Microsoft extend Extended Security Updates


Image by PublicDomainPictures from Pixabay

Extended Security Updates (ESUs), available for Windows Server 2008/R2 and SQL Server 2008/R2, were introduced in 2019 to extend available security support for 3 more years beyond the end of the products’ extended support periods.

It’s now less than 12 months until the end of the ESU period for SQL Server 2008/R2 and Microsoft have announced they will be providing 12 additional months of cover – but only for workloads running in Azure. This will also apply to Windows Server 2008/R2 – the end of ESU dates are:

  • SQL Server 2008/R2 – July 12, 2022
  • Windows Server 2008/R2 – January 10, 2023

End of support for 2012 Server versions

They have announced the availability of ESUs for the 2012/R2 releases of SQL Server and Windows Server. Extended Support for these ends:

SQL Server 2012 – July 12, 2022

Windows Server 2012/R2 – October 10, 2023

It’s now less than 12 months until SQL Server 2012 goes out of support so if you’re using that within your organisation, you need to come up with a plan to:

  • Upgrade on-premises
  • Migrate to Azure for free ESUs
  • Budget to purchase on-premises ESUs

See more info from Microsoft here.

What’s new in Windows Server 2012 R2


Microsoft’s latest server operating system, Windows Server 2012 R2, is due with us on October 18th so let’s take a look at what’s new in the upcoming release.

 

People Centric IT (PCIT): Borne out of/related to Bring Your Own Device (BYOD), PCIT is a key component of all Microsoft’s upcoming server releases including System Center and Intune.

The Workplace Join feature will enable users to register their devices in Active Directory (AD) and then to enroll them for management in System Center / Intune.

As part of that Workplace Join, we’ve created a user@device record in the Active Directory. In this way, we’re enabling your existing AD infrastructure to be extended to accommodate mobile devices. This allows us to provide the IT Pro with an inventory of devices and their users, and to audit the access that will be subsequently granted to those users on those devices. The certificate issued to the device includes both the identity of that device and the identity of the authenticated user. Access to resources published via our Web Application Proxy (see below), or to any other resource that relies on AD FS for authentication, will rely on this certificate for authentication.

One thing worth noting: The act of registering the device to Active Directory does not allow IT to control the device in any manner — that’s is covered by enrollment. Workplace Join is only used to govern access to corporate resources and to enable SSO.

The new Company Portal gives users a central place to perform common tasks such as:

  • Access internal apps
  • Manage their devices with remote wipe etc.
  • Access their data with Work Folders integration

What are Work Folders you may ask, well:

Work Folders address the bring-your-own device (BYOD) scenario, enabling users to store and access work files on personal PCs and devices as well as corporate PCs. Users gain a convenient location to store work files and access them from anywhere, while organizations maintain control over corporate data, storing the files on centrally managed file servers and optionally specifying user device policies such as encryption and lock screen passwords.

Work Folders can be deployed alongside existing deployments of Folder Redirection, Offline Files, and home folders. Work Folders stores user files in a folder on the server called a sync share, and you can specify a folder that already contains user data, enabling you to adopt Work Folders without migrating servers and data or immediately phasing out your existing solution.

This all makes it easier for users to be able “work anywhere” as:

As part of enrolling for management, users can have their devices provisioned with certificates, WiFi profiles, VPN profiles, and DirectAccess configuration. The VPN profiles can be associated with DNS names or specific applications so that they automatically launch on demand. This allows users to work remotely and always be connected to the corporate network without the need to initiate a VPN connection.

A new feature in Server 2012 R2, SCCM 2012 2 and Windows 8.1 enables apps to initiate the VPN connection when launched.

Another big BYOD addition is this:

With the R2 wave of releases, we have added the ability to selectively wipe corporate information while leaving personal data intact.

That’s a huge thing with BYOD, if users are using their personal devices for work it stands to reason their will be personal data on the device – holiday pictures, music etc. – and the risk of losing all that due to a corporate wipe has put many people off. Some may say that is the price one pays for BYOD but it doesn’t have to be the case and it’s great to see it baked into the new MS products.

Other areas added to in Windows Server 2012 R2 include:

  • Identity Management
  • IAAS (Infrastructure As A Service)
  • Hybrid Networking
  • Cloud Integrated Disaster Recovery

To see much more in depth, technical info around all the above (and more) head over to:

http://blogs.technet.com/b/in_the_cloud/archive/tags/what_2700_s+new+in+2012+r2/

%d bloggers like this: