Feature Comparison,, and Published: March 24 th, 2014
Contents Introduction... 3 General Features Overview... 4 2014 Microsoft Corporation. All rights reserved. This document is provided "as-is." Information and views expressed in this document, including URL and other Internet Web site references, may change without notice. You bear the risk of using it. Feature Comparison:,, and 2 2
Introduction This feature comparison guide compares the selected features of Microsoft, Microsoft, and Microsoft. The General Features Overview section compares a wider range of features across all three releases. The comparison table in this section includes comments in regard to each release, as well as notation about how well each feature is supported. The legend for this notation is given in the table below. Level of Feature Support Feature is supported Feature is only partially supported Feature is not supported Feature Comparison:,, and 3 3
General Features Overview This section compares the major features of,, and. Feature Comparison:,, and 4 4
Identity and Access DirectAccess Dynamic Access Control Unified server role that combines three networking services DirectAccess, routing, and remote access into one unified server role with remote access. 1 Single point of configuration and management for remote access server deployment with a new unified server role for DirectAccess, and Routing and Remote Access service (RRAS). Centralized control and auditing access to file servers with claims-based access and File Classification. 2 Ability to restrict access to sensitive files regardless of user actions through file security policy at the domain level, which is enforced across virtually all file servers in with File Classification, access control policies, and audit policies. Windows Store app network isolation Ability to set and enforce network boundaries to prevent compromised applications from accessing restricted networks. TEST Customizable firewall rules for Windows Store apps in addition to firewall rules that can be created for programs and services. 3 Windows PowerShell cmdlets for Windows Firewall Extensive cmdlets for configuring and managing Windows Firewall. Fully configurable and manageable Windows Firewall, Internet Protocol security (IPsec), and related features with a more powerful and scriptable Windows PowerShell. 3 Network Access Protection (NAP) A client health policy creation, enforcement, and remediation technology to help system administrators establish and automatically enforce health policies, which can include software requirements, security update requirements, and other settings. 4 Feature Comparison:,, and 5 5
Domain Name System Security Extensions (DNSSEC) Extensible Authentication Protocol (EAP) 802.1X Authenticated Wired Access Support for online signing and automated key management as part of the update process for DNSSEC support in the authoritative functions of Domain Name System (DNS) servers. 5 Architectural framework that provides extensibility for the authentication methods of commonly-used protected network access technologies, such as Institute of Electrical and Electronic Engineers (IEEE) 802.1X-based wireless access, IEEE 802.1Xbased wired access, and Point-to-Point Protocol (PPP) connections such as VPN. 6 IEEE 802.1X Authenticated Wired Service for IEEE 802.3 Ethernet network clients. EAP-Tunneled Transport Layer Security (EAP-TTLS) added to the list of network authentication methods included by default. 7 Enable users with non-domain joined computers and devices running Windows 8.1 and to bring their own devices to their organization and enjoy the advantages of password-based credential reuse. This means that users need to provide their credentials the first time they connect to their organization s network, and then they can connect to the resources they want to without being prompted repeatedly for their credentials because the credentials are stored on the local computer for reuse. For security reasons, when the user s computer or device disconnects from the network, the stored credentials are discarded. 8 Read-only domain controller (RODC) Domain controller that hosts read-only partitions of a database in Active Directory. Ability to deploy RODC via Windows PowerShell and to virtual machines. 9 Kerberos constrained delegation across domains Administrative permission needed only for the back-end service account. Back-end permitted to authorize which front-end service accounts can impersonate users against their resources. 10 Feature Comparison:,, and 6 6
Flexible Authentication Secure Tunneling (FAST) Access controls in Active Directory Lightweight Directory Services (AD LDS) Identity component updates Protected channel between domain-joined client and domain controller with FAST. 10 Authentication of users requesting access to the directory. Use of security descriptors, called access control lists (ACLs), on directory objects to determine which objects an authenticated user has access to. 11 identity components include: 12 Service Principal Name (SPN) and User Principal Name (UPN) uniqueness Winlogon Automatic Restart Sign-On (ARSO) Trusted Platform Module (TPM) Key Attestation Certification authority (CA) Backup and Restore Windows PowerShell cmdlets Command line process auditing Credential Protection and Domain Authentication Controls Directory Services Active Directory Domain Services (AD DS) Virtualized domain controller cloning Ability to create replicas of virtualized domain controllers through cloning of existing ones. Virtualization-safe technologies and rapid deployment of virtual domain controllers through cloning. 13 Feature Comparison:,, and 7 7
Virtualization supported Virtual domain controllers hosted on hypervisor platforms that expose an identifier called VM-Generation ID (hypervisor-agnostic mechanism). The identifier can detect and employ necessary safety measures to protect the sanctity of the AD DS environment if a virtual machine is rolled back in time by an unsupported mechanism (such as the application of a virtual machine snapshot). 13 Active Directory Domain Services claims in Active Directory Federation Services (AD FS) Ability to populate Security Assertion Markup Language (SAML) tokens with userand device-claims taken directly from the Kerberos ticket through AD FS (v2.1). 14 Off-premises domain join Domain-join computers over the Internet for domains enabled for Direct Access. 15 Fine-grained password policy Simplified management of password-setting objects (PSOs) through Active Directory Administrative Center. 15 Database mounting tool Improved recovery processes with the ability to compare data as it exists in the snapshots or backups that are taken at different times, enabling better decisionmaking about what data to restore after data loss. 16 Active Directory- Based Activation (AD BA) Simplified configuring of the distribution and management of volume software licenses, with the Volume Activation Services server role, Key Management Service (KMS), and activation based in Active Directory. 15 Feature Comparison:,, and 8 8
Windows PowerShell History Viewer Ability to view Windows PowerShell cmdlets as they run. Ability to display the equivalent Windows PowerShell cmdlets in the History Viewer of Windows PowerShell with Active Directory Administrative Center. 15 Active Directory Recycle Bin Active Directory Domain Services integration Domain and Forest Functional Levels Lightweight Directory Access Protocol (LDAP) query optimizer changes Active Directory Replication throughput improvement Recovery of accidentally deleted objects from backups of AD DS taken by Backup with Active Directory domains. 15 Active Directory object not physically removed from the database immediately. Ability to create cluster computer objects in targeted organizational units or by default in the same organizational unit as the cluster nodes. 17 Provides two new functional levels Forest Functional Level (FFL) and Domain Functional Level (DFL). DFL enables support for protected users, authentication policies, and authentication isolation. FFL and DFL levels are set by default on new domain and new forest creation but can be lowered using Windows PowerShell. 18 The LDAP query optimizer algorithm was reevaluated and further optimized. The result is the performance improvement in LDAP search efficiency and LDAP search time of complex queries. 18 For Active Directory replication, the remote procedure calls (RPC) transmit buffer has been increased to a maximum throughput of around 600 Mbps by changing the RPC send buffer size from 8 KB to 256 KB. This change allows the TCP window size to grow beyond 8 KB, reducing the number of network round trips. 18 Feature Comparison:,, and 9 9
Active Directory Lightweight Directory Services (AD LDS) Server Core installations for Active Directory Lightweight Directory Services Backup and restore for Active Directory Lightweight Directory Services Multiple directory service instances on a single server Role support for Server Core installations. 19 Ability to back up and restore databases to an existing AD LDS instance. 20 Ability to concurrently run multiple instances of AD LDS on a single computer with 21 22 an independently managed schema for each AD LDS instance. Active Directory Rights Management Services (AD RMS) Active Directory Rights Management Services as a server role Available as a server role with several new features not available in previous versions. 23 Persistent protection Protection of content on the go with AD RMS. Ability to specify who can open, modify, print, or manage content. Rights stay with content even when it is transferred outside the organization. Usage policy templates Ability to create a usage policy template and apply it to content, eliminating the need to recreate usage rights settings for comprehensive file protection. Feature Comparison:,, and 10 10
Software development kit for Active Directory Rights Management Services Self-enrollment of the Active Directory Rights Management Services cluster Integration with Active Directory Federation Services (AD FS) Windows PowerShell for deploying Active Directory Rights Management Services Enhancements in Active Directory Rights Management Services and SQL Server requirements Compatible with rights-enabled applications. Enrollment via local computer to help eliminate the need to connect to Microsoft Enrollment Service through a server self-enrollment certificate. 24 Integration of AD RMS and AD FS to enable the leveraging of existing federated relationships for collaboration with external partners. 2423 Support for more secure and flexible remote server deployment of AD RMS using 25 26 PowerShell. Improved support for remote deployment of AD RMS and Microsoft SQL Server. 2725 AD RMS installer account must have system administration permissions in the SQL Server installation. SQL Server Browser service must be running to locate available SQL instances. Feature Comparison:,, and 11 11
Active Directory Federation Services (AD FS) Single Sign-On (SSO) and seamless second factor authentication across company applications Web Application Proxy With Workplace Join, information workers can join their personal devices with their company to access company resources and services. 28 Provides seamless second factor authentication and SSO to workplace resources and applications. The Device Registration Service (DRS), included with the Active Directory Federation Role in, provisions a device object in Active Directory and sets a certificate on the consumer device to represent device identity. Provides the reverse proxy functionality for web applications inside the corporate network so that users on virtually any device can access them from outside the corporate network. Pre-authenticates access to web applications using AD FS, and also functions as an AD FS proxy. Multi-factor access control Access control in AD FS is implemented with authorization claim rules. Issues permit or deny claims that will determine whether or not a user or a group of users will be allowed to access resources secured with AD FS. Enhances user, device, location, and authentication data using a greater variety of authorization claim types or rules. Multi-factor authentication Integration with Microsoft Office SharePoint Server Requires users to provide more than one form of authentication when connecting to published applications and services. For example, using one-time passwords or smart cards. AD FS can be used to facilitate an out-of-the-box SSO solution for Microsoft SharePoint. 29 Feature Comparison:,, and 12 12
Integration with Active Directory Rights Management Services Integration with Dynamic Access Control scenarios AD FS can integrate with AD RMS to support the sharing of rights-protected content between organizations, helping eliminate the need for AD RMS to be deployed in both organizations. AD FS can be used with user and device claims that are issued using Active Directory Domain Services (AD DS) for various DAC scenarios. 14 Ability of AD FS to consume AD DS claims included in Kerberos tickets as a result of domain authentication. Improved installation experience with Server Manager Windows PowerShell cmdlet tools Installation of AD FS server role with Server Manager. 24 Automatic listing and installing of virtually all services that AD FS depends on during the AD FS server role installation with Server Manager and its configuration wizard when AD FS server role is installed. cmdlets for installing the AD FS server role and for initial configuration of the federation server and federation server proxy in addition to the management capabilities based in PowerShell that are provided in AD FS 2.0. 24 Active Directory Certificate Services (AD CS) Certification authorities (CAs) Management of CAs, certificate revocation, and certificate enrollment 30 ; root and subordinate CAs; and enterprise and stand-alone CAs. Web enrollment Enrollment mechanism for organizations that need to issue and renew certificates for users and computers that are not joined to the domain or not connected directly 31 32 to the network, and for users of non-microsoft operating systems. Feature Comparison:,, and 13 13
Microsoft Online Responder Service Ability to configure and manage Online Certificate Status Protocol (OCSP) validation and revocation checking in networks based on Microsoft Windows. 33 Network Device Enrollment Service (NDES) Microsoft implementation of the Simple Certificate Enrollment Protocol (SCEP), a communication protocol that makes it possible for the software running on network devices such as routers and switches, which cannot otherwise be authenticated on the network to enroll for X.509 certificates from a certification authority. 34 Certificate Enrollment Policy Web Service AD CS role service for obtaining certificate enrollment policy information for humans and computers. 35 Certificate Enrollment Web Service Integration with Server Manager Certificate enrollment with HTTPS protocol for users and computers. 35 Integration of AD CS server role and its role services into Server Manager. 36 Deployment and management capabilities of Windows PowerShell Active Directory Certificate Services role services on Server Core Ability to configure or remove configurations for virtually all AD CS role services with the AD CS Deployment PowerShell cmdlets. 37 Ability to install and run virtually all AD CS role services on Server Core installations of or the Minimal Server Interface installation options. 36 Feature Comparison:,, and 14 14
Automatic renewal of certificates for non-domain joined computers Enforcement of certificate renewal with same key Builds on Certificate Enrollment Web Services by adding the ability to automatically renew certificates for computers that are part of untrusted Active Directory Domain Services (AD DS) domains or not joined to a domain. 36 Increased security with AD CS that requires certificate renewal with the same key, enabling the same assurance level of the original key to be maintained throughout its life cycle. 36 Support for internationalized domain names (IDNs) Increased security with default on certification authorities role service Policy module support for the Network Device Enrollment Service Trusted Platform Module (TPM) key attestation Windows PowerShell for Certificate Services Support for IDNs that contain characters that cannot be represented in ASCII with AD CS. 36 Enforcement of enhanced security by CA role service in the requests sent to it. Encryption required for packets requesting a certificate. 36 Using a policy module with the Network Device Enrollment Service provides enhanced security so that users and devices can request certificates from the Internet. 38 Allows the CA to verify that the private key is protected by a hardware-based TPM. 38 Windows PowerShell cmdlets are available for backup and restore. 38 Feature Comparison:,, and 15 15
Virtualization and Virtual Desktop Infrastructure (VDI) Shared virtual hard disk Enables clustering of virtual machines by using shared virtual hard disk (VHDX) files. 39 Ability to host on Cluster Shared Volume (CSV) or on Server Message Block (SMB)- based Scale-Out File Server file shares. Resize virtual hard disk Ability to expand or shrink the size of a virtual hard disk while the virtual machine is still running. 39 Ability to perform maintenance on the virtual hard disk without temporarily shutting down the virtual machine. Only available for VHDX files that are attached to a SCSI controller. Storage Quality of Service Ability to manage storage throughput for virtual hard disks that are accessed by virtual machines. 39 Ability to specify the maximum and minimum I/O loads in terms of I/O operations per second (IOPS) for each virtual hard disk in a virtual machine. Ability to ensure that the storage throughput of one virtual hard disk does not impact the performance of another virtual hard disk on the same host. Hyper-V Live Migration over SMB Ability to perform a live migration of virtual machines by using SMB 3.0 as a transport. This enables taking advantage of key SMB features, such as SMB Direct and SMB Multichannel, by providing high speed migration with low CPU utilization. 46 Live Migration with compression Ability to first compress the memory content of the virtual machine that is being migrated and then copy it to the destination server over a TCP/IP connection. This is the default setting in Hyper-V in. Feature Comparison:,, and 16 16
Live Migration Remote Direct Memory Access (RDMA) Ability to perform faster live migration between Hyper-V hosts by establishing an efficient memory-to-memory transfer of data using RDMA. Server Message Block Direct (SMB Direct) over RDMA is a technology that, given the hardware (NICs) supporting it, can establish an efficient memory-to-memory transfer of data. In, the main advantage of this approach was faster file services but in, it is used to send live migration data between the Hyper-V hosts. Cross-version live migration Virtual machine generation Ability to support migrating Hyper-V virtual machines in to Hyper-V in. 39 Moving a virtual machine to a down-level server running Hyper-V is not supported. Ability to determine the virtual hardware and functionality that is presented to the virtual machine. Two supported virtual machine generations include: 39 Generation 1: Provides the same virtual hardware to the virtual machine as in the previous versions of Hyper-V. Generation 2: Provides the following new functionality on a virtual machine: Secure Boot (enabled by default) Boot from a SCSI virtual hard disk Boot from a SCSI virtual DVD Pre-Boot Execution Environment (PXE) boot by using a standard network adapter Unified Extensible Firmware Interface (UEFI) firmware support Feature Comparison:,, and 17 17
