Microsoft Details Features of 'R2'
- By Scott Bekker
- May 27, 2004
SAN DIEGO -- Microsoft used its TechEd conference to lay out some of the features planned for the next version of Windows Server 2003, code-named "R2."
Scheduled for release sometime next year, R2 is a new version of the server that rolls in some of the feature packs that Microsoft released for Windows Server 2003. Microsoft has acknowledged that finding and loading feature packs, such as the heavily touted Windows SharePoint Services, has been confusing and annoying for customers. At the same time, the interim release of the server eases the pressure on Microsoft, which doesn't plan to ship its "Longhorn" generation of Windows server until 2007.
But at TechEd, Microsoft officials unveiled additional functionality that is being developed specifically for the R2 release.
New features include simplified branch server deployment and management, network defense technology, identity federation, "anywhere access" for mobile and home workers and rights management services.
Microsoft plans to build R2 on top of Windows Server 2003 Service Pack 1, a security-focused pack that is scheduled for release later this year. In a keynote here Tuesday, Andrew Lees, corporate vice president for Microsoft server and tools marketing, presented that as an important decision.
"This will be built on service pack 1. The good news about that is it will give a high degree of application compatibility," Lees said.
Microsoft is working on two technologies to improve branch server deployment and management. One is called Remote Differential Compression, which only replicates changes to files across the network rather than replicating the entire file. The changes are compressed to further reduce network traffic.
The other change benefiting branch server deployments is a new hub-and-spoke network topology option in File Replication Services. "Today what we have is a full mesh model," Ilya Bukshteyn, director of product management for the Windows Server System, said in an interview. "That's great if you have a few large offices. But for a branch office, the hub and spoke is more efficient."
With R2, Microsoft plans to refine network defense technology, which the company has also referred to as quarantining. Quarantining is the process of parking remote computers in a safe zone when they attempt to make a Virtual Private Network connection. Rather than giving computers direct access, the idea is to first ensure that the computer is running anti-virus software and is adequately patched. In some scenarios, it is possible to either limit the user's access or push patches to a machine.
What Microsoft plans for R2 is actually step four on a quarantining roadmap Microsoft initiated with Windows Server 2003, according to Bukshteyn. Through the Windows Server 2003 Software Development Kit, Microsoft provided access to APIs that allowed organizations to build their own quarantining solutions from scratch.
With Service Pack 1, Microsoft will make a slight improvement by packaging one common use for quarantining. "We're rolling one scenario instead of saying, 'Roll your own.' We don't see that as a long-term solution," Bukshteyn said.
Internet Security & Acceleration Server 2004, which missed its TechEd launch target but is very close to release, also includes a custom-scripted VPN connection. That is what Microsoft currently uses internally for quarantining.
But R2 will expand the quarantining technology beyond VPNs to wired or unwired connections to the network -- catching occasionally connected computers to make sure they meet organizational standards for patches and anti-virus updates. Microsoft is still considering how extensive its interface and wizards should be.
During the Lees keynote, Microsoft also showed a technology preview of Active Directory Federation Services, which is Microsoft's implementation of identity federation using the Web services standard.
"This … allows you … to exchange public keys with another entity, do advanced things such as mapping of identity based on your two environments, and then once you've added that public key to your Active Directory, Active Directory is extended to allow applications such as Windows SharePoint Services to enable cross-company collaboration seamlessly, again without extra work and complexity on your part," Bukshteyn said during the demo.
Microsoft will also use R2 to build on the HTTP over RPC that is already possible with the combination of Exchange Server 2003 and Outlook 2003. That technology allows administrators to give their users full access to their e-mail through the regular Outlook client, as opposed to Outlook Web Access, by connecting through HTTP rather than establishing a VPN. The next step, coming in R2, is to wrap other protocols to allow file shares and terminal server sessions to also come over HTTP. Microsoft calls the feature "Anywhere Access."
Scott Bekker is editor in chief of Redmond Channel Partner magazine.