w7 enterprise
TRANSCRIPT
Technical Overview
Wednesday, April 12, 2023 1
Arlindo AlvesIT Pro EvangelistMicrosoft
[email protected]://blogs.technet.com/aralves
Similar Compatibility: Similar Compatibility: Most software that runs on Windows Vista will run on Windows 7. Most software that runs on Windows Vista will run on Windows 7.
Exceptions will be low level code (AV, Firewall, Imaging, etc). Exceptions will be low level code (AV, Firewall, Imaging, etc). Hardware that runs Windows Vista well will run Windows 7 well.Hardware that runs Windows Vista well will run Windows 7 well.
Few Changes: Few Changes: Focus on quality and reliability improvementsFocus on quality and reliability improvements
Windows 7 Builds on Windows VistaDeployment, Testing, and Pilots Today Will Continue to Pay Off
Deep Changes: Deep Changes: New models for security, drivers, deployment, New models for security, drivers, deployment, and networkingand networking
Windows 7 & Server 2008 R2 Development ProcessNew approach for Windows development and disclosure
Spend more time on planning & vision phase analyzing trends and Spend more time on planning & vision phase analyzing trends and needs before building features. needs before building features. Focus on end-to-end business scenarios – not just new features and Focus on end-to-end business scenarios – not just new features and technologies. technologies.
Give our customer and partners a timeframe for the release and stick Give our customer and partners a timeframe for the release and stick to our plan – 3 years for Windows 7.to our plan – 3 years for Windows 7.Disclose with higher degree of certainty and minimize changes Disclose with higher degree of certainty and minimize changes
Engaging with partners earlier and more closely to enable Engaging with partners earlier and more closely to enable seamless experiences and compatibility across hardware, seamless experiences and compatibility across hardware, software and services software and services
Windows 7 for the Enterprise
At their deskAt their deskIn a branchIn a branchOn the roadOn the road
Protect data & PCsProtect data & PCsBuilt on Windows Built on Windows Vista foundation Vista foundation
Easy migration Easy migration Keep PCs runningKeep PCs runningVirtualization Virtualization
Windows Optimized Desktop Windows Optimized Desktop
Unique Value with Unique Value with SA+MDOPSA+MDOP
Core PC Core PC PlatformPlatform
Remote Access for Mobile Workers Make Users Productive Anywhere
New network paradigm enables same New network paradigm enables same experience inside & outside the officeexperience inside & outside the officeSeamless access to network resources Seamless access to network resources increases productivity of mobile usersincreases productivity of mobile usersInfrastructure investments also make Infrastructure investments also make it easy to service mobile PCs and it easy to service mobile PCs and distribute updates and policesdistribute updates and polices
Difficult for users to access corporate Difficult for users to access corporate resources from outside the officeresources from outside the officeChallenging for IT to manage, update, Challenging for IT to manage, update, patch mobile PCs while disconnected patch mobile PCs while disconnected from company networkfrom company network
HomeOffice Home
DirectAccess
Office
DirectAccess Server
Compliant Client
Compliant Client
IPsec/IPv6
Data Center and Business Critical Resources
NAP / NPS Servers
Internet
Intranet UserEnterprise
Network
Intranet User
IPsec/IPv6
IPsec/IPv6
Assume the underlying Assume the underlying network is always insecurenetwork is always insecure
Redefine CORPNET edge to Redefine CORPNET edge to insulate the datacenter insulate the datacenter
and business critical and business critical resourcesresources
DirectAccess Solution Overview
Tunnel over IPv4 UDP, HTTPS, etc.Tunnel over IPv4 UDP, HTTPS, etc.
Security policies based on Security policies based on identity, not locationidentity, not location
Client tries to access .corpnet.com
Looks in provisioned list for DNS server(s) associated
with .corpnet
Connects with DNS server (using IPsec. IPv6 is thru DAS
What Happens At ClientWhat Happens At Client
Client tries to connect to target
IPv6 route again thru DAS. IPsec is required.
