I have been talking with a number of customers, CSOs, CIOs and industry professionals over the past few weeks and I realized that the availability and benefits of using the Server Core option of Windows Server 2008 or Windows Server 2008 R2 was not as widely known as I think it should be. Windows Server Core provides a minimal installation environment for running specific server roles, which reduces the maintenance and management requirements and the attack surface for those server roles. The following roles are supported in Windows Server 2008 R2:
Over time, the number of reboots for patching or security updates is significantly reduced for a Server Core installation of which the benefits are obvious. In some cases, customers can see up to a 60% reduction in patch requirements and the number of reboots on a monthly basis. Over time, more roles and configurations will support Server Core and is already a best practice in many enterprise environments. Many line of business and third party applications support running on a Server Core installation – not just the in-box roles of Windows Server above.
For more information and background on the capabilities of Server Core in Windows Server 2008 R2, see our TechEd presentation from last year or to get started with a Server Core installation now, see our downloadable guide.
David B. Cross
Director of Program Management
Hi everyone. Good news: Active Directory Federation Services 2.0 (AD FS 2.0) has been finalized and is now available for download!
AD FS 2.0 is a role in Windows Server that simplifies access and single sign-on to both on-premises and cloud-based applications. Using “claims-based” identity technology, it helps enable secure business collaboration and productivity within the enterprise, across organizations, and on the Web. (We also released Forefront Protection 2010 for SharePoint today, and published some high-level recommendations around ensuring more secure collaboration.)
Some of the top scenarios AD FS 2.0 will support are:
1. Collaboration with Office documents and SharePoint across companies with single sign-on access.
2. Single sign-on access to hosted/cloud services, extended from on-premises Active Directory to Microsoft (or other) cloud services.
3. Implementation of access security and management policies to many different applications with varied security requirements.
Overall, AD FS 2.0 will help you streamline user access management with a simpler, unified approach and native single sign-on. It builds on AD and interoperates with other directories via WS* and SAML support, too.
And, because it provides a single user access model that can be applied again and again, AD FS 2.0 also helps provide better, more consistent application security. It puts access control decisions where they should be: In the hands of IT.
The AD FS 2.0 planning and deployment guide is here .
Joel Sider