Windows Server 2019 Puts an Emphasis on SDN Security

Software-defined networking (SDN) security is one of the top 10 networking features coming to Windows Server 2019, according to details shared by Microsoft this week.

SDN is a big part of Microsoft's product marketing for the forthcoming server release, despite the technology already being used in the current flagship Windows Server 2016 product. For instance, in its top-10 feature countdown list for Windows Server 2019, Microsoft earlier had suggested that SDN technology will enable so-called "software-defined datacenters," which is considered to be another top networking feature.

This time, as its No. 4 top networking feature, Microsoft is emphasizing the new server's SDN security benefits, including automatic subnet encryption, improved firewall auditing, an expansion of access control lists (ACLs) to logical subnets, virtual network peering and IPv6 support.

The subnet encryption capability in Windows Server 2019 pertains to the encryption of network traffic between virtual machines. There's an automated process involved where "any packet that leaves a VM is automatically encrypted as it passes to other destinations on the same back-end network," Microsoft's announcement explained. If a vulnerability is found during this process, the fabric is automatically updated. The announcement suggested that this feature will alleviate having to check if the encryption for apps is up to date, as it also automatically handles application-level encryption. This automated process just happens within the same subnet. When traffic is sent between subnets, it becomes unencrypted, Microsoft explained, in this document.

The firewall logging feature in Windows Server 2019 works with the Hyper-V host and lets organizations carry out audits of firewall performance. It can be used to verify that network boundaries are working properly. It'll also indicate whether the network is under an attack or if a breach has occurred, according to Microsoft's announcement. Microsoft is also touting this feature's ability to generate logs that "are consistent in format with Azure Network Watcher," which means that Azure Network Watcher tools can be used with this feature.

Microsoft also is highlighting the ability to automatically apply ACLs to logical subnets with Windows Server 2019. "This means that any SDN managed VM connected to a VLAN based network will automatically get the necessary ACLs applied," the announcement explained.

Microsoft is suggesting that its new virtual network peering capability in Windows Server 2019 will serve to improve potential throughput and latency issues for communications between virtual networks. This feature "combines the virtual routers in associated virtual network so they can communicate with each other, without having to traverse through a gateway," the announcement explained.

Lastly, there's SDN support for IPv6 in Windows Server 2019. It works across "virtual network address spaces," "virtual IPs" and "logical networks" to support IPv6 traffic. This feature enables security rather than being a security feature per se. "All of the security features of SDN now work with IPv6 addresses and subnets, including Access Control Lists and User Defined Routing," Microsoft explained regarding the SDN support for IPv6.

Window Server 2019 is still at the preview stage, but it's expected to reach "general availability" (commercial release) later this year. Some of its capabilities can be tested today, although GitHub projects associated with this week's SDN and security announcements seemed to be lacking content at press time.

In related news, Microsoft announced the release of another preview of Windows Server 2019 (build 17744) earlier this week. In this release, Microsoft is extolling new Hyper-V Server 2019 capabilities.

About the Author

Kurt Mackie is senior news producer for 1105 Media's Converge360 group.


  • The 2020 Microsoft Product Roadmap

    From the next major update to Windows 10 to the next generations of .NET and PowerShell, here's what's on tap from Microsoft this year.

  • 2020 Microsoft Conference Calendar: For Partners, IT Pros and Developers

    Here's your guide to all the IT training sessions, partner meet-ups and annual Microsoft conferences you won't want to miss. (Now updated with COVID-19-related event changes.)

  • Microsoft Closing Most of Its Retail Stores

    Microsoft on Friday announced a major shift in its retail operations, with plans to close most of its physical Microsoft Store outlets in favor of online sales.

  • Matrix

    Microsoft, Harvard Describe Joint Privacy Initiative

    To facilitate data sharing while still preserving data privacy, Microsoft and Harvard have embarked on a set of open source tool called the "OpenDP Initiative."

RCP Update

Sign up for our newsletter.

Terms and Privacy Policy consent

I agree to this site's Privacy Policy.