计算机科学:Windows服务系统2008和操作系统
06-18, 2015
Windows服务系统2008于2008年4月发布,是继Windows服务系统2003进一步完善的继任者。在计算学科上技术有很大的变化,诸如Windows Vista和Win7的发布就表明新的操作系统,相比它的前身还有创新的空间。
便于阅读,对以下术语进行了解释:
Win2K3 - Windows 服务系统2003
Win2K8 - Windows 服务系统2008
OS - 操作系统
OSes - 操作系统原理
2.Windows 服务系统2008—Windows Server 2008
以下部分是提供证据表明Win2K8改善Active Directory(广告)的操作运行覆盖的领域,以及操作系统的外观、性能、安全性和可用性。
本文介绍了Windows服务系统2008,尝试确认和分析它的新特性和功能的改进。在这篇文章中,在可能的情况下,与Windows 服务系统2003的各方面性能相比较。
Windows Server 2008, released in April 2008, is the successor of the already well-established Windows Server 2003. The technology changes in computing disciplines such as the release of Windows Vista and 7 should indicate that this new operating system could introduce some major changes, in comparison to its predecessor.
This report introduces Windows Server 2008 and tries to identify and explain its new features and functionality improvements. Throughout this paper, those aspects will be compared, where possible, with those belonging to Windows Server 2003.
For ease of reading, the following terminology is used:
Win2K3 - Windows Server 2003
Win2K8 - Windows Server 2008
OS - operating system
OSes - operating systems
2.Windows 服务系统2008—Windows Server 2008
The following sections should provide evidence that Win2K8 introduces some improvements in Active Directory (AD). The aspects of running a domain are covered, as well as the appearance of the OS, its performance, its security, and its usability.
2.1硬件要求具备的条件— Recommended Hardware Requirements
The first evident changes are the recommended hardware requirements, necessary for a successful installation of Win2K8 (Windows Server, 2007), which are much higher than Win2K3's requirements (Microsoft Technet, 2005). The differences are highlighted in the two lists below:
Win2K8 -
the processor speed should be 2 gigahertz (GHz) or higher;
the system should ideally possess 2 gigabytes (GB) of Random Access Memory (RAM), and no more that 4GB;
the recommendation for the Hard Disk Drive (HDD) is 40GB of free space;#p#分页标题#e#
the monitor recommended is a super-VGA, with a minimum 800x600 resolution;
and finally a DVD-ROM drive.
Win2K3 -
the processor speed should be 550 megahertz (MHz) or higher;
the recommended amount of RAM is 265MB;
the HDD should have 2 to 3GB of free space;
the recommended monitor is a super-VGA with a minimum 800x600 resolution;
Win2K3 requires at least a CD-ROM or DVD drive for installation
and for network installation, a Preboot eXecution Environment (PXE) compliant network card.
The recommended requirements listed at the Windows Server site for Win2K8 do not mention the need for a PXE compliant network adaptor for network installation. Installations from remote locations are possible, as documented by Matthews (2008), who also reports that the options to undertake a full installation, or a Server Core installation, are available; the latter installation mode installs a lighter version of the server which excludes certain components and the user interface; i.e. all administration task are performed via the command prompt.
2.2 系统的新面貌— New Appearance
Davis (2007) states that the Win2K8 "look and feel" makes the OS very similar to the Windows Vista family of OSes; this implies that, similarly to Win2K3's release, which, as illustrated by Minasi et al. (2003), integrated XP technologies, Microsoft tried to produce a networking OS that reflects the enormous technology changes and advances in today's world. For those who struggled with Vista initially, this may indicate that the new look server could prove awkward to adjust to. An example of the Vista types of changes to the OS is the omission of the Run command, in the Start menu, which may confuse Win2K3 users, who would be accustomed to the availability of this feature; with Win2K8, the user only needs to type the name of the required feature in the Search textbox, situated at the bottom of the Start menu, and double-click on this feature's name, which should appear on the left hand side of the menu, in order to run it.
