Windows Server 2022 Standard
With a growing number of cyber-security threats and the impact of incidents escalating quickly, security is a top priority for our customers. Windows Server 2022 includes new security capabilities like secured-core server and secure connectivity.
What you will get?
Windows Server 2022 Standard
Windows Server 2022 Standard introduces advanced multi-layer security, hybrid capabilities with Azure, and a flexible application platform. As part of this release, we are bringing secured-core capabilities to help protect hardware, firmware, and Windows Server OS capabilities against advanced security threats. Secured-core server builds on technologies such as Windows Defender System Guard and Virtualization-based Security to minimize risk from firmware vulnerabilities and advanced malware. The new release also provides secured connectivity that introduces several new capabilities such as faster and more secure encrypted HTTPS connections, industry standard SMB AES 256 encryption and more.
Windows Server 2022 Standard improves hybrid server management with significantly improved VM management, an enhanced event viewer, and many more new capabilities in Windows Admin Center. Furthermore, this release includes significant improvements to Windows containers, such as smaller image sizes for faster download, simplified network policy implementation and containerization tools for .NET applications.
With Windows Server 2022 Standard, users gain access to features such as:
Web Application Platforms
The most advanced protection
The new security capabilities in Windows Server 2022 Standard combine other security capabilities in Windows Server across multiple areas to provide defense-in-depth protection against advanced threats. Advanced multi-layer security in Windows Server 2022 provides the comprehensive protection that servers need today.
Certified Secured-core server hardware from an OEM partner provides additional security protections that are useful against sophisticated attacks. This can provide increased assurance when handling mission critical data in some of the most data sensitive industries. A Secured-core server uses hardware, firmware, and driver capabilities to enable advanced Windows Server security features.
Trusted Platform Module 2.0 (TPM 2.0) secure crypto-processor chips provide a secure, hardware-based store for sensitive cryptographic keys and data, including systems integrity measurements. TPM 2.0 can verify that the server has been started with legitimate code and can be trusted by subsequent code execution. This is known as a hardware root-of-trust and is used by features such as BitLocker drive encryption.
Firmware executes with high privileges and is often invisible to traditional anti-virus solutions, which has led to a rise in the number of firmware-based attacks. Secured-core server processors support measurement and verification of boot processes with Dynamic Root of Trust for Measurement (DRTM) technology and isolation of driver access to memory with Direct Memory Access (DMA) protection.
UEFI secure boot
UEFI secure boot is a security standard that protects your servers from malicious rootkits. Secure boot ensures the server boots only firmware and software trusted by the hardware manufacturer. When the server is started, the firmware checks the signature of each boot component including firmware drivers and the OS. If the signatures are valid, the server boots and the firmware gives control to the OS.
Virtualization-based security (VBS)
Secured-core servers support virtualization-based security (VBS) and hypervisor-based code integrity (HVCI). VBS uses hardware virtualization features to create and isolate a secure region of memory from the normal operating system, protecting against an entire class of vulnerabilities used in cryptocurrency mining attacks. VBS also allows for the use of Credential Guard, where user credentials and secrets are stored in a virtual container that the operating system cannot access directly.
Why upgrade to Windows Server 2022
With Windows Server 2022 Standard, customers can continue to securely run their workloads, enable new hybrid cloud scenarios, and modernize their applications to meet evolving business requirements. Let’s dive into the new technical capabilities of Windows Server 2022 and how customers can take advantage of these to modernize their server environment
Advanced multi-layered security
Security has always been a cornerstone of Windows Server. With security top of mind for our customers, we are introducing numerous security enhancements in Windows Server 2022. In this release, customers can take advantage of multi-layer security with Secured-core server and secured connectivity. Secured-core server means our hardware partners have provided hardware, firmware, and drivers to help customers harden the security of their critical systems. It allows IT and SecOps teams to apply comprehensive security broadly in their environment with Secured-core server’s advanced protection and preventive defense across hardware, firmware, and virtualization layers.
Secured connectivity in Windows Server 2022 adds another layer to security during transport. The new release adds faster and more secure encrypted hypertext transfer protocol secure (HTTPS) and industry-standard AES-256 encryption with support for server message block (SMB) protocol.
Hybrid capabilities with Azure
Customers are choosing a hybrid and multicloud approach to digitally transform their businesses. They can now take advantage of cloud services with on-premises Windows Server 2022 by connecting with Azure Arc.
Additionally, in Windows Server 2022 customers can take advantage of the File Server enhancements such as SMB Compression. SMB Compression improves application file transfer by compressing data while in transit over a network. Finally, Windows Admin Center, a tool loved by admins, brings modern server management experience such as with a new event viewer and gateway proxy support for Azure connected scenarios.
Flexible application platform
Customers who upgrade to Windows Server 2022 can take advantage of scalability improvements such as support for 48TB of memory and 2,048 logical cores running on 64 physical sockets for those demanding Tier1 applications. In this release, customers can also take advantage of advancements to Windows containers. For example, Windows Server 2022 improves application compatibility of Windows containers, includes HostProcess containers for node configuration, supports IPv6 and dual-stack, and enables consistent network policy implementation with Calico. Furthermore, we are continuing to work with the Kubernetes community to enable Windows Server 2022 container support and bring the new capabilities to Azure Kubernetes Service (AKS) and AKS on Azure Stack HCI.
Get more from Windows Server
In the last year, we have not only introduced Windows Server 2022 Standard but also introduced Azure services and service enhancements for Windows Server. Let’s look at the two common scenarios and capabilities that customers can take advantage of.
Azure Automanage (in preview) enables IT pros to not only automate cloud best practices but also put into practice our enterprise expertise with the Microsoft cloud adoption framework. With Azure Automanage for Windows Server, customers can migrate to Azure easily without any changes to network IP, securely do file transfer to Azure using SMB over QUIC, and implement hotpatch for new Windows Server Azure Virtual Machines.
To modernize existing applications, customers have many options in Azure depending on their application architectural needs. For example, Azure Kubernetes Service (AKS) with native .NET support enables customers to modernize applications with Kubernetes, the container orchestrator of choice for many.
Hybrid and on-premises
Many customers need to run applications and services on-premises. Through Azure Arc and Azure Stack HCI, customers can modernize the management and virtualization layers, respectively. Similarly, customers who want to modernize their Windows Server applications on-premises can use AKS on Azure Stack HCI.
While we will continue to introduce new capabilities in Window Server Long Term Servicing Channel (LTSC), we will also enable new scenarios in Azure that make it simple for customers to modernize their Windows Server IT environment.