back to article Microsoft Windows Server 2012: Why Bother?

Join us today at 11:00 GMT, when we’ll be broadcasting live from our London studio with Reg readers Chris Losch, from Newham Council, and Gary Collins, from Intercept IT. Between them, they’re going to run through a raft of real-world projects and deployment scenarios where they’ve been using and abusing Windows Server 2012 to …

COMMENTS

This topic is closed for new posts.

Page:

Bronze badge
Mushroom

Some Obvious Reasons.....

#1 Security - lower vulnerability counts, with fewer days at risk and fewer critical vulnerabilties that are on average fixed faster than any competing OS. Full support for secure boot.

#2 TCO - lower cost of support / ownership in an enterprise compared to competing OSs for the vast majority of uses.

#3 Functionality - The market leader in many respects.

#4 Performance - Significantly outperforms other platforms in common uses - e.,g. worlds fastest fileserver.

1
28

Re: Some Obvious Reasons.....

Security - you could also say other OSs are more secure by design so they have less vulnerabilities in the first place.

TCO - isn't this really just a marketing term?

Functionality - wholly subjective. There's plenty of people who'll say working in a shell is more productive and efficient that any GUI.

Performance - How many of the world's HPC clusters run Windows? As for being "the world's fastest fileserver" doesn't actually measurable performance rely as much on the physical I/O of the box as it does the OS?

13
3
Anonymous Coward

Re: Some Obvious Reasons.....

Security - you kidding, right? Or you refer to that famous Microsoft sponsored study that compared the OS kernel in Windows versus a full Linux distribution?

TCO - another Microsoft sponsored study, perhaps? Yes, there is a reason for the biggest internet business in the world not using Windows: they don't know how to make money.

Functionality - leader in which respects? The only thing Windows Server is leading is in the integration with its on ecosystem of Microsoft technologies. As for other technologies, care to cite one?

Performance - being the worlds fastest file server is not that useful if it does not meet any of the above criteria (security, TCO, functionality). Plus (or minus) your example points to a benchmark in a specific service where being fastest is less relevant, to the point of being more effecive to replace with a NAS appliance.

12
1
Bronze badge
Mushroom

Re: Some Obvious Reasons.....

Security - Windows Server is a long way ahead of say a Linux distribution for security. I refer to number of vulnerabilities, criticality of vulnerabilities, average days at risk, and probablilty of an internet facing server being compromised - all of which Windows Server has been ahead of Linux in every year since 2003. (2002 was the year Bill Gates made secuirty Microsoft's #1 priority). Plus Windows was designed from the bottom up to be secure with full ACLs built in at every level to the OS and kernal - not a set of bolt on after thoughts like Linux - where bodges like SEL are required.

TCO - funny you should mention it - but web services was the exception i referred to. However there are a number of changes in 2012 to address that - we will have to wait for a stuidy to see if that is still the case....

Functionality - here are 2 - Secure boot and disk deduplication.

Performance -- none of your comments are related to performance - Windows Server comes in a NAS appliance version.

2
15

Re: Some Obvious Reasons.....

Security - it doesn't really matter how "secure" a given product is, if the people managing it don't use suitably secure processes. The weakest link is always the person managing the system.

TCO - no it's not just a marketing term. Unfortunately, a lot of technical people have little or no understanding of finance. If you run a business, there is one mantra above all; you have to manage costs if you are to survive.

Functionality - agreed, this is subjective. However, are you aware that you can install Server 2012 as "Server Core" - basically just the shell, no GUI. All admin done using PowerShell cmdlets.

Performance - agreed that the hardware is fundamental. But software can have an impact when providing network access.

2
5

This post has been deleted by a moderator

Anonymous Coward

Re: Some Obvious Reasons.....

@Eadon & @RICHTO - Do you think you could both sod off and take your irritating fanboy ways with you. I would be nice to have a sensible discussion about an OS for once without people shouting about how their OS is the only way and anyone else is an idiot.

In summary: Windows good, Linux good too.

5
5

This post has been deleted by a moderator

Anonymous Coward

Re: Some Obvious Reasons.....

@Edon - Ok, I shouldn't have told you both to sod off, but I'm getting very annoyed with entrenched fanboy positions. You're not debating, you're both standing here shouting "My thing is best, yours is rubbish", "No, my thing is best, it's yours that's rubbish" and cherry picking a few points that fit your worldview. Debate would require an attempt to understand each others point of view, accept it where it's correct and learn from it. Your level of debate is to accuse anyone who disagrees with you of being a shill.