The reason to why Win2K8 is so much like Vista is because it was built using the same development model, as highlighted by Hassell (2008); i.e. the secure development model, which intends to help in producing more security based OSes. This should imply that Win2K8 must be more secure than Win2K3; this implication is discussed later in this paper.
2.3 域服务的域控制器 —Active Directory Domain Services
Active Directory Domain Services (AD DS) is the new name given to what every domain administrator has always known as Active Directory (AD), while using Win2K3. AD DS includes features similar to Win2K3's and also introduces new functionalities, as illustrated by (Price and Price, 2008), whose list includes Active Directory Lightweight Directory Services (AD LDS), Active Directory Federation Services (AD FS), Active Directory Rights Management Services (AD RMS) and Active Directory Certificate Services (AD CS).#p#分页标题#e#
2.3.1. 轻型目录服务的域控制器—Active Directory Lightweight Directory Services
Schmidt (2008) briefly highlights AD LDS, which was known as Active Directory Application Mode (ADAM) in Win2K3, and also permits AD to be used for application storage and availability, without those being completely dependent on AD. There are no security principles in AD LDS, since those are stored in AD DS.
2.3.2. 联合服务的域控制器—Active Directory Federation Service
AD FS permits organisations to provide their employees, and employees from other organisations, a way to log in to a corporate website, without creating different accounts or storing login credentials, for each employee, from each organisation that has access to the website, according to Bruzzese (2009). With AD FS, companies can have a trust account which gives them access to the website, without the need for a trust account on their own server.
2.3.3. 权限管理服务的域控制器—Active Directory Rights Management Services
According to Oiaga (2010), AD RMS is a new technology, incorporated into Win2K8, which is based on the security of documents holding data, such as word documents, websites or spreadsheets, and permits administrators to encrypt files, which can only be decrypted by authorised individuals. This is one of the key security features which should be considered by every organisation seriously considers data protection, as AD RMS can easily be used to keep sensitive data from unauthorised viewers. This is not a new feature, since Win2K3 also provided encryption possibilities.
2.3.4. 认证服务的域控制器—Active Directory Certificate Services
Morimoto et al. (2008) explains that with AD CS, which was previously known in Win2K3 as Certificate Services, an administrator can produce and manage all existing certificates required. Also known as a Certificate Authority (CA), this technology helps administrators to verify whether the certificates are valid, ensuring a high level of security. Certificates are documents which ensure the credibility of a user's identity.
2.4.更好的性能—Better Performance
In Win2K8, it would be expected that a performance utility should be provided, with regards to the heavy workloads imposed on domain controllers nowadays, due to the fact that organisations are becoming larger and larger. Therefore, Microsoft offers the Reliability and Performance Monitor (RPM), which enables administrators to diagnose an AD for performance statistics.
RPM is a Microsoft Management Console (MMC) snap-in; Zandri (2009) explains that RPM can be used to monitor performance aspects such as processor usage, the state of the Hard Disk Drive (HDD), network performance and usage, and memory state. This utility seems to be the centralisation of the performance monitoring tools that were available separately in Win2K3.#p#分页标题#e#
According to Petri (2009), the server's performance can be analysed with the help of the Win2K8 tool called Performance Analysis of Logs (PAL), which:
'is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (that are provided)'.
This tool's output is an HTML document which highlights some counters important to performance and displays alerts, regarding existing performance issues. PAL helps administrators detect possible problems with ease, since all performance tools are in one utility.
2.5.增强安全性— Security Enhancements
Mimoso (2008), published an interview with Bill Laing, general manager of Microsoft's Windows Server Division, on the SearchSecurity.com website, in which Laing states that:
"In developing Windows Server 2008, three key aspects of security were imperative in achieving our goal to create our most secure operating system to date".
This certainly implies that there should be some major security improvements in this version of the OS.
