via mobile broadband cards is expanding: • Inconsistent user experience • Additional software required
VPN Reconnect • Windows 7 Solution Situation Today The client maintains persistent VPN connection across network outages VPN Client can connect to any VPN Server of choice • VPN used frequently for remote access to corporate resources • Mobile workers reconnect to VPN on every network outage VPN Server VPN Server • Benefits • Better end user experience: seamless and consistent VPN connectivity • Reduced support costs
BranchCache • Windows 7 Solution Situation Today Windows Server 2008 R2 Windows Server 2008 Subsequent access from the same client is satisfied from the transparent cache (local machine access) Slow WAN Link Slow WAN Link Windows 7 Clients Vista SP1 Clients Client 1 Client 1 Client 2 Client 2
announcing Remote Desktop Services
WS08 R2 – New and Improved Improved Improved NEW! Platform & Management Improvements New API, Connection Broker Extensibility,,Powershell Support, Best Practices Analyze, Full MSI support
TS & VDI – An Integrated Solution Virtual Machine Management (SCVMM) TS-based Remote Desktop Hyper-V-based Remote Desktop Remote Desktop Connection Broker
Full Fidelity RemoteApp & Desktops • RemoteApp & Desktop Connections • RemoteApp & Desktops icons integrated into start menuetc • Icons refreshed & updated automatically • Multimedia Support & Audio Input • Experience rich multimediaredirection • Use VoIP applications and speech recognition. • True multiple monitor support • Use upto 10 monitors of any size or layout with RemoteApp and Desktops • All applications behave like users expect – e.g. PowerPoint • Aero Glass for Remote Desktop Session Host • Uses have the same new Windows 7 look and feel when using Remote Desktop Server • RemoteApp™ Language Bar Support • Configure applications that use alternate language settings (e.g. right to left languages) from the local language bar
Remote Application Access • TS and VDI – An Integrated Solution • Single broker to connect users to sessions or virtual machines, out of the box solution for VDI scenarios with Hyper-V • RemoteApp & Desktop Connections • Centrally managed list of applications and desktops (RDS & VDI) • Automatically published, refreshed & integrated with Windows 7 • Remote Desktop Web Access • Integrated with RemoteApp & Desktop Connection management tools • Provides access to applications & desktops from Windows 7, Vista & XP • Integrated Single Sign On • only a single logon for RemoteApp& Desktop connections • Forms based logon for RD Web Access • Remote Desktop Gateway • Session & Idle timeouts to enforce policy and authorization refresh • Pluggable authentication and consent signing
Platform & Management Improvements • Improved Application Compatibility • Improved Microsoft Installer (MSI) compatibility • Powershell Provider • Easily automate and script administrative tasks for remote desktop scenarios • Use Profile Cache Quota • Removes need to delete profiles at logoff – speeds up logon. • Ensures profiles never overrun disk space; least used profiles deleted • RemoteApp & Desktop Connections Extensibility • Can support discovery of any custom application type • Ensure common UI and location for discovering connections • Connection Broker Extensibility • Orchestration plug-ins – e.g. VM preparation, VM placement • Policy plug-ins – e.g. load balancing, security etc
SummaryCall-to-action • Windows Server 2008 R2 offers great innovation for your Anywhere Access infrastructure • Learn more about Direct Access and Remote Desktop Services • Get ready deploying Windows Server 2008
Required Slide Speakers, please list the Breakout Sessions, TLC Interactive Theaters and Labs that are related to your session. Related Content VIR307 Windows 2008 R2: Remote Desktop Services: VDI Drilldown - Drilldown into RD Connection Broker and VDI features WSV308 Windows Server 2008 R2: Remote Desktop Services Overview - Overview of Remote Desktop Services & drilldown into RD Session Host VIR305 - Microsoft Remote Desktop Protocol (RDP) Architecture and Improvements. - Drilldown into RDP features
Required Slide Track PMs will supply the content for this slide, which will be inserted during the final scrub. Windows Server Resources Make sure you pick up your copy of Windows Server 2008 R2 RC from the Materials Distribution Counter Learn More about Windows Server 2008 R2: www.microsoft.com/WindowsServer2008R2 Technical Learning Center (Orange Section): Highlighting Windows Server 2008 and R2 technologies Over 15 booths and experts from Microsoft and our partners
Required Slide Complete an evaluation on CommNet and enter to win!
© 2008 Microsoft Corporation. All rights reserved. Microsoft, Windows, Windows Vista and other product names are or may be registered trademarks and/or trademarks in the U.S. and/or other countries. The information herein is for informational purposes only and represents the current view of Microsoft Corporation as of the date of this presentation. Because Microsoft must respond to changing market conditions, it should not be interpreted to be a commitment on the part of Microsoft, and Microsoft cannot guarantee the accuracy of any information provided after the date of this presentation. MICROSOFT MAKES NO WARRANTIES, EXPRESS, IMPLIED OR STATUTORY, AS TO THE INFORMATION IN THIS PRESENTATION.