6
1
Silver badge
FAIL

Re: Some Obvious Reasons.....

"Windows was designed from the bottom up to be secure with full ACLs built in at every level to the OS and kernal "

What , you mean ACLs like Unix has had since the 1980s? Oooh , so advanced!

5
2
MJI
Silver badge

Re: Performance

I still remember when Windows server was 1/4 of the speed of the same hardware running Netware.

5
0
Bronze badge
Mushroom

Re: Some Obvious Reasons.....

"you mean ACLs like Unix has had since the 1980s"

No - I mean proper ACLs throughout the OS - not the limited Posix 1e rubbish of user, group and world bit masks of UNIX.

Linux has tried to fix it via NFSv4 ACLs, but it's still nothing like the capbility Windows has. And is still experimental.

So for instance on Linux, you cant evaluate access via claims based authentication or support expression based ACLs.

2
12
Bronze badge
Mushroom

Re: Performance

So do I, and when it fell over much more frequently. That was well over a decade ago.....

0
10
Silver badge

Re: Some Obvious Reasons..... @RICHTO

On ACLs.

Proprietary UNIX has had filesystem ACLs of the type you are talking about since at least 1990. I am most familiar with AIX, and this was a major enhancement when the RISC System/6000 was launched in 1990 with AIX 3.1.

The Posix 1 filesystem permissions were a description of the original UNIX permissions model that was invented back in the 1970s before Microsoft even existed. At that time, the most sophisticated security model around was that proposed for Multics, many features of which made it into both VMS and PrimeOS (and it is worth remembering that Richard Cutler had some responsibility for VMS).

This is for a filesystem, I admit, but the basis of Role Based Accounting (acquired credentials used to control running processes and services) was introduced in AIX in 4.3.3, which IIRC was around 1998.

If you look outside of core UNIX, then DCE/DFS, which was a standards based enhancement which sat above the OS, and worked on various UNIX OS's, OS/2 and even windows NT provided ACLs for processes and file objects around 1994, and this was based on the Andrew File System (AFS) and Apollo's NCS which were earlier still. AFS, and DCE/DFS allowed credential management using Kerberos a long time before that support was integrated into Windows, and was provided by the OS vendors in most cases. AIX could build in a Kerberos based user authentication system from about AIX 4.2 in 1995.

I'm fairly sure that those people who were familiar with Veritas will also have something to say.

In terms of NFSv4, the Linux support may be experimental (which probably reflects more on the people doing the work than NFSv4 itself), but has been part of the core facilities provided by at least Solaris and AIX for quite some time (have to look up when it was introduced, but I remember reading up on in in 2005). Definitely not experimental on those platforms.

Having got that off my chest, it is clear that these arguments are pointless. This is because although I have a good knowledge of AIX and traditional UNIX, my knowledge of Windows is incomplete, so I so not make direct comparisons of capabilities. I suspect that there are actually very few people who are able to make a dispassionate comparison of these features between OSs, so just having a willy waving competition in forums such as this one is largely pointless.

That said, I do like the idea of a Windows Server that allows you to strip down the basic install to the minimum necessary to run an application. Seems consistent with KISS, one of the primary requirements to make any service functional and secure.

It is pointless to have more features than you need which may open up security or performance issues running on a server which has a specific defined function. This is where heavily (de-)configured Linux distributions have had a real advantage in the server space for years, because you could strip them down relatively easily to the bare minimum. It looks like Microsoft have finally learned.

6
1

Re: Some Obvious Reasons.....

And the earth is flat!

1
0
Bronze badge

on permissions and ACL

Mind you that GNU/Linux distros do have acl (try "sudo aptitude install acl" on Debian-like systems, e.g.). HP-UX got its own, I am sure, that *BSD and other *nixes have something similar.

The point is though, that a feature like "file permissions" need not only exist but be damn simple to be useful. POSIX file permissions is an example. As many might remember, there was a widespread practice on Win XP to make some apps of the userland nature (say, games) run only under admin account. Not sure if it is still a practice/annoyance on the modern Windows. Never had this problem on Linux/BSD.

You can always extend well designed minimal stuff to something more special, like acl, AppArmor, Android's permissions. Interestingly, Android API mandates running every single app under a unique uid and that all the rights are divided into groups to be transparent to a user.

0
0
Bronze badge

Re: Some Obvious Reasons.....