Integration services Ability to copy files to the virtual machine while the virtual machine is running without using a network connection. 39 Export Ability to export a virtual machine or a virtual machine checkpoint while the virtual machine is running without any downtime. 39 Failover Clustering and Hyper-V Helps protect the virtual network adapter and virtual machine storage. 39 Ability to detect physical storage failures on storage devices that are not managed by Windows Failover Clustering (SMB 3.0 file shares). Enhanced session mode Ability to redirect local resources in a Virtual Machine Connection session. 39 Enhances the interactive session experience by providing a functionality that is similar to a remote desktop connection while interacting with a virtual machine. Management Ability to manage Hyper-V in from a computer running or Windows 8.1. 39 Linux support Enables backup support for Linux virtual machine. 39 Enables dynamic memory support for Linux guest operating systems. Feature Comparison:,, and 18 18
Automatic Virtual Machine Activation Ability to install virtual machines on a computer where is properly activated without having to manage product keys for each individual virtual machine, even in disconnected environments. 39 Ability to bind the virtual machine activation to the licensed virtualization server and activate the virtual machine when it starts. Enables real-time reporting on usage and historical data on the license state of the virtual machine. Shared virtual hard disk (for guest clusters) Ability to use.vhdx files as shared storage in a guest cluster. 40 Virtual machine drain on shutdown Enables a Hyper-V host to automatically live migrate running virtual machines if the computer is shut down. 40 Virtual machine network health detection Enables a Hyper-V host to automatically live migrate virtual machines if a network disconnection occurs on a protected virtual network. 40 Optimized CSV placement policies Ability to distribute CSV ownership evenly across the failover cluster nodes. 40 Increased CSV resiliency Enables multiple Server service instances per cluster node. 40 Enables CSV monitoring of the Server service that provides greater resiliency. CSV cache allocation Ability to increase the amount of RAM that can be allocated as CSV cache. 40 Feature Comparison:,, and 19 19
CSV diagnosibility Ability to view the state of a CSV on a per node basis and the reason for I/O redirection. 40 Enables optimizing cluster configuration by easily determining the state of a CSV. CSV interoperability Adds CSV support for the following features: 40 Resilient File System (ReFS) Deduplication Parity storage spaces Tiered storage spaces Storage Spaces write-back caching Deploy an Active Directorydetached cluster Ability to deploy a failover cluster with less dependency on Active Directory Domain Services. 40 Uses Kerberos authentication for intra-cluster communication. Dynamic witness Quorum user interface improvements Force quorum resiliency Dynamically adjusts the witness vote based on the number of voting nodes in the current cluster membership. 40 Ability to easily view the assigned quorum vote and the current quorum vote for each node in Failover Cluster Manager. 40 Enables automatic recovery in the case of a partitioned failover cluster. 40 Feature Comparison:,, and 20 20
Tie breaker for 50% node split Configure the Global Update Manager mode Cluster node health detection Turn off IPsec encryption for inter-node cluster communication Cluster dashboard Enables one side of a cluster to continue to run in the case of a cluster split where neither side would normally have quorum. 40 Helps the cluster to continue to function if there is a delay with one or more nodes. 40 Increases the resiliency to temporary network failures for virtual machines that are running on a Hyper-V cluster. 40 Helps prevent a cluster from being affected by the high latency Group Policy updates. 40 Ability to turn off Internet Protocol security (IPsec) encryption for inter-node cluster communication such as the cluster heartbeat. Provides a convenient way to check the health of all managed failover clusters in Failover Cluster Manager. 40 Shared-nothing live migration Ability to migrate virtual machines among Hyper-V hosts on different clusters or servers with no storage sharing using Ethernet connection only with virtually no downtime. 41 Feature Comparison:,, and 21 21
Live storage migration Ability to move virtual hard disks that are attached to a running virtual machine 42. Ability to transfer virtual hard disks to a new location for upgrading or migrating storage, performing back-end storage maintenance, or redistributing the storage load. Ability to add storage to either a stand-alone computer or to a Hyper-V cluster, and then move virtual machines to the new storage while the virtual machines continue to run. A new wizard in Hyper-V Manager or new Hyper-V cmdlets for Windows PowerShell can be used to perform this task. Live Snapshot Merging Ability to merge snapshots back into the virtual machine while it continues to run Hyper-V Live Merge. 42 Non-Uniform Memory Access (NUMA) support NUMA support inside virtual machines. 42 Ability to project NUMA topology onto virtual machines, guest operating systems, and applications that can make intelligent NUMA decisions. Dynamic Memory Runtime Configuration Ability to make configuration changes to dynamic memory (increasing maximum memory or decreasing minimum memory) when a virtual machine is running. 43 Reduces downtime and increases agility to respond to requirement changes. Feature Comparison:,, and 22 22
VHDX Support for VHDX file format with Hyper-V. 42 VHDX support for up to 64 terabytes of storage. Protection from corruption due to power failures by logging updates to the VHDX metadata structures. Prevention of performance degradation on large-sector physical disks through optimizing structure alignment. Hyper-V Resource Metering Tracks and reports amount of data transferred per IP address or virtual machine. 42 Allows customers to create cost-effective and usage-based billing solutions. Virtual Fibre Channel Fibre Channel ports within the guest operating system. 42 Ability to connect to Fibre Channel directly from within virtual machines. Hyper-V Replica Ability to replicate virtual machines among storage systems, clusters, and datacenters between two sites to provide business continuity and failure recovery. Ability to configure extended replication in. In this case, the Replica server forwards information about the changes that occur on the primary virtual machines to a third server (the extended Replica server). The frequency of replication, which previously was a fixed value, is now configurable for 30 seconds, 5 minutes, and 15 minutes. Access to recovery points in has changed from 15 hours to 24 hours. 44 Simultaneous live migrations Ability to migrate several virtual machines with support for simultaneous live migrations at the same time. 42 Live migrations not limited to a cluster. Virtual machines can be migrated across cluster boundaries and between standalone servers that are not part of a cluster. Feature Comparison:,, and 23 23
Hyper-V host and workload support Ability to configure up to 320 logical processors on hardware, 4 terabytes of physical memory, 64 virtual processors, and up to 1 terabyte of memory on a virtual machine. 42 Support for up to 64 nodes and 8,000 virtual machines in a cluster. Dynamic memory, startup memory, and minimum memory Hyper-V can reclaim the unused memory from virtual machines with a minimum memory value lower than their startup value. 42 Hyper-V Smart Paging Bridges the gap between the minimum and startup memory if a virtual machine is configured with a lower minimum memory than its startup memory (Hyper-V needs additional memory to restart it.). 42 Quality of Service (QoS) minimum bandwidth Hyper-V uses minimum bandwidth to assign specific bandwidth for each type of traffic and to ensure fair sharing during congestion. 42 Incremental backup Hyper-V supports incremental backup (backing up only the differences) of virtual hard disks while the virtual machine is running. provides support for full backups only. 42 Clustering support for guest clustering via Fibre Channel, new live migration enhancements, massive scale, encrypted cluster volumes, CSV 2.0 CSV, Hyper-V application monitoring, virtual machine failover prioritization, inbox live migration queuing, affinity (and anti-affinity) virtual machine rules, and File Server transparent failover. 42 Feature Comparison:,, and 24 24