What happens at DAS/DNSWhat happens at DAS/DNS
DAS lets thru AuthIP packets from client to DNSAfter negotiation, DAS lets ESP packets thru between client and DNS. DNS returns target
address information to client. DNS registers clients current address information
Branch Office Network Performance Make Users Productive Anywhere
Caches content downloaded from file Caches content downloaded from file and Web serversand Web serversUsers in the branch can quickly open Users in the branch can quickly open files stored in the cachefiles stored in the cacheFrees up network bandwidth for other Frees up network bandwidth for other usesuses
BranchCache™
Application and data access over Application and data access over WAN is slow in branch officesWAN is slow in branch officesSlow connections hurt user Slow connections hurt user productivity productivity Improving network performance is Improving network performance is expensive and difficult to implement expensive and difficult to implement
Distributed versus Hosted Cache
Enterprise
Distributed CacheDistributed CacheData cached in cache poolData cached in cache pool
Hosted CacheHosted CacheData cached at the host serverData cached at the host server
Cache stored centrally: existing Windows Server 2008 R2 in the branchCache availability is highEnables branch-wide cachingIncreased reliability
Recommended for branches without a branch serverEasy to deploy: Enabled on clients through Group PolicyCache availability decreases with laptops that go offline
Get
GetID
Get
Data
BranchCache Distributed Cache
Get
IDData
Data
Get
GetID
Put
Data
BranchCache Hosted Cache
Get
DataID
Search
Get
Sear
ch
Request
Advertize
ID
ID
ID
Data
ID
Data
Search in the EnterpriseMake Users Productive Anywhere
Consistent experience to find Consistent experience to find data from multiple locations, data from multiple locations, including SharePoint sitesincluding SharePoint sitesUsers and IT can pre-populate Favorites in Windows Explorer to remote search sites that support OpenSearch protocol IT can point users to select search sites w/Enterprise Search Scopes
Search Federation
Current desktop and Enterprise Current desktop and Enterprise search solutions are good, but search solutions are good, but not integratednot integratedUsers need to take different Users need to take different steps to find data on PC and steps to find data on PC and data on serversdata on serversData sources are hard to Data sources are hard to discoverdiscover
Demo
Wednesday, April 12, 2023 14
Federated Search
New FeaturesGraphical PowerShellImproved securityPortabilityNew cmdlets Remote Execution Capability
Active Directory Administration CenterInternet Information Services Power Management One-to-many remote management using WS-MGMT
Integration
Windows PowerShell 2.0
Improves productivity and controlAccelerates automation of system adminEasy to use Works with existing scriptsCommunity Model
Improved Command-Line Shell and Scripting Language
Demo
Wednesday, April 12, 2023 17Microsoft Confidential
PowerShell Remoting
Group Policy Improvements
Data Protection Data Protection ScenariosScenarios
Group Policy Group Policy PreferencesPreferences
• Application managementApplication management• AuditingAuditing• Encryption of removable storage devicesEncryption of removable storage devices
• Configure operating system and application optionsConfigure operating system and application options• Provides flexibility for IT and end usersProvides flexibility for IT and end users• Reduces costs of logon scriptsReduces costs of logon scripts• Power management scenarioPower management scenario• Scheduled tasksScheduled tasks
Users store increasing volumes of Users store increasing volumes of data, including sensitive or data, including sensitive or confidential data on the removable confidential data on the removable storage devicesstorage devicesRemovable storage devices are easy Removable storage devices are easy to lose and, unlike PC, the loss may to lose and, unlike PC, the loss may go unnoticed for a whilego unnoticed for a while
Data ProtectionEnhance Security & Control
Protect data on internal and removable Protect data on internal and removable drivesdrivesMandate the use of encryption with Mandate the use of encryption with Group PoliciesGroup PoliciesStore recovery information in Active Store recovery information in Active Directory for manageability Directory for manageability Simplify BitLocker setup and Simplify BitLocker setup and configuration of primary hard driveconfiguration of primary hard drive
++
Application Control Enhance Security and Control