I've been using Linux myself since about '96. Pretty much abandoned windows entirely in '98. But even I don't believe this post. It has gotten better over the years. My job has been supporting Linux-based(almost exclusively) infrastructures for the past 12 years. I've had Linux as my desktop for 14 years.

No licenses for Linux ? Tell that to Red Hat - the #1 Linux distributor in the world. Licenses are not an issue for most companies, especially if they are priced fairly. Red hat did jack their licensing costs up by as much as 60% when RHEL6 came out, but it's still worth it. License management is there too.

You can argue that Linux has better functionality but I would say it does not. It has different functionality. There are tons of applications that run only on Windows+IIS. Also of course Exchange, MSSQL, tons of enterprise applications that are run inside of things like XenApp or remote desktop.

Linux can outperform windows in some cases, I'd say it's more of a draw here really. Performance is good enough that it doesn't really matter anymore.

I'm still far more comfortable using Linux, I can get around in it easier, all that. I think Linux is a better platform in general (I like the Unix "strings" approach to scripting vs windows "object" based). Linux in general is much more embeddable in enterprise things whether it is storage, networking or other types of appliances. But in most cases you'd never know Linux was powering the system. I think EMC still has storage systems that run on windows(Clariion - unless things have changed in the past many years) that are used by a lot of folks.

I used to have a blind hatred for Microsoft many years ago, but not now. I actually feel sorry for them, they have lost their way. Windows server does seem to be one of their bright spots still. 2012 looks to have a ton of cool innovations (I don't plan to use it either way), in some cases putting it well ahead of linux (file systems for one - btrfs doesn't count it's not stable).

The state of file systems on linux in general (at least the open source ones) is pretty pathetic right now (has been for years). Functionality is little changed from ext2 days other than journalling. I can't even use ext4 on Ubuntu (10.04) on my enterprise servers because of a bug which causes ext4 to hang under load. ext3 works fine though. I spent weeks trying to find resolution but I think I am the only person who has the problem (and I've seen it consistently on dozens of systems).

I've never been fond of the ACLs in windows that is one area of endless frustration for me whenever I have to deal with it. (by the same token SELinux is absolute shit too I disable it everywhere - nothing but headaches). Of the hundreds of boxes I have managed over the years (99% linux) only 3 have been compromised. Two of them were linux, and were installed before I started at the company, both were internet facing that hadn't had updates in ages. In both cases the results of the breach were minor, no damage in either case.

The 3rd system was a FreeBSD box. I didn't manage it directly (this was back in 2000), but my friend did (it was a porn site). He used telnet to administrate the system. I convinced him to switch to SSH. 6 months later he was hacked by an SSH bug.

Gotten off topic. I think Windows server 2012 will be good - with all the new features people may want to wait until SP1 or something, but windows going back to 2003 server at least in my opinion have been good products for their respective markets. My skills are Linux and I will continue to seek employment where Linux is used, but at the same time admit windows is fine too for those skilled in that trade.

1
0
Silver badge
Windows

@RICHTO

I see you don't quite approach this from a business angle but merely comment as an individual. I say this because I do represent a (small) business and well... Your arguments are flawed, even though I actually agree with some of them. The problem however is the combination of them:

#1 Security - lower vulnerability counts, with fewer days at risk and fewer critical vulnerabilties that are on average fixed faster than any competing OS. Full support for secure boot.

However, when working with a server version which is still being supported and maintained, how would this be an argument for upgrading? Its like saying that the current servers are no good when it comes to security, and when looking at Server 2008 I really beg to differ. And its not as if patches for Server 2012 will be released any faster than 2008 or say 2003.

#2 TCO - lower cost of support / ownership in an enterprise compared to competing OSs for the vast majority of uses.

This I could actually agree with, to a certain extend. However, it has a small flaw in its reasoning; for the best performance you're better of not merely grabbing a Server 2012 version; you'd also be looking at a client OS upgrade. Not saying that Server 2012 can't cope with older clients like XP, Win 7 and so, but its not optimal.

And upgrading a whole park really puts dents in your TCO picture. Another very important TCO aspect is durability and reliability; you can't claim that Server 2012 has proven itself on these parts; it didn't. Couldn't have because its quite new.

Server 2003 and 2008 otoh. are server environments which have been out in the open for quite a while and really earned their marks (IMO). I can easily argue that $company could be better off upgrading from 2003 to 2008 because I have a very good idea what both can and cannot do. But with 2012 all you can do is follow doctrine; and that's not good enough.

#3 Functionality - The market leader in many respects.

"Results obtained in the past are no guarantee for the future.".

