• Latest
  • Trending
  • All
  • News
  • Business
  • Politics
  • Science
  • World
  • Lifestyle
  • Tech
Microsoft is quietly becoming a cybersecurity powerhouse

Windows Server 2022 Is Coming!

April 7, 2021
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
8×8 makes raft of updates to platform

Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

April 22, 2021
Microsoft renames and unifies more products under Microsoft Defender brand

UK government signs new three-year Memorandum of Understanding with Microsoft

April 22, 2021
Azure Stack, AWS Outposts Poised to Impact Colocation

Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

April 22, 2021
How to set up Microsoft Cloud App Security

Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

April 22, 2021
GHD accelerates digital transformation to ensure business continuity

ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

April 22, 2021
Microsoft continues to extend security for all with mobile protection for Android

HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

April 22, 2021
Hackers Cryptojack Microsoft Azure ML Clusters

6clicks partners with Microsoft to bring greater security to Aus Government

April 22, 2021
Seattle Seahawks Shift From Microsoft Azure to Amazon Web Services

Security should start in software engineering

April 21, 2021
  • About
  • Advertise
  • Privacy & Policy
  • Contact
Thursday, April 22, 2021
  • Login
Azure Security News
  • Home
  • News
    • All
    • Business
    • Politics
    • Science
    • World
    Juniper Networks extends connected security with two new updates

    5 channel partner program and MSP News update 21 April . 2021

    Automate Evidence Collection With Hypersync

    CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Device Connectivity and Edge Intelligence in Resource-Constrained Situations

    8×8 makes raft of updates to platform

    Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

    Microsoft renames and unifies more products under Microsoft Defender brand

    UK government signs new three-year Memorandum of Understanding with Microsoft

    Azure Stack, AWS Outposts Poised to Impact Colocation

    Aruba accelerates digital transformation from edge to cloud on Microsoft Azure.

    How to set up Microsoft Cloud App Security

    Eurotech Collaborates with Infineon Technologies, Microsoft, and Globalsign for ’Chain of Trust’ Security Solution for the IoT Device Identities

    GHD accelerates digital transformation to ensure business continuity

    ONUG to Address Enterprise Cloud, Cloud Native DevOps, Security & Automation at Biannual Spring 2021 Event

    Microsoft To Build New Azure Cloud Data Centers In Greece

    Infosec Teams Expand Use of Security Tools to Address Cloud Complexity, Survey Finds

    Microsoft continues to extend security for all with mobile protection for Android

    HVR Launches Agent as a Service for Microsoft Azure, Establishes Highly Available, Secure and Performant Real-Time Replication Environment for Enterprise Modernization

    Trending Tags

    • Donald Trump
    • Future of News
    • Climate Change
    • Market Stories
    • Election Results
    • Flat Earth
  • Tech
    • All
    • Apps
    • Gear
    • Mobile
    • Startup
    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Windows 10 21H1: A small but significant update, with bigger changes to come in 21H2

    Microsoft Touts Secured-Core PCs To Block Driver Exploits

    KDDI Taps Cato SASE for Secure Remote Access

    Juniper Networks inspires overarching approach to connected security

    Going serverless? Rethink your data security approach

    Juniper Networks inspires overarching approach to connected security

    Introducing the Azure Network Security Tech Community and Github Repo

    Cisco, Google, Microsoft Lead Chorus of New Security Initiatives

    Azure WAF Custom Rule Samples and Use Cases

    Aruba ClearPass Policy Manager Integrates with Microsoft

    How Microsoft Is Powering Digital Transformation From the Cloud

    Part 4 – Data Disclosure and Exfiltration Playbook: Azure WAF Security Protection and Detection Lab

    The Mountain Of A Manager

    Microsoft offers startups free cloud tech

    Microsoft Launches Host of Security Products in Time for RSA

    The 14 Best Cloud Security Courses on Pluralsight

    Microsoft Adds Anti-Phishing ‘Campaign Views’ to Office 365 ATP

    How 4 cities are modernizing their IT infrastructure through the cloud

    Trending Tags

    • Flat Earth
    • Sillicon Valley
    • Mr. Robot
    • MotoGP 2017
    • Golden Globes
    • Future of News
  • Entertainment
    • All
    • Gaming
    • Movie
    • Music
    • Sports
    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Microsoft Flight Simulator Continues to Look Stunning in New Snow Video