Application monitoring Ability to monitor health of key services provided by virtual machines. Higher availability for workloads not supporting clustering with automatic correction (like restarting a virtual machine or moving it to a different server). 42 Storage Work Folders Provides a consistent way for users to access their work files from their PCs and devices. Ability to maintain control over corporate data by storing files on centrally managed file servers, and optionally specifying user device policies such as encryption and lock-screen passwords. Ability to deploy Work Folders with the existing deployments of Folder Redirection, Offline Files, and home folders. Work Folders stores user files in a folder on the server called a sync share. 45 Automatic rebalancing of Scale-Out File Server clients Improves scalability and manageability for Scale-Out File Servers. Server message block (SMB) client connections are tracked per file share (instead of per server), and clients are then redirected to the cluster node with the best access to the volume used by the file share. This improves efficiency by reducing redirection traffic between file server nodes. Clients are redirected following an initial connection and when cluster storage is reconfigured. 46 Improved performance of SMB Direct (SMB over RDMA) Improves performance for small I/O workloads by increasing efficiency when hosting workloads with small I/Os, such as an online transaction processing (OLTP) database in a virtual machine. These improvements are evident when using higher speed network interfaces, such as 40 Gbps Ethernet and 56 Gbps InfiniBand. 46 Feature Comparison:,, and 25 25
Improved SMB event messages Improved SMB bandwidth management Support for multiple SMB instances on a Scale-Out File Server SMB events now contain more detailed and helpful information. This makes troubleshooting easier and reduces the need to capture network traces or enable more detailed diagnostic event logging. By default, the most relevant event channels are turned on, so as to instantly capture all of the essential information. In addition, some events now include details on configuration and troubleshooting solutions. 46 Ability to configure SMB bandwidth limits to control different SMB traffic types. There are three SMB traffic types: default, live migration, and virtual machine. 46 Provides an additional instance on each cluster node in Scale-Out File Servers specifically for Clustered Shared Volume (CSV) traffic. A default instance can handle incoming traffic from SMB clients that are accessing regular file shares, while another instance only handles inter-node CSV traffic. This feature improves the scalability and reliability of the traffic between CSV nodes. 46 Storage Spaces Ability to leverage commodity storage into virtual storage pools, which can then be provisioned as Storage Spaces. Virtualized drives that can be formatted and accessed just like a physical drive, which can also be dynamically resized with the addition of more physical drives to the storage pool. 47 features in Storage Spaces include storage tiers, write-back cache, parity space support for failover clusters, dual parity, and the ability to automatically rebuild storage spaces from storage pool free space. Storage tiers Automatically moves frequently accessed data to faster (solid-state drive) storage and infrequently accessed data to slower (hard disk) storage. 48 Feature Comparison:,, and 26 26
Write-back cache Parity space support for failover clusters Buffers small random writes to solid-state drives, reducing the latency of writes. 48 Ability to create parity spaces on failover clusters. 48 Dual parity Stores two copies of the parity information on a parity space, which helps protect against two simultaneous physical disk failures and optimizes storage efficiency. 48 Automatically rebuild storage spaces from storage pool free space Resilient File System (ReFS) Decreases the time to rebuild a storage space after a physical disk failure by using the spare capacity in the pool instead of a single hot spare. 48 Maximizes data availability and online operations despite errors that would historically cause data loss or downtime. In, ReFS 49 automatically corrects the corruption on parity spaces. When corruption of ReFS metadata occurs, subfolders and their associated files are automatically recovered. ReFS is now available to use on Windows 8.1. ReFS includes a new registry entry, RefsDisableLastAccessUpdate, which is the equivalent of the previous NtfsDisableLastAccessUpdate registry entry. storage cmdlets, Get-FileIntegrity and Set-FileIntegrity, are available to manage integrity and disk scrubbing policies. Feature Comparison:,, and 27 27
Data deduplication Involves finding and removing duplication within data without compromising its fidelity or integrity. The goal is to store more data in less space by segmenting files into small variable-sized chunks (32 128 KB), identifying duplicate chunks, and maintaining a single copy of each chunk. In, data deduplication can be installed on a scale-out file share and used to optimize live virtual hard disks for Virtual Desktop Infrastructure (VDI) workloads. 50 Use the new Expand-DedupFile cmdlet in Windows PowerShell to expand optimized files on a specified path on the original path if needed for compatibility with applications, performance, or other requirements. Distributed File System (DFS) Replication A role service in the File and Storage Services role that enables efficient replication of folders (including those referred to by a DFS namespace path) across multiple servers and sites. Uses a compression algorithm known as remote differential compression (RDC). RDC detects changes to the data in a file and enables DFS Replication to replicate only the changed file blocks instead of the entire file. DFS includes many new functionalities: 51 DFS Replication using Windows PowerShell module and methods based on Windows Management Infrastructure (WMI) Database cloning for initial sync Rebuilding of corrupt databases Disabling of cross-file RDC between servers File staging tuning and preserved file restoration DFS Replication also includes updated functionalities such as unexpected shutdown database recovery improvements, and membership disabling. Feature Comparison:,, and 28 28
iscsi virtual disk enhancements Includes a redesigned data persistence layer that is based on a new version of the virtual hard disk format called VHDX (VHD 2.0). 52 Provides data corruption protection during power failures and optimizes structural alignments of dynamic and differencing disks to prevent performance degradation on new, large-sector physical disks. iscsi manageability enhancements Uses the SMI-S provider in with System Center Virtual Machine Manager (VMM) to manage iscsi Target Server in a hosted or private cloud. 52 The new Windows PowerShell cmdlets for iscsi Target Server enable the exporting and importing of configuration files, and provide the ability to disable remote management when iscsi Target Server is deployed in a dedicated Windows-based appliance scenario (for example, Windows Storage Server). iscsi improved optimization to allow disk-level caching iscsi scalability limits iscsi local mount functionality Ability to set the disk cache bypass flag on a hosting disk I/O, through Force Unit Access (FUA), only when the issuing initiator explicitly requests it. This change can potentially improve performance. 52 Increases the maximum number of sessions per target server to 544, and increases the maximum number of logical units per target server to 256. 52 Deprecates the local mount functionality for snapshots. As a workaround, it enables use of the local iscsi initiator on the target server computer (this is also called the loopback initiator) to access the exported snapshots. 52 Feature Comparison:,, and 29 29
Other File System improvements: thin provisioning, trim, and Chkdsk Clustered Share Volume Thin Provisioning: Offers just-in-time allocations (also known as thin provisioning). Identification of thinly provisioned virtual disks. 53 Trim: Ability to reclaim storage that is no longer needed (also known as trim). Chkdsk: Ability to run in seconds to fix corrupted data. No offline time when used with CSV. Disk scanning process separated from repair process. Online scanning with volumes and offline repairs. 54 Storage system for scale-out file servers, which can provide optimized availability and scalable file-based (such as SMB) server application storage. In, a disk or storage space for a CSV volume must be a basic disk that is partitioned with NTFS or ReFS. Offers distributed CSV ownership, increased resiliency through availability of the Server service, greater flexibility in the amount of physical memory that you can allocate to CSV cache, better diagnosibility, and enhanced interoperability that includes support for ReFS and deduplication. 55 SMB Direct (RDMA) and SMB Multichannel Load balanced failover connections to remote file servers that not only fail over when connections are lost, but also evaluate the condition of available connections to route traffic away from congested links. Support for network adapters that have Remote Direct Memory Access (RDMA) and can function at full speed with low latency, while using very little CPU. 56 Offloaded Data Transfer (ODX) Used with offload-capable SAN storage hardware to enable a storage device to perform a file copy operation without the main processor of the host actually reading the content from one storage place and writing it to another. 57 SMB for workloads Ability of remote file server shares to be used as storage for workloads such as Hyper-V and SQL Server. 56 Feature Comparison:,, and 30 30