The three key aspects mentioned above are Network Access Protection (NAP), Federated Right Management (FRM) and Read Only Domain Controller (RODC), which all participate in providing organisations with a secure OS, an accessible and safe network, and protection over documents and data; they are all new features.
Melber (2009) describes how Win2K8 also lets administrator control security over the services which run in the background. Microsoft has incorporated new features within Group Policies (GP), which gives administrative personnel this control.
Specialized Security - Limited Functionality (SSLF) environment, according to Microsoft's security guide for the OS (2008), is a baseline which helps build "highly secure environments for computers running Windows Server 2008". Although SSLF helps tighten up server security, this setting imposes some restrictions with regards to user functionalities; i.e. restrictions towards running services, such as Terminal Services, which helps users connect to desktops from remote locations.
Bitlocker is a new security feature, which was introduced with Windows Vista, and has been incorporated in Win2K8 (Techotopia, 2009). This facility enables full-drive encryption and is an ideal security measure, to secure data on laptops and notebooks which are items easily lost or stolen.
2.6. 虚拟化技术—Virtualisation Technologies
Hyper-V is a new utility introduced in Win2K8, which enables users to use virtualisation technologies, with the help of Remote Desktop Services, to enable them to run multiple virtualised OSes on the same machine (Shimonski, 2008); previously, any user wishing to perform any virtualisation task would have had to download and install either Microsoft's Virtual PC or Virtual Server.#p#分页标题#e#
With virtualisation various systems or computers are created and running on one host computer. This permits to either test or physically run a network, while cutting down overheads and expenditures, since less hardware is needed. However, there is one point to take into consideration; the host machine must have enough resources, such as processors speed, RAM or HDD space, to enable the virtualised systems to run smoothly.
2.7. 网络技术进一步提高—Enhanced Web Technologies
eCOST Software (1998-2010) reports that the Web Server edition of Win2K8 offers enhancements and improvements to the Microsoft web platform, which provides more flexibility and reliability, with the help of Internet Information Services (IIS) 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services, all unified within Win2K3.
This edition of the server OS, offers improvements in Web administration, diagnosing tasks, developing projects, such as Web applications in Active Server Pages and PHP, for example, and providing streaming media
Domain Name System is a networking infrastructure adopted throughout the IT discipline, with regards to translating IP addresses into familiar host names (Savill, 2010). DNS Security Extensions (DNSSEC) is a networking enhancement which strengthens the DNS infrastructure and help prevents attacks on networks. DNSSEC is not a Microsoft product but an extension to the already well-established DNS standard, which helps in verifying the integrity of all data being transferred.
3. 总结—Conclusion
Windows Server 2008, with its new appearance, offers many new features, networking enhancements and improvements, to organisations using Active Directory, which has been renamed Active Directory Domain Services.
Some of the features, such as Active Directory Lightweight Directory Services, are utilities or aspects of the operating system, which existed within Windows Server 2003, and have been renamed, while others are completely new features, such as Active Directory Rights Management Services.
The Reliability and Performance Monitor helps domain administrators ensure that performance is not affected by the workload imposed on the operating system, by studying performance pointers with regards to memory management, hard disk drive usage, or even processor speeds and state.
Security has been Microsoft first and foremost priority during the development of the server and this reflects into the security enhancements of the operating system, which include Network Access Protection, Federated Right Management and Read Only Domain Controller.
Hyper-V, the new virtualisation technology within Windows Server 2008, permits organisations to virtualise networks without the need to use other utilities, such as Microsoft's Virtual PC or Virtual Server.#p#分页标题#e#
The Microsoft Web platform is more reliable and flexible towards application distribution and web development with Windows Server 2008 Web edition. Diagnostic tasks, web development and web administration have been improved with the unification of Internet Information Services 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services. With DNS Security Extensions, integrity of data is assured during all transfers.
In Summary, Windows Server 2008 seems to be a more secure, reliable and flexible operating system than Windows Server 2003, and offers many new features and improvements.