    Meet the woman who’s making consumer boycotts great again

    New campaign wants you to raise funds for abuse victims by ditching the razor

    Twitter tweaks video again, adding view counts for some users

    A beginner’s guide to the legendary Tim Tam biscuit, now available in America

    People are handing out badges at Tube stations to tackle loneliness

    Trump’s H-1B Visa Bill spooks India’s IT companies

    Magical fish basically has the power to conjure its own Patronus

    This Filipino guy channels his inner Miss Universe by strutting in six-inch heels and speedos

    Oil spill off India’s southern coast leaves fisherman stranded, marine life impacted

  • Lifestyle
    • All
    • Fashion
    • Food
    • Health
    • Travel
    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Offers More ‘Solorigate’ Advice Using Microsoft 365 Defender Tools

    A moment of reckoning: the need for a strong and global cybersecurity response

    Solar Winds, Office 365 & Shipbuilding…

    Aruba ClearPass Policy Manager Integrates with Microsoft

    Imprivata Expands Collaboration with Microsoft on New Digital Identity Innovations

    Microsoft Seriously Beefs Up Security in Windows Server 2019

    Microsoft Canada’s 10 biggest stories of 2020

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    FAA issues new proposed Boeing 737 MAX pilot training procedures

    AMD breaks revenue records for 2019 and 4Q

    AMD breaks revenue records for 2019 and 4Q

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft and Analog Devices pair on 3D imaging tech

    Microsoft is killing off insecure Cloud App Security cipher suites

    Microsoft is killing off insecure Cloud App Security cipher suites

    Rap group call out publication for using their image in place of ‘gang’

    Meet the woman who’s making consumer boycotts great again

    Trending Tags

    • Golden Globes
    • Mr. Robot
    • MotoGP 2017
    • Climate Change
    • Flat Earth
No Result
View All Result
Azure Security News
No Result
View All Result
Home News

Windows Server 2022 Is Coming!

by AZURE SECURITY NEWS EDITOR
April 7, 2021
in News
0
Microsoft is quietly becoming a cybersecurity powerhouse
492
SHARES
1.4k
VIEWS
Share on FacebookShare on Twitter

By Paul Schnackenburg and Azure Security News

The next version of Windows Server will be known as 2022 and it’s in public preview since Ignite in March 2021. The Long-Term Servicing Channel (LTSC=five years mainstream + five years extended support) release is planned for later in 2021.

There was a time when this would have been huge news, with (nearly) every IT shop on the planet looking for new features that were going to make their life easier and planning how to convince bosses to approve the upgrade. That’s not really the case anymore.

The preview news had a single 30-minute presentation devoted to it, and half that presentation covered updates to Azure and Windows Admin Center, tangentially connected to Windows Server.

This isn’t to say that there aren’t some interesting things coming that will probably make your life easier, but it sends a clear message — Windows Server isn’t a priority at Microsoft like it was some years ago. We have two sources for what new features we can expect — the presentation at Ignite, as well as the Semi-Annual Channel (SAC) releases of Windows Server. If you have Software Assurance for your Windows Server licenses and you want to use the latest from the server team — there are actually two releases each year of Windows Server with new features, as long as you don’t mind using Server Core only and upgrade at least every 18 months. This blog post from August 2020 and this one from September 2020 are more sources for what’s coming.

A Strong Focus on Security
The big theme of Windows Server 2022 is security — primarily bringing the concept of Secure Core from Windows client to the server world with Secure Core Servers. This is a type of PC that you can buy from Microsoft, Lenovo, Dell, Panasonic, HP and others that has a Trusted Platform Module (TPM) 2.0 chip, Bitlocker turned on and Virtualization Based Security (VBS) to protect credentials while the system is running. Instead of enabling these (and other) security features after taking delivery, it’s all turned on out of the box.

On servers this will protect against boot kits and root kits, malware designed to compromise the system before it starts, thus bypassing any defenses running in the OS. To carry the label Secure Core Server the OEM must provide secure firmware and drivers and enable these features by default.

To be able to audit this across a fleet of servers, there’s a new extension for Windows Admin Center that lists which of the six requirements a server meets. Here’s a one-year-old Dell Hyper-V host with quite a few missing.