Network File System (NFS) support File-sharing solution for enterprises with a mixed Windows and UNIX environment. Ability to reliably store and run VMware ESX virtual infrastructures with file system support on, while using the advanced high availability of Windows. 58 Management (Server Manager and PowerShell) Single point of access to management snap-ins for virtually all the installed roles. Snap-in for managing Storage Spaces along with storage that can be managed through PowerShell. Web and App Plat Internet Information Services (IIS) enhancements Multitenant high-density websites Hosting-friendly web server platform with FTP Logon Attempt Restriction and improved site density, centralized SSL certificate support, and server name indication. Increased Internet Information Services (IIS) scalability with SSL scalability, centralized SSL certificate support, and NUMA-aware scalability. Server Name Indicator (SNI) Binding a more secure site required a unique network endpoint using an IP address and a port in the previous versions of, which often meant having a dedicated IP address for each secure site because site owners wanted their secure sites to be running on a standard SSL port. Support for increased density of secure sites for greater scalability of sites. Feature Comparison:,, and 31 31
Centralized SSL certificate management Central storage of SSL certificates on a file share to simplify certificate management and lower the total cost of ownership. Rapid addition of servers to the web farm to help eliminate the need to individually configure SSL. NUMA-aware scalability Ability to scale up web servers beyond 32 processors and use next-generation hardware. IIS CPU Throttling Ability to set maximum CPU consumption for individual IIS 8.0 application pools, helping every application get ample processor time. Ability to create sandbox for each tenant and ensure that no single tenant consumes virtually all of a web server s processing power. FTP Service FTP publishing on a web server. FTP Logon Attempt Restrictions Protection against brute force attacks with automatic detection of attacks inprogress and blocking of future requests from the same address. Ability to modify the number of times FTP will allow users to attempt unsuccessfully to log in within a specified time period before denying access to the IP address. Feature Comparison:,, and 32 32
Application initialization Ability to proactively start ASP.NET applications with IIS 8.0. Applications available virtually all of the time. Initialization of ASP.NET applications before users need it. Returns static pages to users instead of making users wait on a blank browser page. Dynamic IP restrictions Dynamic filters to automatically block potentially harmful IP addresses with IIS 8.0. WebSocket Protocol Encrypted, real-time, bidirectional communications between client and server. ASP.NET Support (2.0, 3.0, 3.5, and 4.5) Multiple ASP.NET applications with different.net Framework versions to run simultaneously with with IIS 8.0. ASP.NET 3.5 and 4.5 Application Management Multiple language support Graphical and command-line management tools to manage both ASP.NET 3.5 and ASP.NET 4.5 applications with IIS 8.0 in. Support for programming languages, such as.net, PHP, Node.js, and Python. Enhanced support for PHP and MySQL through IIS extensions. ASP.NET 4.5 integration and support for latest HTML5 standards. Hybrid applications platform (on-premises and cloud) Cross-premises application platform Integration of applications between on-premises environments and the cloud (including Windows Azure). Feature Comparison:,, and 33 33
Application and programming symmetry Common development platform and tools Applicationlayer connectivity and messaging Shared development model with and Windows Azure. Common development environment for.net developers to build cloud and onpremises applications. Access to on-premises applications through a cloud-based application. Networking Windows Server Gateway A virtual machine-based software router that allows cloud service providers (CSPs) and enterprises to enable datacenter and cloud network traffic routing between virtual and physical networks, including the Internet. 59 Routes network traffic between the physical network and virtual machine network resources, regardless of where the resources are located. Virtual Receive-side scaling Enables network adapter to distribute its network processing load across multiple virtual processors in multicore virtual machines. 60 Feature Comparison:,, and 34 34
Multitenant site-to-site VPN gateway Enables hosters to deploy multitenant site-to-site gateways to provide crosspremises connectivity from networks at tenant sites to virtual networks dedicated per tenant in the hoster s network. 61 A single gateway instance is capable of serving multiple tenants with overlapping IP address spaces, maximizing efficiency for the hoster as compared to deploying a separate gateway instance per tenant. Multitenant Remote Access VPN Gateway Enables hosters to allow transparent VPN access to virtual machines replicated in the cloud even after a failure when the entire site of the tenant goes down. 61 Border Gateway Protocol (BGP) Role-based access control Virtual address space management Enables dynamic distribution and learning of routes by site-to-site (S2S) interfaces of Routing and Remote Access (RRAS). 61 Ability to customize the types of operations and access permissions for users and groups of users on specific objects. 62 IP Address Management (IPAM) streamlines the management of physical and virtual IP address space in System Center Virtual Machine Manager. 62 Enhanced Dynamic Host Configuration Protocol (DHCP) server management DHCP server management with IPAM is greatly enhanced in R2, including multiple new operations for DHCP scope and DHCP servers, and views for the following objects: 62 DHCP failover, DHCP policies, DHCP superscopes, DHCP filters, and DHCP reservations. Feature Comparison:,, and 35 35
External database support In addition to Windows Internal Database (WID), IPAM also optionally supports the use of a Microsoft SQL database that enables additional scalability, disaster recovery, and reporting scenarios. 62 Upgrade and migration support Enhanced Windows PowerShell support for IPAM Hyper-V Virtual Switch Extended Port Access Control Lists (ACLs) If IPAM is installed on, then data can be maintained and migrated when one needs to upgrade to. 62 Windows PowerShell support for IPAM is greatly enhanced to provide extensibility, integration, and automation support. 62 Allows enterprises and CSPs to configure the Hyper-V Virtual Switch Extended Port ACLs to provide firewall protection and enforce security policies for the tenant virtual machines in their datacenters. 63 ACLs now include the socket port number. Ability to configure stateful rules that are unidirectional and provide a timeout parameter. Dynamic Load Balancing of Network Traffic Ability to continuously and automatically move traffic streams from network adapter to network adapter within the NIC team to share the traffic load as equitably as possible. 63 Feature Comparison:,, and 36 36
Hyper-V Network Virtualization (HNV) coexists with thirdparty forwarding extensions for the Hyper-V Virtual Switch Ability to forward packets for either the virtual machine customer address space or the physical address space because switch extensions now coexist seamlessly with Network Virtualization, which uses Network Virtualization Generic Routing Encapsulation (NVGRE). Ability to perform hybrid forwarding where the network traffic, which is NVGRE encapsulated, is forwarded by the HNV module within the switch, while all non- NVGRE network traffic is forwarded by the third-party forwarding extensions that the user has installed. 63 Traffic bottlenecks to virtual machines are reduced with vrss Network tracing is streamlined and provides more detail Virtual RSS (vrss) is supported on the virtual machine network path that allows virtual machines to sustain a greater networking traffic load by distributing the processing across multiple cores on the host and multiple cores on the virtual machine. 63 Network traces contains switch and port configuration information that tracks packets through the Hyper-V Virtual Switch, and any forwarding extensions the user has installed are easier to use and read. 63 Inbox HNV Gateway A multitenant gateway that performs site-to-site (VPN), NAT, and forwarding functions. 64 System Center Virtual Machine Manager can be used to fully manage the HNV gateway. Supports guest clustering for high availability. Includes BGP for dynamic routes update. Feature Comparison:,, and 37 37
HNV interoperability with Hyper-V Virtual Switch Extensions The HNV module was moved inside the virtual switch so that extensions can see both the provider (physical address) and virtual (customer address) IP address spaces. 64 Implements hybrid forwarding. HNV VM Network Diagnostics Enhanced ping.exe (ping p) to allow pinging to and from provider addresses. 64 Two new Windows PowerShell cmdlets (Test-VMNetworkAdapter and Select- NetVirtualizationNextHop) that enable diagnostics of HNV policy and the Customer Address space. Added the ability for Message Analyzer to decode NVGRE packets. HNV Architecture Improved interoperability with switch extensions. 64 The HNV filter moved from being an NDIS lightweight filter (LWF) to being part of the Hyper-V virtual switch. Dynamic IP Address Learning Enables high availability scenarios for both virtual machines on a virtual machine network and the HNV gateway. 64 Ability to run DHCP, DNS, and Active Directory in virtual machine networks. HNV and Windows NIC Teaming Integrates HNV and Windows NIC Teaming to allow multiple network adapters to be placed into a team for the purposes of bandwidth aggregation and/or traffic failover to maintain connectivity in the event of a network component failure. 64 NVGRE Encapsulated Task Offload Ability to offload tasks to a network adapter that has the appropriate task offload capabilities. 64 Feature Comparison:,, and 38 38