便于阅读,对以下术语进行了解释:
Win2K3 - Windows 服务系统2003
Win2K8 - Windows 服务系统2008
OS - 操作系统
OSes - 操作系统原理
2.Windows 服务系统2008—Windows Server 2008
以下部分是提供证据表明Win2K8改善Active Directory(广告)的操作运行覆盖的领域,以及操作系统的外观、性能、安全性和可用性。
本文介绍了Windows服务系统2008,尝试确认和分析它的新特性和功能的改进。在这篇文章中,在可能的情况下,与Windows 服务系统2003的各方面性能相比较。
Windows Server 2008, released in April 2008, is the successor of the already well-established Windows Server 2003. The technology changes in computing disciplines such as the release of Windows Vista and 7 should indicate that this new operating system could introduce some major changes, in comparison to its predecessor.
This report introduces Windows Server 2008 and tries to identify and explain its new features and functionality improvements. Throughout this paper, those aspects will be compared, where possible, with those belonging to Windows Server 2003.
For ease of reading, the following terminology is used:
Win2K3 - Windows Server 2003
Win2K8 - Windows Server 2008
OS - operating system
OSes - operating systems
2.Windows 服务系统2008—Windows Server 2008
The following sections should provide evidence that Win2K8 introduces some improvements in Active Directory (AD). The aspects of running a domain are covered, as well as the appearance of the OS, its performance, its security, and its usability.
2.1硬件要求具备的条件— Recommended Hardware Requirements
The first evident changes are the recommended hardware requirements, necessary for a successful installation of Win2K8 (Windows Server, 2007), which are much higher than Win2K3's requirements (Microsoft Technet, 2005). The differences are highlighted in the two lists below:
Win2K8 -
the processor speed should be 2 gigahertz (GHz) or higher;
the system should ideally possess 2 gigabytes (GB) of Random Access Memory (RAM), and no more that 4GB;
the recommendation for the Hard Disk Drive (HDD) is 40GB of free space;#p#分页标题#e#
the monitor recommended is a super-VGA, with a minimum 800x600 resolution;
and finally a DVD-ROM drive.
Win2K3 -
the processor speed should be 550 megahertz (MHz) or higher;
the recommended amount of RAM is 265MB;
the HDD should have 2 to 3GB of free space;
the recommended monitor is a super-VGA with a minimum 800x600 resolution;
Win2K3 requires at least a CD-ROM or DVD drive for installation
and for network installation, a Preboot eXecution Environment (PXE) compliant network card.
The recommended requirements listed at the Windows Server site for Win2K8 do not mention the need for a PXE compliant network adaptor for network installation. Installations from remote locations are possible, as documented by Matthews (2008), who also reports that the options to undertake a full installation, or a Server Core installation, are available; the latter installation mode installs a lighter version of the server which excludes certain components and the user interface; i.e. all administration task are performed via the command prompt.
2.2 系统的新面貌— New Appearance
Davis (2007) states that the Win2K8 "look and feel" makes the OS very similar to the Windows Vista family of OSes; this implies that, similarly to Win2K3's release, which, as illustrated by Minasi et al. (2003), integrated XP technologies, Microsoft tried to produce a networking OS that reflects the enormous technology changes and advances in today's world. For those who struggled with Vista initially, this may indicate that the new look server could prove awkward to adjust to. An example of the Vista types of changes to the OS is the omission of the Run command, in the Start menu, which may confuse Win2K3 users, who would be accustomed to the availability of this feature; with Win2K8, the user only needs to type the name of the required feature in the Search textbox, situated at the bottom of the Start menu, and double-click on this feature's name, which should appear on the left hand side of the menu, in order to run it.
The reason to why Win2K8 is so much like Vista is because it was built using the same development model, as highlighted by Hassell (2008); i.e. the secure development model, which intends to help in producing more security based OSes. This should imply that Win2K8 must be more secure than Win2K3; this implication is discussed later in this paper.