Eliminate unwanted/unknown Eliminate unwanted/unknown applications in your networkapplications in your networkEnforce application standardization Enforce application standardization within your organizationwithin your organizationEasily create and manage flexible rules Easily create and manage flexible rules using Group Policyusing Group Policy
Users can install and run unapproved Users can install and run unapproved applicationsapplicationsEven standard users can install some Even standard users can install some types of softwaretypes of softwareUnauthorized applications may:Unauthorized applications may:
Introduce malwareIntroduce malwareIncrease helpdesk callsIncrease helpdesk callsReduce user productivityReduce user productivityUndermine compliance effortsUndermine compliance efforts
Demo
Wednesday, April 12, 2023 21
Data ProtectionApplication Control
Troubleshooting Improvements
Windows Vista Windows Vista Introduced Introduced DiagnosticsDiagnostics
Windows 7 Delivers Windows 7 Delivers Comprehensive Comprehensive TroubleshootingTroubleshooting
• Network connectivityNetwork connectivity• Proactive disk protectionProactive disk protection• Memory analysisMemory analysis
• Windows PowerShell scriptsWindows PowerShell scripts• Extensible via PowerShell and Authoring toolsExtensible via PowerShell and Authoring tools• Additional troubleshooting packages available Additional troubleshooting packages available • Run remotely Run remotely
Customer ValueCustomer Value
• Automatically run maintenance tasks Automatically run maintenance tasks • End-user toolsEnd-user tools• Help desk toolsHelp desk tools• Diagnostics can grow as IT requiresDiagnostics can grow as IT requires
Powercfg ToolPowercfg ToolPowercfg ToolPowercfg Tool
Background Activities ReducedBackground Activities ReducedBackground Activities ReducedBackground Activities Reduced
Intelligent Display BrightnessIntelligent Display BrightnessIntelligent Display BrightnessIntelligent Display Brightness
Improved Battery Life
Low Battery NotificationsLow Battery NotificationsLow Battery NotificationsLow Battery Notifications
Virtual Desktop InfrastructureStreamline PC Management
Deploying desktops in virtual Deploying desktops in virtual machines on server hardwaremachines on server hardwareCentralized management & Centralized management & securitysecurityUsers can access their desktop Users can access their desktop and applications wherever they and applications wherever they areare
Richer Remote Experience
Richer graphics with Richer graphics with improved multi-monitor improved multi-monitor supportsupportUse voice for telephony & Use voice for telephony & applications with applications with microphone supportmicrophone supportImproved printingImproved printing
Using Windows for VDI scenarios requires additional VECD license Using Windows for VDI scenarios requires additional VECD license *
What is Virtual Desktop What is Virtual Desktop Infrastructure?Infrastructure? Maintain VHD: Offline Maintain VHD: Offline
servicing of VHD images servicing of VHD images with same tools used for with same tools used for WIMWIMBoot from VHD: Reuse VHD files Boot from VHD: Reuse VHD files for deployment to managed for deployment to managed desktop PCs desktop PCs
Do More With VHDs
Windows XP Mode & Windows Virtual
PC
Windows Virtual PC SMB Application Compatibility Innovations
Virtual PC 2007
Primary Audience: Developers / IT Pro
Key Scenarios: Dev & test & Help-
Desk
Typical guest OS: Multiple Guest Oses
Cost: customers pays for each guest
OS
Windows Virtual PC @ Windows 7
New Audience: Small & Medium Business
Key Scenario: Windows XP to Win7 App-Compat
Typical guest OS: Windows XP
Cost: Virtual Windows XP Included for Win7
Pro/Ultimate
Windows 7 experience for Windows XP Applications
Easy to setup from a pre-installed Windows 7 Desktop
Install Applications in Virtual Windows XP is Easy
Open Virtual Windows XP from Windows 7 Start Menu
Install Windows XP applications like you normally do
… and address IE6 compatibility concerns for Windows 7
IE6 running on Virtual Windows XP
IE8 running on Windows 7
Deployment Deployment Image Servicing Image Servicing
and Managementand Management
Add/Remove Drivers and Add/Remove Drivers and PackagesPackages
WIM and VHD Image WIM and VHD Image ManagementManagement
User State User State Migration ToolMigration Tool
Hardlink MigrationHardlink Migration
Offline File GatherOffline File Gather
Improved user file detectionImproved user file detection
Microsoft Assessment and Microsoft Assessment and PlanningPlanning
Windows Windows Deployment ServicesDeployment Services
Multiple Stream TransferMultiple Stream Transfer
Dynamic Driver ProvisioningDynamic Driver Provisioning
VHD and WIM SupportVHD and WIM Support
Deployment Enhancements
Application Application Compatibility ToolkitCompatibility Toolkit
Microsoft Deployment Microsoft Deployment ToolkitToolkit
Thank [email protected]