Enhanced zone level statistics Zone level statistics are available for different resource record types, zone transfers, and dynamic updates. 65 Enhanced DNSSEC support DNSSSEC key management and support for signed file-backed zones is improved. 65 Enhanced Windows PowerShell support for DNS DNS registration enhancements DNS PTR registration options Windows PowerShell for DHCP server Windows PowerShell parameters are available for DNS Server. 65 Ability to use DHCP policies to configure conditions based on the fully qualified domain name (FQDN) of DHCP clients, and to register workgroup computers using a guest DNS suffix. 66 Enables DNS registration of address (A) and pointer (PTR) records, or just enables registration of A records. 66 Windows PowerShell cmdlets are available to perform tasks such as creating DHCP security groups, setting DNS credentials, managing superscopes, and managing multicast scopes. 66 DHCP server failover Ability to deploy two DHCP servers for the high availability of DHCP services to clients, including replicating lease information between them. DHCP servers can be deployed in a non-clustered failover configuration that includes multi-subnet support. 67 Feature Comparison:,, and 39 39
Dynamic Virtual Machine Queue (VMQ) Enables a host s network adapter to pass Direct Memory Access (DMA) packets directly into individual virtual machine memory stacks. VMQ assigned to each virtual machine device buffer to avoid needless packet copies and route lookups in the virtual switch. 68 Quality of Service (QoS) QoS for Hyper-V and other enhancements. Hyper-V uses the minimum bandwidth to assign specific bandwidth for each type of traffic and to help ensure fair sharing during congestion. Support for hardware compatible with Data Center Bridging (DCB), which makes it possible to use a single ultra-high bandwidth NIC, and provides QoS and isolation services to support multitenant workloads expected on private cloud deployments. 69 BranchCache Improved performance, availability, and scalability. features include: Support for offices of nearly any size Single Group Policy object (GPO) object for nearly all offices Automatic configuration of client computers through Group Policy Integration with Windows file server Use of highly optimized file chunking system for intelligent splitting of files so that users can download only the changed part of the content Cache encryption Cache preloading PowerShell support Group Policies 70 Feature Comparison:,, and 40 40
Internet Protocol version 6 (IPv6) Improved management of IPv6 addresses, better connectivity to Internet using IPv6 addresses, and NAT64/DNS64 protocol translation for DirectAccess clients. 71 Low latency workload technologies capabilities and features for managing latency, such as NIC Teaming. 72 Network Load Balancing Distributes traffic across several servers by using the TCP/IP networking protocol. Additional features for failover clustering in comparison to, including support for scale-out file servers, CAU, virtual machine application monitoring, and iscsi Software Target integration. 73 Multitenant security and isolation Private virtual local area network (PVLAN) Fully isolated network layer of the datacenter with server virtualization through programmatically managed and extensible capabilities that help users connect virtual machines to physical networks with policy enforcement for enhanced security and isolation. 74 Ability to isolate virtual machines from each other for example, virtual machines cannot contact other virtual machines over the network while still maintaining external network connectivity for nearly all virtual machines. Feature Comparison:,, and 41 41
Management and Automation Graphic User Interface as Server Role Ability to deploy the GUI as a role in using PowerShell 3.0. Enables servers to easily remove the full GUI and more to either Server Core or Minimal Installation Shell (PowerShell, Server Manager, and MMC support). Servers can move among Server Core, Minimal Installation Shell, and full GUI using PowerShell commands when required. Server Manager Single point of access to manage snap-ins for virtually all installed roles. Ability to manage a server's identity and system information, display server status, identify problems with server role configuration, and manage virtually all roles installed on the server. Multi-server management Management of multiple servers via roles, services, or customized management groups. Single view for administrators to view events, roles, services, and other important information for virtually all managed servers. 75 Role and feature deployment to remote servers and offline hard disks The Server Manager console and Windows PowerShell cmdlets for Server Manager allow the installation of roles and features to local or remote servers, or offline virtual hard disks. Ability to install multiple roles and features on a single remote server or offline VHD in a single Add Roles and Features Wizard or Windows PowerShell session. Feature Comparison:,, and 42 42
Integrated console Integrated console for IT departments to manage multiple server platforms whether physical or virtual more effectively, helping lower IT operational costs (such as file storage management, Remote Desktop Services, and IP address management). Windows PowerShell 4.0 Windows PowerShell 4.0 includes several significant features that extend its use, improve its usability, and enable easier and more comprehensive control and management of Windows-based environments. Windows PowerShell Desired State Configuration (DSC) enables the deployment and management of configuration data for software services and the environment in which these services run. Windows PowerShell 4.0 features include: Backward-compatible Includes simplified, consistent syntax across all cmdlets Simplified scripting through Windows PowerShell ISE Comprehensive management with more than 3000 cmdlets in over 100 modules Windows PowerShell Disconnected Sessions Ability to create a session on a remote computer, start a command or job, disconnect from the session, shut down a computer, and then reconnect to the session from a different computer later to check job status or get results. 76 Feature Comparison:,, and 43 43
Windows PowerShell Workflow Support has been added for a new PipelineVariable common parameter in the context of iterative pipelines. 76 Parameter binding has been significantly enhanced to work outside of tab completion scenarios, such as with commands that do not exist in the current runspace. Support for custom container activities has been added to Windows PowerShell Workflow. After a crash, Windows PowerShell Workflow automatically reconnects to managed nodes. Ability to throttle Foreach -Parallel activity statements by using the ThrottleLimit property. The ErrorAction common parameter has a new valid value, Suspend, which is exclusively for workflows. A workflow endpoint now automatically closes if there are no active sessions, no inprogress jobs, and no pending jobs. Windows PowerShell Web Access Ability to disconnect from and reconnect to existing sessions in the web-based Windows PowerShell Web Access console. 76 Default parameters can be displayed on the sign-in page. Ability to remotely manage authorization rules for Windows PowerShell Web Access. Ability to have multiple Windows PowerShell Web Access sessions in a single browser session by using a new browser tab for each session. Windows PowerShell Web Services (Management OData IIS Extension) Easily exposes Windows PowerShell cmdlets through an OData-based web service that is running in Web Server (IIS). 76 Ability to define the API version in an endpoint, as well as enforce the usage of a specific API version. Feature Comparison:,, and 44 44
Windows PowerShell Integrated Scripting Environment (ISE) Windows PowerShell Script Sharing Windows PowerShell Scheduled Jobs Windows PowerShell Syntax Simplification Windows PowerShell cmdlet discovery and module auto loading Supports both Windows PowerShell Workflow debugging and remote script debugging. 76 IntelliSense support has been added for Windows PowerShell Desired State Configuration providers and configurations. Access to a community-generated library of PowerShell code snippets called Integrated Script Snippets within PowerShell ISE for IT pros with PowerShell 3.0. Enables administrators to schedule run jobs via Windows Task Scheduler. Simplified, consistent syntax across virtually all cmdlets with PowerShell 3.0. Support for intuitive command structure more closely modeled on natural language. Get-Command cmdlet gets nearly all cmdlets and functions from virtually all modules installed on a computer, even if the module is not imported into the current session. Cmdlets ready for immediate use to help eliminate the need to import modules. Windows PowerShell modules are imported automatically when any cmdlet in the module is used; no longer need to search for the module and import it to use its cmdlets. Device Management and Installation (DMI) Central management and configuration of hardware and device driver configurations for computers on networks. Feature Comparison:,, and 45 45
Initial Configuration Tasks Helps administrators to configure a server and shorten the amount of time between operating system installation and deployment of the server in an enterprise. Best Practices Analyzer (BPA) for Server Role Core set of guidance to configure roles and features for, including configuration, management, and security. BPA now fully integrated into Server Manager. 77 Group Policy Ability to specify managed configurations for users and computers through Group Policy settings and Group Policy preferences. 78 Remote Group Policy Update Ability to schedule remote Group Policy updates (gpupdate.exe) for one or many computers. Windows Azure Online Backup (cloud-based backup service) Offsite protection against data loss from failure with a cloud-based backup solution, which allows files and folders to be backed up and recovered from the cloud. 79 Group Policy Infrastructure Status Ability to display the status of Active Directory and SYSVOL replication as it relates to Group Policy. Feature Comparison:,, and 46 46