#4 Performance - Significantly outperforms other platforms in common uses - e.,g. worlds fastest fileserver.

Yet if you're not so much into the whole virtualization then the performance aspect can easily start to work against you, considering how this server version is fully aimed at supporting virtual instances.

Best tool for the job applies here, and although 2012 is a good product its simply not better than the previous versions by definition. I can come up with plenty of scenario's where a 2008 or maybe even 2003 server would be much better suited.

0
0

Re: Some Obvious Reasons..... @RICHTO

All that fine, sure, except that Cutler is actually Dave, not Richard - see http://en.wikipedia.org/wiki/Dave_Cutler ...

0
0

This post has been deleted by its author

Silver badge

@Chavdar

Oops. I'm going senile, and I admit it. Thanks for the correction.

0
0
Bronze badge
Mushroom

Re: Some Obvious Reasons..... @RICHTO

Core server install (No GUI) was an option since Server 2008. It's not new.

0
1
Bronze badge
Mushroom

Re: @RICHTO

#1 - the question answered was "Microsoft Windows Server 2012: Why Bother?" - Not sure why you are going on about upgrading, this is the case for new installations too.

The same comment about upgrade costs adding to TCO would be true of any other OS also. And at least you can upgrade Windows verisons. Many Linux distributions only support a clean install.

#2 - That is assuming that you already have clients to upgrade. What abut green field sites? And anyway - much of the new functionality does not need new clients.

#3 - The functioonality is known - this is an RTM product.

#4 - Please explain how "the performance aspect can easily start to work against you" ? - Please define where a 2008 or a 2003 server would be "much better suited" ?

0
2
C 7

Just one thing missing

One thing they left out of 2012 which really, really pisses me off... the freaking start button! I want the damned thing back, and I want to meet the moron who decided it shouldn't be there, so I can slap the stupid out of him or her. I don't mind it on a desktop OS, but "live corners" or whatever they're called are impossible to use with nested RDP sessions. Oh yeah, and hotkeys don't work in that scenario either. The only redeeming factor is there's a powershell icon right on the taskbar, by default.

10
0

Re: Just one thing missing

I think they're edging you towards not actually keeping the desktop on the server - it can now be added and removed with a reboot. Management then done with the various remote tools.

I get your point, if they should have removed anything, IE ESC and UAC would have been my choice.

2
0
Silver badge
Thumb Down

Re: Just one thing missing

The whole 'Metro' bit is stupid with WS2012. All the server applications are desktop applications so you go out to Metro, click a tile and end up back at the desktop.

On a related note I also wish they'd bring back EMC. The new web based interface is even more klunky and periodically crashes IE. I wouldn't have thought it possible to make a worse UI for Exchange than EMC but amazingly Microsoft seem to have achieved it.

5
1
Bronze badge
Mushroom

Re: Just one thing missing

Install the remote admin tools and you dont have you use TIFKAM remotely. Or learn the TIFKAM keyboard shortcuts, or just use Powershell....

2
4
Anonymous Coward

Re: Just one thing missing

A tablet GUI has no place on a server no matter how many other ways there are of administering it.

7
1
Bronze badge
Mushroom

Re: Just one thing missing

Touch and Gesture is the future. Not just for tablets...

0
15
Silver badge

Re: Just one thing missing

Server 2008

WGA

Windows suddenly deciding that 'This is not a genuine copy of Windows'. Enter the license key again and you can breather again for another month or so until it does the same again.

This is on a bunch of servers who are totally disconnected from the internet for security reasons.

Patches on top of patches and unattended reboots causing data loss.(if you are connected to the internet)

Pah.

Patches resetting group policies especially those relating to updates.

even worse

Yeah. This is production ready software NOT.

This is why we are NOT going to deploy Server 2012. We are switching to RHEL.

As for security, Selinux is way better than anything that Redmond can offer.

7
2
Bronze badge
Mushroom

Re: Just one thing missing

So you clearly cant manage your Windows servers in a controlled or recommended manner. Hire a decent Windows admin. I know they cost a bit more than Linux ones, but it's worth it....

3
15
Bronze badge

Re: Just one thing missing

How about if you are administering it from a tablet?

0
0
Bronze badge
Mushroom

Re: Just one thing missing

How about if you are? Remote Admins Tools will install onto a Surface Pro tablet....And you can snap the keyboard on if you want to.

0
1
Bronze badge
Thumb Down

This is an Advert

Why are adverts like this allowed into El Reg news items?

And RIGH O is clearly a Microsoft salesman.