2.3 域服务的域控制器 —Active Directory Domain Services
Active Directory Domain Services (AD DS) is the new name given to what every domain administrator has always known as Active Directory (AD), while using Win2K3. AD DS includes features similar to Win2K3's and also introduces new functionalities, as illustrated by (Price and Price, 2008), whose list includes Active Directory Lightweight Directory Services (AD LDS), Active Directory Federation Services (AD FS), Active Directory Rights Management Services (AD RMS) and Active Directory Certificate Services (AD CS).#p#分页标题#e#
2.3.1. 轻型目录服务的域控制器—Active Directory Lightweight Directory Services
Schmidt (2008) briefly highlights AD LDS, which was known as Active Directory Application Mode (ADAM) in Win2K3, and also permits AD to be used for application storage and availability, without those being completely dependent on AD. There are no security principles in AD LDS, since those are stored in AD DS.
2.3.2. 联合服务的域控制器—Active Directory Federation Service
AD FS permits organisations to provide their employees, and employees from other organisations, a way to log in to a corporate website, without creating different accounts or storing login credentials, for each employee, from each organisation that has access to the website, according to Bruzzese (2009). With AD FS, companies can have a trust account which gives them access to the website, without the need for a trust account on their own server.
2.3.3. 权限管理服务的域控制器—Active Directory Rights Management Services
According to Oiaga (2010), AD RMS is a new technology, incorporated into Win2K8, which is based on the security of documents holding data, such as word documents, websites or spreadsheets, and permits administrators to encrypt files, which can only be decrypted by authorised individuals. This is one of the key security features which should be considered by every organisation seriously considers data protection, as AD RMS can easily be used to keep sensitive data from unauthorised viewers. This is not a new feature, since Win2K3 also provided encryption possibilities.
2.3.4. 认证服务的域控制器—Active Directory Certificate Services
Morimoto et al. (2008) explains that with AD CS, which was previously known in Win2K3 as Certificate Services, an administrator can produce and manage all existing certificates required. Also known as a Certificate Authority (CA), this technology helps administrators to verify whether the certificates are valid, ensuring a high level of security. Certificates are documents which ensure the credibility of a user's identity.
2.4.更好的性能—Better Performance
In Win2K8, it would be expected that a performance utility should be provided, with regards to the heavy workloads imposed on domain controllers nowadays, due to the fact that organisations are becoming larger and larger. Therefore, Microsoft offers the Reliability and Performance Monitor (RPM), which enables administrators to diagnose an AD for performance statistics.
RPM is a Microsoft Management Console (MMC) snap-in; Zandri (2009) explains that RPM can be used to monitor performance aspects such as processor usage, the state of the Hard Disk Drive (HDD), network performance and usage, and memory state. This utility seems to be the centralisation of the performance monitoring tools that were available separately in Win2K3.#p#分页标题#e#
According to Petri (2009), the server's performance can be analysed with the help of the Win2K8 tool called Performance Analysis of Logs (PAL), which:
'is a new and powerful tool that reads in a performance monitor counter log (any known format) and analyzes it using complex, but known thresholds (that are provided)'.
This tool's output is an HTML document which highlights some counters important to performance and displays alerts, regarding existing performance issues. PAL helps administrators detect possible problems with ease, since all performance tools are in one utility.
2.5.增强安全性— Security Enhancements
Mimoso (2008), published an interview with Bill Laing, general manager of Microsoft's Windows Server Division, on the SearchSecurity.com website, in which Laing states that:
"In developing Windows Server 2008, three key aspects of security were imperative in achieving our goal to create our most secure operating system to date".
This certainly implies that there should be some major security improvements in this version of the OS.
The three key aspects mentioned above are Network Access Protection (NAP), Federated Right Management (FRM) and Read Only Domain Controller (RODC), which all participate in providing organisations with a secure OS, an accessible and safe network, and protection over documents and data; they are all new features.