Server Roles Active Directory Certificate Services (AD CS) Provides customizable services for issuing and managing public key infrastructure (PKI) certificates used in software security systems that employ public key technologies. functionalities in AD CS for include the following: Policy Module support for the Network Device Enrollment Service: Provides enhanced security to users and devices for requesting certificates from the Internet. TPM key attestation: Enables the certification authority (CA) to verify that the private key is protected by a hardware-based TPM. Windows PowerShell for Certificate Services: Windows PowerShell cmdlets are available for backup and restore. Active Directory Domain Services (AD DS) Enhancements in include: Virtualized domain controller cloning Virtualization-safe technology AD DS integration with Server Manager Relative ID (RID) improvements Deferred index creation Off-premises domain join Recycle Bin UI DAC AD DS claims in Active Directory Federation Services (AD FS) History Viewer in PowerShell Fine-grained password policy UI AD Replication and Topology Windows PowerShell cmdlets Active Directory-Based Activation (AD BA) Kerberos enhancements Group Managed Service Accounts (gmsa) 80 Feature Comparison:,, and 47 47
Active Directory Federation Services Enables users to access resources on their personal devices from virtually anywhere using Workplace Join. Enhanced access control risk management tools include flexible controls and policies, AD FS Extranet Lockout, and access revocation. Simplified deployment experience. Enhanced sign-in with AD FS experience. Enable developers to build modern applications. Other improvements include reduction of SSO cookie size with dynamic group SID hydration, access to claims that are encoded within user certificates when using certificate authentication, easier troubleshooting, and password expiry notification. Active Directory Lightweight Directory Service (AD LDS) Active Directory Rights Management Services (AD RMS) Inclusion of AD LDS as a new server role. Integration of AD LDS with AD DS. 81 Simple delegation and strong cryptography (also made in through recent updates). Changed requirements for installation and deployment: System administrator account permissions instead of local administrator accounts in SQL Server installation SQL Server Browser service must be running Firewall exceptions for port numbers used by AD RMS Remote deployment Use of Server Manager and Windows PowerShell to deploy AD RMS 25 Application Server to support.net Framework 4.5. 82 Feature Comparison:,, and 48 48
DHCP Server enhancements in DHCP include DNS registration enhancements, DNS PTR registration options, and Windows PowerShell for DHCP Server. DNS Server enhancements in Domain Name System Server include enhanced zone-level statistics, enhanced DNSSEC support, and enhanced windows PowerShell support. Fax Server Print and fax service logging now includes user name and computer name logging in addition to IP address logging. File and Storage Services The File and Storage Services server role in includes the following new and updated features: Work Folders: Provides a consistent way for users to access their work files from their personal computers and devices. Server Message Block: Enhancements include automatic rebalancing of Scale-Out File Server clients, improved performance of SMB Direct, and improved SMB event messages. Storage Spaces: Enhancements include SSD and HDD storage tiers, an SSDbased write-back cache, parity space support for failover clusters, dual parity support, and greatly decreased storage space rebuild times. DFS Replication: Enhancements include database cloning for large performance gains during initial sync, a Windows PowerShell module for DFS Replication, a new DFS Replication WMI provider, faster replication on high bandwidth connections, conflict and preexisting data recovery, and support for rebuilding corrupt databases without unexpected data loss. iscsi Target Server: Updates include virtual disk enhancements, manageability enhancements in a hosted or private cloud, and improved optimization to allow disk-level caching. Feature Comparison:,, and 49 49
Hyper-V The Hyper-V role enables you to create and manage a virtualized computing environment by using virtualization technology that is built into. and updated features include: Shared virtual hard disk Resize virtual hard disk Storage Quality of Service Live migrations Virtual machine generation Integration services Export Failover Clustering and Hyper-V Enhanced session mode Hyper-V Replica Linux support Management Automatic Virtual Machine Activation Hyper-V Networking Network Policy and Access Services Includes Print and Document Services role; Type 4 drivers; Branch Office Direct Printing; Print Management Windows PowerShell module; WSD Secure printing; and High Availability Printing. Feature Comparison:,, and 50 50
Print and Document Services Enables centralization of print server and network printer management tasks. Ability to receive scanned documents from network scanners and route the documents to a shared network resource, Windows SharePoint Services site, or email addresses. and updated features include Event Logging for Branch Office Direct Printing and Printer Migration for Web Services for Devices (WSD) print devices Roaming Settings include Printer Connections; Easier Printing in Windows RT; Near Field Communication (NFC) Connections to Printers; and a Common framework for PIN-protected printing support by IHVs. Print and Fax services now include user access logging. Remote Access The new server features in include: Multitenant site-to-site VPN gateway Multitenant remote access VPN gateway Border Gateway Protocol (BGP) Web Application Proxy Remote Desktop Services In, Remote Desktop Services offers enhanced support in the following areas: Session Shadowing Online Storage Deduplication Improved RemoteApp behavior Quick reconnect for remote desktop clients RestrictedAdmin Mode Remote Desktop Improved compression and bandwidth usage Dynamic display handling RemoteFX virtualized GPU supports DX11.1 Feature Comparison:,, and 51 51
Volume Activation Services Additional volume activation technologies not available in the previous versions of are Volume Activation Services server role, in-built support for KMS, Active Directory-based Activation, and the Volume Activation Tools console. 83 Web Server (IIS) IIS 8.0 with a unified web platform that integrates IIS, ASP.NET, FTP services, PHP, and Windows Communication Foundation (WCF). features include Centralized Certificates, Dynamic IP Restrictions, FTP Logon Attempt Restrictions, Server Name Indication (SNI), Application Initialization, and NUMA-aware scalability. 84 Windows Deployment Services Server role that enables user to remotely (network based) deploy Windows operating systems. The.vhdx format supports a sparse, dynamic representation of a disk, which produces a relatively small disk image file (compared to directly storing the full contents of the disk). The.vhdx format is supported for VDH boot scenarios in addition to direct application to system volumes (similar to.wim deployments). Windows PowerShell cmdlets added in. Provides support for TFTP and multicasting over IPv6 and DHCPv6. Improved multicast deployment by eliminating the need for making a local copy of the install.wim file. Feature Comparison:,, and 52 52
Windows Server Update Services (WSUS) Update Services is a built-in server role that includes the following enhancements: 85 Can be added and removed by using the Server Manager Includes Windows PowerShell cmdlets to manage the ten most important administrative tasks in WSUS Adds SHA256 hash capability for additional security Provides client and server separation Versions of the Windows Update Agent (WUA) can ship independently of WSUS Windows Server Essentials Experience Available in Standard and Datacenter. 86 Protects server and client data by backing up the server and all the client computers within a network. Manages users and groups through the simplified server Dashboard. Stores company s data in a centralized location. Integrates with Microsoft online services, such as Office 365, Exchange Online, SharePoint Online, and Windows Intune. Ability to use Anywhere Access and Remote Web Access functionalities on server. Manages mobile devices that access company email by using Office 365 through Active Sync from the Dashboard. Monitors network health and obtains customized health reports. Windows System Resource Manager Ability to manage server processor and memory usage with standard or custom resource policies. 87 Manages resources and helps ensure that all the services provided by a single server are available on an equal basis or that resources will always be available to highpriority applications, services, or users. Feature Comparison:,, and 53 53
Windows Server Backup Provides a set of wizards and other tools to perform basic backup and recovery tasks for the server it is installed on. Backup role in and has the following enhanced features: 88 Ability to backup and restore individual virtual machines from a Hyper-V host server Improvements to managing backup versions and backup retention Ability to backup volumes greater than 2 terabytes and with 4-KB sector sizes Support for backup of Cluster Shared Volumes (CSVs) Ability to report system state components Feature Comparison:,, and 54 54