18
2

"And RIGH O is clearly a Microsoft salesman."

I don't think he is. Their sales people aren't great (whose are?) but they are usually saner and less annoying than this.

5
0

This post has been deleted by a moderator

This post has been deleted by a moderator

Bronze badge
Mushroom

Re: Licencing hell

Linux costs a LOT more to license though - unless you can go without support - but most enterprises can't. Plus it has a higher TCO for anything other than web services.

And Linux is less scalable. Show me a Linux Hypervisor that suports a single VM running 1 million IOPS?

0
22

Re: Licencing hell

OK it's now clear that you're a MIcrosoft shill or you're just indulging in some good old fashioned trolling.

There's a reason why Linux powers 95% of the world's supercomputers and 80% of webservers. Clue: it's to do with scalability and cost.

11
0
Bronze badge
Mushroom

Re: Licencing hell

For Webservers agreed - there are known issues with large farms on earlier Windows Server versions - such as certificate management.

For Supercomputers - that really means clusters - its not cost - its that the software that runs large distruted clusters was more mature on Linux. That is changing though....http://www.networkworld.com/news/2008/111808-windows-hpc-supercomputer.html?hpg1=bn

0
14
FAIL

Re: Licencing hell

Can I down vote this twice? "And Linux is less scalable" Comedy gold!

9
0

This post has been deleted by a moderator

Linux

Re: Licencing hell

"For Supercomputers - that really means clusters "

Nope. If you look at the largest NUMA boxen from IBM and SGI, you find they don't run Windows. Funnily enough I think these guys see themselves in the HPC space.

7
0
Silver badge

Re: Licencing hell

Well but Windows supports Supercomputing Services for Excel. Seriously!

3
1
Bronze badge
Mushroom

Re: Licencing hell

So find me a Linux Hypervisor that scales to 1 million IOPS on a single VM like Hyper-V does then.

I will give you a clue - there isnt one....

1
11
Anonymous Coward

Re: Licencing hell

@Christian Berger - I think that supercomputing services for excel is one of the most democratising advances in IT in the last ten years. It takes the requirement for a supercompute cluster - those of highly skilled programmers and infrastructure engineers, specialist hardware interconnects, highly tuned linux OSes, does away with them and allows normal business users to have access.

Now, obviously this isn't going to be for top end supercomputers, but allowing a business unit to have access to the processing power of a small to medium sized comodity cluster, without much in the way of special training is an incredibly powerful tool. There are many companies, particularly in financial services, where departments have built complex spreadsheets and would really like to push more data through them, but can't because they're limited to the processing power of the desktop. It's very easy to get sniffy about mere end users having access to one of the final remaining areas of specialist computing that can't be run at the desktop in one way or another, but I think it's a very good thing.

0
4
Bronze badge
Mushroom

Re: Licencing hell

Windows Server scales to those levels too: http://blogs.msdn.com/b/msr_er/archive/2012/11/12/affordable-supercomputing-with-windows-azure.aspx

As that's the LHC, I expect it is because it is full of beardy wierdies!

0
7
Bronze badge
Linux

Re: Licencing hell

@RICHTO

"So find me a Linux Hypervisor that scales to 1 million IOPS on a single VM like Hyper-V does then.

I will give you a clue - there isnt one...."

Some of us, who did this stuff for a living, might wonder why you would go to all of the trouble and cost of running a single VM on a single *NIX box when you would just scale and tune the box using the native OS...

But then people who have years of experience on Windows/Linux/UNIX/Netware/VMS/etc., know about stuff like that so we don't just slot in VMs everywhere because the nice salesman recommended it.

11
0

Re: Licencing hell

"So find me a Linux Hypervisor that scales to 1 million IOPS on a single VM like Hyper-V does then.

I will give you a clue - there isnt one...."

Last set of benchmarks I saw for a single VM on a KVM host was in excess of 900,000 IOPS for 4kb random reads (as the Hyper-V figure was I believe) but arguably less than 1,000,000 (or they would have said, you'd have thought). That said, as has been pointed out, why would you fixate on a single VM on single a host when a native OS would do, or use multiple hosts for a suitable aggregate bandwidth (easily set-up in excess of the bare metal speeds of the array in this case).

It's a fine figure to be sure, but i'm struggling to see why it would be a game changer..

5
0
Silver badge

Re: Licencing hell

"As that's the LHC, I expect it is because it is full of beardy wierdies!"

They're smart though.

2
0

Page:

This topic is closed for new posts.

Forums