There’s been some interesting work in the security community over the last few years, demonstrating issues with the TPM platform, as they’re a separate component on the motherboard and the traffic between it and the rest of the system can be manipulated. This new Secure Core Server platform lays the foundation for the forthcoming Pluton security processor, built on technologies first incorporated into Xbox One. Pluton will be different than TPM as it will be part of the CPU itself, all three main vendors, Qualcomm, Intel and AMD are on-board with Pluton.

Each of the six areas shown above protects different parts of the boot process and the OS so let’s look at them in detail. TPM stores Bitlocker keys and other secrets and key material while Secure Boot verifies signatures on boot software (UEFI firmware, EFI applications and the OS itself) to ensure that they haven’t been subverted by a root kit.

Virtualization-based Security (VBS) uses hardware virtualization (based on Hyper-V technology but don’t think of this as a separate VM, just an isolated part of the memory space in the OS) to stop credential attacks like Pass-the-Hash through Mimikatz. On top of VBS is Hypervisor-Enforced Code Integrity (HVCI) which protects modification of the Control Flow Guard (CFG) bitmap, provides a valid certificate for Credential Guard and checks that device drivers have an EV certificate. Control Flow Guard lets Windows protect itself against malicious applications that corrupt memory of legitimate applications.

System Guard sits on top of these features and provides the following security guarantees for Windows: protects the integrity of the system as it starts up and validate this through local and remote attestation using Static Root of Trust for Measurement (SRTM), Dynamic Root of Trust for Measurement (DRTM) and System Management Mode (SMM) protection (see more).

Boot Direct Memory Access (DMA) protection is part of Kernel DMA Protection which protects Bitlocker keys and other secrets stored in memory while the OS is running. The classic attack here is to plug a drive with malware into a port that offers DMA on a running PC and read Bitlocker keys from memory. DMA offers fast transfer of data, essentially directly into memory (as it says on the tin) but also comes with this risk — Boot DMA mitigates it. These improvements aren’t just for Windows, Microsoft wants to bring the improved boot security to Linux as well, just as they’re doing in Azure.

Apart from the Secure Core Server features, Windows Server 2022 will come with the newest version of Transport Layer Security (TLS), 1.3 enabled by default and offers AES 256-bit encryption for SMB traffic.

Windows Server 2022 will also make it possible to give containers an identity in Active Directory using group Managed Service Accounts (gMSAs) which you can only do today by domain joining the host — this won’t be required in 2022.

Networking Improvements
There is one feature coming that I think any IT Pro dealing with on-premises deployments and access will love and that’s MsQuic. This implements the QUIC protocol and Microsoft has open sourced their flavor.

You’ll see several improvements — HTTP/3 will be faster and SMB traffic will also be faster. On top of this you’ll be able to set up file shares on-premises and access them securely from anywhere without the need of VPNs. Ned Pyle from Microsoft has a video and description here.

The TCP protocol will determine the best transfer rate faster using TCP HyStart++ and PktMon will improve packet capture. Newer network cards that support UDP Segmentation Offload (USO) will speed up UDP traffic, in a similar way to how TCP is accelerated today.

If you’re using Kubernetes and containers, Direct Server Return will speed up traffic by allowing incoming and outgoing traffic to take different paths. And full support for Calico is now on the table. Kubernetes doesn’t manage networking between containers and Calico is an example of a Container Network Interface (CNI) plug-in that relies on Kubernetes Network policies to secure traffic. Going forward Windows containers will respect the policies and be managed just like Linux containers using Calico. The overall size of Windows containers has also been significantly reduced.

Containers will also be able to use virtualized time zones, today the time zone in a container is controlled by the host’s, going forward you can control the time zone in a container using the virtual registry key, the tzutil tool or using a Docker argument when starting the container.

In the Hyper-V switch Windows Server 2019 offered Receive Segment Coalescing (RSC) which combines multiple packets in the virtual switch for lower CPU load, but the traffic was broken up again as it was sent over the VMbus, in 2022 it’ll remain combined all the way to the application.

Hyper-V Improvements
Mixed domain or workgroup clusters have been available for a little while but if you wanted to use Bitlocker on each cluster node (and you REALLY should), they had to be in the same domain. In Windows Server 2022 you can store the key in local encrypted storage, opening up this scenario.