1 Remote Access Overview: http://technet.microsoft.com/en-us/library/hh831416 2 Dynamic Access Control Overview: http://technet.microsoft.com/en-us/library/dn408191.aspx 3 What's in Security Auditing: http://technet.microsoft.com/en-us/library/hh849638 4 Network Policy and Access Services Overview: http://technet.microsoft.com/library/hh831683 5 Step-by-Step: Demonstrate DNSSEC in a Test Lab: http://technet.microsoft.com/enus/library/hh831411.aspx 6 Extensible Authentication Protocol (EAP) for Network Access Overview: http://technet.microsoft.com/enus/library/hh945105 7 802.1X Authenticated Wired Access Overview: http://technet.microsoft.com/en-us/library/hh831831 8 What's in 802.1X Authenticated Wired Access in : http://technet.microsoft.com/en-us/library/dn452432.aspx 9 Active Directory Domain Services Overview: http://technet.microsoft.com/enus/library/cc731053%28ws.10%29.aspx 10 What's in Kerberos Authentication: http://technet.microsoft.com/en-us/library/hh831747 11 Working with Authentication and Access Control: http://technet.microsoft.com/enus/library/cc732857.aspx 12 Identity component updates: http://technet.microsoft.com/en-us/library/dn535780.aspx 13 Active Directory Domain Services (AD DS) Virtualization: http://technet.microsoft.com/enus/library/hh831734.aspx 14 Active Directory Federation Services Overview: http://technet.microsoft.com/en-us/library/hh831502 15 What's in Active Directory Domain Services (AD DS): http://technet.microsoft.com/enus/library/hh831477.aspx 16 AD DS: Database Mounting Tool (Snapshot Viewer or Snapshot Browser): http://technet.microsoft.com/en-us/library/cc753246(v=ws.10).aspx 17 What's in Failover Clustering: http://technet.microsoft.com/en-us/library/hh831414 18 Directory Services Component Updates: http://technet.microsoft.com/enus/library/dn535775.aspx#bkmk_fl 19 Active Directory Lightweight Directory Services: http://msdn.microsoft.com/enus/library/bb897400.aspx 20 Backing Up and Restoring Active Directory Application Mode (ADAM): http://technet.microsoft.com/enus/library/cc757294%28v=ws.10%29.aspx 21 Active Directory Application Mode: http://technet.microsoft.com/enus/library/cc736765%28v=ws.10%29.aspx 22 Active Directory Lightweight Directory Services Overview: http://technet.microsoft.com/enus/library/cc754361%28v=ws.10%29.aspx 23 Active Directory Rights Management Services Role: http://technet.microsoft.com/enus/library/cc771307%28v=ws.10%29.aspx Feature Comparison:,, and 55 55
24 Active Directory Rights Management Services Role: http://technet.microsoft.com/enus/library/cc771307%28v=ws.10%29.aspx 25 What's in Active Directory Rights Management Services (AD RMS)?: http://technet.microsoft.com/library/hh831554 26 AD RMS Cmdlets in Windows PowerShell: http://technet.microsoft.com/en-us/library/ee617271.aspx 27 What's in Active Directory Rights Management Services (AD RMS)?: http://technet.microsoft.com/library/hh831554 28 What's in Active Directory in : http://technet.microsoft.com/enus/library/dn268294.aspx 29 Active Directory Features: http://www.microsoft.com/en-us/servercloud/windows-server/active-directory-features.aspx 30 Active Directory Certificate Services Overview: http://technet.microsoft.com/en-us/library/cc755071 31 Set Up Certification Authority Web Enrollment Support: http://technet.microsoft.com/enus/library/cc732895.aspx 32 AD CS: Web Enrollment: http://technet.microsoft.com/en-us/library/cc732517(v=ws.10).aspx 33 Set Up an Online Responder: http://technet.microsoft.com/en-us/library/cc725937.aspx 34 AD CS: Network Device Enrollment Service: http://technet.microsoft.com/enus/library/cc753784%28v=ws.10%29.aspx 35 Setting Up Certificate Enrollment Web Services: http://technet.microsoft.com/enus/library/dd759243.aspx 36 What's in Certificate Services in : http://technet.microsoft.com/library/hh831373.aspx 37 Installing ADCS via PowerShell: http://social.technet.microsoft.com/forums/en- US/winserversecurity/thread/9ce2901b-4fe6-4294-87f8-638594e1b1a8 38 What's in Certificate Services in : http://technet.microsoft.com/enus/library/dn473011.aspx 39 What s in Hyper-V for : http://technet.microsoft.com/enus/library/dn282278.aspx 40 What's in Failover Clustering in : http://technet.microsoft.com/enus/library/dn265972.aspx 41 Why Hyper-V? Competitive Advantages of Release Candidate Hyper -V over VMware vsphere 5.0: http://computertrainingcenters.com/wp-content/uploads//08/competitive- Advantages-of-Windows-Server--RC-Hyper-V-over-VMware-vSphere-5-0-V1-0.pdf 42 Features Comparison: Hyper-V and Release Candidate Hyper-V: http://download.microsoft.com/download/2/c/a/2ca38362-37ed-4112-86a8- FDF14D5D4C9B/WS%20%20Feature%20Comparison_Hyper-V.pdf 43 Hyper-V Dynamic Memory Overview: http://technet.microsoft.com/en-us/library/hh831766.aspx 44 Hyper-V Replica Overview: http://technet.microsoft.com/en-us/library/jj134172.aspx 45 Work Folders Overview: http://technet.microsoft.com/en-us/library/dn265974.aspx Feature Comparison:,, and 56 56
46 What's in SMB in : http://technet.microsoft.com/enus/library/hh831474.aspx 47 Storage Data Sheet: http://download.microsoft.com/download/3/8/f/38f07ccb- B752-45DE-9747-247BAE5E2974/WS%20%20Data%20Sheet_Storage.pdf 48 What's in Storage Spaces in : http://technet.microsoft.com/enus/library/dn387076.aspx 49 Resilient File System Overview: http://technet.microsoft.com/en-us/library/hh831724.aspx 50 Data Deduplication Overview: http://technet.microsoft.com/en-us/library/hh831602.aspx 51 What's in DFS Replication in : http://technet.microsoft.com/enus/library/dn281957.aspx 52 What's in iscsi Target Server in : http://technet.microsoft.com/enus/library/dn305893.aspx 53 Thin Provisioning and Trim Storage Overview: http://technet.microsoft.com/enus/library/hh831391.aspx 54 File and Storage Services Overview: http://technet.microsoft.com/en-us/library/hh831487 55 Use Cluster Shared Volumes in a Failover Cluster: http://technet.microsoft.com/enus/library/jj612868.aspx 56 Server Message Block overview: http://technet.microsoft.com/en-us/library/hh831795.aspx 57 Offloaded Data Transfer (ODX) with Intelligent Storage Arrays: http://download.microsoft.com/download/a/7/d/a7d44657-70ae-46ae-883b-e6bd686e6481/windo wsoffloaded-data-transfer.docx 58 8 Developer Preview Release Product Overview: https://www.techdays.fi/portals/0/liitetiedostot/15..docx 59 Gateway: http://technet.microsoft.com/en-us/library/dn313101.aspx 60 Virtual Receive-side Scaling in : http://technet.microsoft.com/enus/library/dn383582.aspx 61 What's in Remote Access in : http://technet.microsoft.com/enus/library/dn383589.aspx 62 What's in IPAM in : http://technet.microsoft.com/enus/library/dn268500.aspx#db 63 What's in Hyper-V Virtual Switch in : http://technet.microsoft.com/enus/library/dn343757.aspx 64 What's in Hyper-V Network Virtualization in : http://technet.microsoft.com/en-us/library/dn383586.aspx 65 What's in DNS Server in : http://technet.microsoft.com/enus/library/dn305898.aspx 66 What's in DHCP in : http://technet.microsoft.com/enus/library/dn305900.aspx Feature Comparison:,, and 57 57
67 Dynamic Host Configuration Protocol (DHCP) Overview: http://technet.microsoft.com/library/hh831825.aspx 68 Release Candidate: Networking: http://download.microsoft.com/download/7/e/6/7e63de77-eba9-4f2e-81d3-9fc328cd93c4/ws%20%20white%20paper_networking.pdf 69 Quality of Service (QoS) Overview: http://technet.microsoft.com/en-us/library/hh831679 70 Enable the Modern Workstyle with Release Candidate BranchCache: http://www.google.com/url?sa=t&rct=j&q=enable%20the%20modern%20works tyle%20with%20windo ws %20server%20%20release%20candidate%20branchcache%20&source=web&cd=1&ved=0CF8QFjAA &url=http%3a%2f%2fdownload.microsoft.com%2fdownload%2ff%2f5%2fa%2ff5a51866-0a19-40b5-99e9-11d78c5e5133%2fws%2520%2520da ta%2520sheet_branchcac he.pdf&ei=_jnjt5- VHIfL2QWz5_2oCw&usg=AFQjCNHmMmNFe2S9rrS6R0gicuThR-A2Nw 71 IPv6 - Technology Overview: http://technet.microsoft.com/en-us/library/hh831730 72 Low Latency Workloads Technologies: http://technet.microsoft.com/en-us/library/hh831415 73 Network Load Balancing Overview: http://technet.microsoft.com/en-us/library/hh831698 74 Feature Comparison: Hyper-V and Hyper-V: http://download.microsoft.com/download/2/c/a/2ca38362-37ed-4112-86a8- FDF14D5D4C9B/WS%20%20Feature%20Comparison_Hyper-V.pdf 75 Release Candidate: Server Management: http://download.microsoft.com/download/2/e/c/2ec3e A6D-4EE8-4A0F-9CB2-704C9B60305C/WS%20%20White%20Paper_Server%20Management.pdf 76 What's in Windows PowerShell: http://technet.microsoft.com/en-us/library/hh857339.aspx 77 What's in Server Manager: http://technet.microsoft.com/en-us/library/dd378896(v=ws.10).aspx 78 Group Policy Overview: http://technet.microsoft.com/en-us/library/hh831791 79 Windows Azure Backup Overview: http://technet.microsoft.com/en-us/library/hh831419.aspx%20 80 Active Directory Domain Services Overview: http://technet.microsoft.com/en-us/library/hh831484 81 Active Directory Lightweight Directory Services Overview: http://technet.microsoft.com/enus/library/hh831593 82 Application Server Overview: http://technet.microsoft.com/en-us/library/hh831530 83 Volume Activation Overview: http://technet.microsoft.com/en-us/library/hh831612.aspx 84 Web Server (IIS) Overview: http://technet.microsoft.com/en-us/library/hh831725 85 Update Services Overview: http://technet.microsoft.com/en-us/library/hh852345.aspx 86 Essentials Experience Overview: http://technet.microsoft.com/enus/library/dn280940.aspx 87 Windows System Resource Manager Overview: http://technet.microsoft.com/enus/library/hh997019.aspx 88 Backup Feature Overview: http://technet.microsoft.com/en-us/library/jj614621.aspx Feature Comparison:,, and 58 58