Melber (2009) describes how Win2K8 also lets administrator control security over the services which run in the background. Microsoft has incorporated new features within Group Policies (GP), which gives administrative personnel this control.
Specialized Security - Limited Functionality (SSLF) environment, according to Microsoft's security guide for the OS (2008), is a baseline which helps build "highly secure environments for computers running Windows Server 2008". Although SSLF helps tighten up server security, this setting imposes some restrictions with regards to user functionalities; i.e. restrictions towards running services, such as Terminal Services, which helps users connect to desktops from remote locations.
Bitlocker is a new security feature, which was introduced with Windows Vista, and has been incorporated in Win2K8 (Techotopia, 2009). This facility enables full-drive encryption and is an ideal security measure, to secure data on laptops and notebooks which are items easily lost or stolen.
2.6. 虚拟化技术—Virtualisation Technologies
Hyper-V is a new utility introduced in Win2K8, which enables users to use virtualisation technologies, with the help of Remote Desktop Services, to enable them to run multiple virtualised OSes on the same machine (Shimonski, 2008); previously, any user wishing to perform any virtualisation task would have had to download and install either Microsoft's Virtual PC or Virtual Server.#p#分页标题#e#
With virtualisation various systems or computers are created and running on one host computer. This permits to either test or physically run a network, while cutting down overheads and expenditures, since less hardware is needed. However, there is one point to take into consideration; the host machine must have enough resources, such as processors speed, RAM or HDD space, to enable the virtualised systems to run smoothly.
2.7. 网络技术进一步提高—Enhanced Web Technologies
eCOST Software (1998-2010) reports that the Web Server edition of Win2K8 offers enhancements and improvements to the Microsoft web platform, which provides more flexibility and reliability, with the help of Internet Information Services (IIS) 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services, all unified within Win2K3.
This edition of the server OS, offers improvements in Web administration, diagnosing tasks, developing projects, such as Web applications in Active Server Pages and PHP, for example, and providing streaming media
Domain Name System is a networking infrastructure adopted throughout the IT discipline, with regards to translating IP addresses into familiar host names (Savill, 2010). DNS Security Extensions (DNSSEC) is a networking enhancement which strengthens the DNS infrastructure and help prevents attacks on networks. DNSSEC is not a Microsoft product but an extension to the already well-established DNS standard, which helps in verifying the integrity of all data being transferred.
3. 总结—Conclusion
Windows Server 2008, with its new appearance, offers many new features, networking enhancements and improvements, to organisations using Active Directory, which has been renamed Active Directory Domain Services.
Some of the features, such as Active Directory Lightweight Directory Services, are utilities or aspects of the operating system, which existed within Windows Server 2003, and have been renamed, while others are completely new features, such as Active Directory Rights Management Services.
The Reliability and Performance Monitor helps domain administrators ensure that performance is not affected by the workload imposed on the operating system, by studying performance pointers with regards to memory management, hard disk drive usage, or even processor speeds and state.
Security has been Microsoft first and foremost priority during the development of the server and this reflects into the security enhancements of the operating system, which include Network Access Protection, Federated Right Management and Read Only Domain Controller.
Hyper-V, the new virtualisation technology within Windows Server 2008, permits organisations to virtualise networks without the need to use other utilities, such as Microsoft's Virtual PC or Virtual Server.#p#分页标题#e#
The Microsoft Web platform is more reliable and flexible towards application distribution and web development with Windows Server 2008 Web edition. Diagnostic tasks, web development and web administration have been improved with the unification of Internet Information Services 7.0, ASP.NET, Windows Communication Foundation and Windows SharePoint Services. With DNS Security Extensions, integrity of data is assured during all transfers.
In Summary, Windows Server 2008 seems to be a more secure, reliable and flexible operating system than Windows Server 2003, and offers many new features and improvements.
Get expert help on all your writing
立即预定