Keeping VMs together on the same host for speed or separate for resiliency (keeping Domain Controllers on separate nodes) in a cluster can be done today with Affinity and AntiAffinity rules. They’re however not very easy to use, nor are they site aware in stretched clusters. In Server 2022 there are new PowerShell cmdlets to set up rules which are easier to set up and who do understand geo clusters.

On the scalability front this release will support 48 TB of memory and 2,048 logical processors per host which is ridiculously large (and incredibly expensive), but will find at least one good customer, Azure where large databases and SAP deployments are demanding ever larger VMs and hosts.

Summary
Although this list of new features is a bit underwhelming there’s no doubt that there are some worthwhile features on the way, primarily under the hood.

And many, many businesses rely on Windows Server, whether it’s running on-premises or in a cloud so the rumors of its demise are vastly exaggerated. I expect more reveals of features as we progress through 2021 towards the final release.My recommendation is to join the community and sign up to the Windows Server Insider program . The latest preview was released on March 24 .

Source : https://virtualizationreview.com/articles/2021/04/06/windows-server-2022.aspx

Share197Tweet123Share49
AZURE SECURITY NEWS EDITOR

AZURE SECURITY NEWS EDITOR

Related Posts

Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

By  Joe Panettieri Azure Security News Here are five (actually, more) technology news updates, insights, chatter, and plenty more to...

Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

-CyberSheath Services International today introduced the next evolution of its CMMC Managed Services, including its CMMCEnclave. Based on Microsoft Azure, CMMCEnclave is...

Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

The migration to more sophisticated cloud-based IoT functionality is relentless and rapid. However, ensuring optimal functionality in the complicated infrastructure...

8×8 makes raft of updates to platform

Sysinno Introduces First Available Air Quality Monitor Running on Microsoft Azure Sphere

by AZURE SECURITY NEWS EDITOR
April 22, 2021
0

Sysinno Technology Inc., an Innodisk shareholding company, is excited to announce that their iAeris line of indoor air quality detectors will...

  • Trending
  • Comments
  • Latest
Microsoft’s CyberX Acquisition Boosts Security of Azure IoT Lineup

AZURE DEFAULT RESOURCE GROUP AND DEFAULT WORKSPACE: WHAT ARE THEY?

December 14, 2020
Telecom Provider Migrates Confidently to Microsoft Azure with Fortinet’s Dynamic Cloud Security Solutions

Analyzing Azure Active Directory Sign-In Data with PowerShell

December 18, 2020
Microsoft Seriously Beefs Up Security in Windows Server 2019

TCS Launches Cloud Exponence on Microsoft Azure

January 21, 2021

Lady Gaga Pulled Off One of the Best Halftime Shows Ever

0

Barack Obama’s Now Mainly Focusing on Wearing This Casual Backwards Hat

0

Watch Justin Timberlake’s ‘Cry Me a River’ Come to Life in Mesmerizing Dance

0
Juniper Networks extends connected security with two new updates

5 channel partner program and MSP News update 21 April . 2021

April 22, 2021
Automate Evidence Collection With Hypersync

CyberSheath Enhances Its CMMC Managed Services with CMMCEnclave, the Most Comprehensive CMMC Compliance Platform

April 22, 2021
Microsoft To Build New Azure Cloud Data Centers In Greece

Device Connectivity and Edge Intelligence in Resource-Constrained Situations

April 22, 2021
Azure Security News

Copyright © 2020 - Azure Security

Navigate Site

  • About
  • Advertise
  • Privacy & Policy
  • Contact

Follow Us

No Result
View All Result
  • Home
  • News
    • Politics
    • Business
    • World
    • Science
  • Entertainment
    • Gaming
    • Music
    • Movie
    • Sports
  • Tech
    • Apps
    • Gear
    • Mobile
    • Startup
  • Lifestyle
    • Food
    • Fashion
    • Health
    • Travel

Copyright © 2020 - Azure Security

Welcome Back!

Login to your account below

Forgotten Password?

Create New Account!

Fill the forms below to register

All fields are required. Log In

Retrieve your password

Please enter your username or email address to reset your password.

Log In