Windows Server 2012 R2 Storage, Doughnuts And DirectAccess

Windows Server 2012 R2 Storage, Doughnuts And DirectAccess

For the final day of TechEd North America 2013, our competition winner and guest blogger Tommy Carron spreads his wings, covering everything from storage enhancements in Windows Server 2012 R2 to Direct Access. But there’s still time for doughnuts and thunderstorms.

TechEd is a huge event and I realised that there were parts of the conference I’d not stepped foot in. So today I explored these areas further. of course no day could begin without a serving of doughnuts for breakfast. After that, I darted towards room 279 for the first session covering ‘Storage and Availability Improvements in Windows Server 2012 R2’. Some of the new features, such as synthetic fibre channel support in VMM, were highlighted. The Hyper-V concept of allowing you to group two virtual HBAs to a virtual SAN was explained before launching into a demonstration.

Hector Linares (senior program manager at Microsoft, SCVMM) performed a Windows Offloaded Data Transfer (ODX) of data over http/https using a Netapp storage array. He explained that Windows’ future will be SMB rather NFS, using inexpensive networks and inexpensive shared JBOD storage. Storage Spaces will then be the solution to manage low commodity storage.

Management of storage within Windows Server 2012 R2 uses a single standard interface. This GUI can be used end-to-end management of both file and block storage using System Center VMM. As the VHDX disks can be shared between VMs it means guest clustering is now possible. In the past iSCSI or Fibre Channel would need to be presented.

Linares continued with explaining storage classification labels and assigning the shares to the cluster, all done from the one VMM interface. In Windows Server 2012 R2 it is possible to set bandwidth limits for Live Migration so links are not saturated. Jose Barreto then joined in to show a simulated SQL workload. He showed a single client accessing 2-nodes of a file server cluster simultaneously. He then added a third node to the cluster using VMM which automatically repaired the noded, installed the agent, adds the role, cluster features and rebalances it automatically. Interesting stuff.

During the late morning and early afternoon periods surrounding lunch, I explored the stands and spoke with several vendors. One product on display that caught my eye was a small company that offers additional security to Outlook Web Access. The Windows 8 phone booth brief presentation highlighted how development tools and simulators are all available as free downloads. That includes Visual Studio Express 2012 and the ability to test your apps on an actual device. Now I just need that killer app idea!

The queues stretched out of the registration room for hopeful candidates wishing to be certified. Several exam rooms with “quiet please” signs filled the third floor. No wonder this was popular since all attendees were eligible for half price exam registration. Attractive? Yes, but not as much as the Surface in the Microsoft shop downstairs. Gathering less interest was the 30 per cent discounted Bing-branded sweaters. I’m sure it’s due to the North American warm summer 😉

I ended the day with Richard Hicks’s Windows Server 2012 DirectAccess session. Security expert Richard Hicks explained that DA is seamless and transparent with no user action required. Unlike traditional VPN that is intrusive and user initiated. DA has been around since 2008 R2 but was cumbersome to implement and required Forefront UAG and IP6 discouraging most.

DA is now seamless and transparent, with no user action required, extending the corp network to the user. The list of new features is exhausting and so Hicks focused on the highlights. Easy deployment using a single NIC behind NAT is now possible. Certificates are still mandatory but when using Windows 8 Enterprise clients a PKI is optional but recommended. Unfortunately PKI is still needed for Windows 7.

Though IPv6 is now unnecessary to have deployed in your environment for DA, it still requires it. That statement had me scratching my head but the answer was translation. DA requires IPv6 end to end. If the clients on the Internet don’t have IP4 and your server has only IP4 then translation occurs.

DirectAccess isn’t without its limitations. It requires Windows 7 Enterprise, Ultimate or Win 8 Enterprise (no Windows XP nor 7 or 8 Pro). All clients must be domain joined. Using protocols with embedded IPv4 suchs as Citrix ICA, FTP etc or apps with hardcoded IPv4 addresses won’t work. Neither will ICMP.

To implement DA you install the RemoteAccess feature of Windows Server 2012 using the GUI or Powershell. When you don’t have two factor authentication and only Windows 8 clients it is simple to deploy. It’s a good idea to use remote content filtering considering the computer is on the Internet and corporate network simultaneously.

I then joined my fellow bloggers to head back to take some time before the TechEd closing party at the New Orleans Superdome. During this time a severe storm swept through creating a spectacle to watch from inside. From what I’ve heard about previous TechEd closing parties we’re in for a treat tonight.

Visit Lifehacker’s World of Servers Newsroom for all the latest news from TechEd North America 2013. And don’t forget: TechEd is coming to Australia in September. Click here for more information.