It is almost impossible to find someone who does not know Windows (the normal one, not Windows Server 2012). According to Microsoft itself, it is used by more than 1.5 billion people worldwide and is by far the most popular operating system on the planet.
For businesses, on the other hand, there is a kind of twin brother of Windows, called Windows Server. It is also an operating system and offers the businessman resources and tools for:
- Manage servers
- Virtualize work environments
- Store documents and applications
- Control user access
- Ensuring the IT security of the system
This list is a simplification, but it allows you to understand the difference between Windows Server and traditional Windows, for the average user. Versions were released in 2019, 2016 but the one that makes me write this article is the 2012 version, whose support will end on October 10, 2023.
Before I talk about the implications of this decision, I'm going to help you recover everything that is useful to you in Windows Server 2012, so that you are aware of what you risk losing if you don't act in time. Read on to find out.
Why did we need Windows Server 2012?
In addition to the features and tools we listed in the previous chapter, businesses have been taking advantage of Windows Server 2012 for several reasons:
Microsoft's enterprise operating system is compatible with most applications and devices that businesses already use. In other words: the "hassle" of implementing it is less than the benefits you reap from using it.
- Ease of use
It is easy to use and configure; and the IT specialists were already familiar with this language, which tended to decrease errors and problems in the transition from the old system to the Windows Server 2012 reality.
- Resource management
From user management, data backup, or specific administration of security policies: the system has allowed modular agility within the reach of few available in the market.
Microsoft's operating system integrates easily with other Microsoft products - such as Exchange or SharePoint - and with most of the software used by businesses, which helps improve the organization's collaboration and productivity.
- Technical Support
As one of the core products of a leading company, the direct technical support or resources available to get clarification and solve problems are many, are clear, and exist in almost every language.
But technical support is the bottom line: it's going to end:
- Among other things, this means that you cannot update programs such as Office, PowerPoint or Excel as they are no longer compatible with the operating system;
- That if a new feature is released in the programs you use, you don't have access to that feature;
- And that you can no longer update antivirus, at a time when cybercriminals are more sophisticated than ever!
So, more than deciding whether or not to upgrade your system, if your company is still using Windows Server 2012 you should be aware of the risks of not upgrading. But don't worry: I'll go into detail about them in the next chapter.
And what are the risks of not updating?
If you are wondering what will happen if you continue to use Windows Server 2012 after support ends, this is the list of risks you should be aware of:
- Security Risks
Without new security updates, patches or new fixes, systems become vulnerable to cyber attacks. This can result in loss of confidential data, disruption of the production chain, and of course financial and reputational damage. Remember that companies are going to be hot targets for cybercriminals!
➡️ Click and learn how to protect your company from a ransomware attack
- Risk of Revenue Loss
If a company's production chain is not operating properly and that company competes in a very time-sensitive industry, any downtime caused by loss of resources, support, or by attack can lead to lost revenue.
- Compatibility Risks
New applications and hardware may not work properly with Windows Server 2012. This impediment disables your company from using technologies and tools at the forefront of research; and takes you away from more efficient management.
- Support Risks
On October 10, 2023 Microsoft will no longer provide technical assistance for Windows Server 2012, which means that companies are forced to seek help from external sources if they have problems. This type of help may be rarer, more expensive and less efficient than Microsoft support.
- Personal Liability Risks
Although directors and officers are relatively well protected, keep in mind that the number of lawsuits filed against us is increasing. An example of this is the famous Caremark casecase, which held directors personally liable for failing to adequately supervise their company.
- Compliance Risks
In some industries there are regulations that require companies to keep systems up to date and secure - retail is one of them [hyperlink to retail article]. If your company is part of these industries and if it continues to use Windows Server 2012, it risks financial penalties. Especially the financial and healthcare sector: watch out for the fines!
On the other hand, the GDPR and other privacy regulations require companies to make reasonable efforts to protect personal data. Practical example: Cyber Essentials certification in the UK and ISO 27001 in Portugal will not be awarded to companies that do not have this vulnerability fixed...
...in fact, the end of life of an operating system can even be used as a justification to increase insurance premiums that your company pays!
Now that you know the risks of not updating Windows Server 2012 I'll explain the alternative, so you don't have to feel them on your skin. The latest one is called Windows Server 2022 and has advantages that you can learn about in the next chapter.
Windows Server 2022 - What's new?
Let's go in parts. One of the major versions that came out after the release of the famous Windows Server 2012 was Windows Server 2019, it was running in the year 2018. Among others, these were some of the main advantages that the system brought:
- Enhanced Virtualization
Windows Server 2019 provides support for virtual machines with up to 240 vCPUs and 12 TB of RAM, allowing system administrators to run a higher workload. In the event of hardware failure, the Virtual Machine Failover Cluster will ensure that the production chain continues to function.
- Hyperconverged storage
In a simple phrase, storage and virtualization in a single tool. The system allows resources to be managed centrally and more simply, with the ability to scale for higher performance data and application processing.
- Enhanced security
Among the many enhancements are Windows Defender Advanced Threat Protection that will help you protect your company's computing infrastructure against advanced threats; Bitlocker to encrypt data on disk; and Active Directory to manage identities and access to resources.
- Support for containers
The enterprise operating system allows you to run applications in containers, to isolate resources and make them easier to deploy, maintain, and scale. It supports two types of containers: process-based and image-based.
- Device Manager
With Microsoft Endpoint Manager, the system enables the enterprise manager to manage mobile or fixed devices, applications, data, and settings centrally and in compliance with current regulations. The various devices in the system can use different operating systems, such as Windows, iOs or Android.
There are other new features compared to Windows Server 2012, but the important thing to remember is that this is one of the most widely used versions for enterprise systems. And it is from here, from the famous Windows Server 2019, that we finally arrive at the present time.
Released in October 2021 with promised support through October 2031, Windows Server 2022 is the latest version of Microsoft's enterprise family. Some of the key new features include:
- Server Hardware Enhancements
The 2022 server supports 48 terabytes of memory and 2048 colors. Plus, it supports Intel's Ice Lake SGX processor, which helps isolate sensitive data on an encrypted processor during processing.
- Storage Improvements
Microsoft knows that daily data usage has become a headache for engineers. And it has responded with advanced caching - which now allows important data to be automatically stored in faster volumes; and less critical data in slower volumes.
- Security Measures Update
Although Microsoft has introduced Advanced Threat Protection in Windows Server 2019, the number of threats endangering organizations continues to grow. Awareness of this circumstance has prompted Microsoft to (react) again.
Central to the security concept of this new operating system is the Secured-Core Server, which protects hardware, firmware, and the operating system against threats via the Trusted Platform Module 2.0 and Windows Defender System Guard.
What's more, the Secure Message Block file sharing protocol is now encrypted by default. Other new features include the evolution of Windows Defender Credential Guard, to protect credentials and other confidential assets traveling on your network.
There is also more security in the virtual environment. We have seen a series of updates with strange names, but the important thing to retain is that the system is self-sufficient in processing sensitive data and critical applications. In terms of hardware, firmware and drivers, the core is now protected against the most complex attacks.
Via firmware, threats and attacks often occur during server restart. Technologies such as Dynamic Root of Trust for Measurement and Direct Memory Access have prevented such attacks.
On the other hand, the hypervisor - that is, the person who controls the system - is now protected by virtualization-based technology that isolates individual processes from the operating system. In the event of an attack, the entire server is not compromised.
Over the network connection, the Transport Layer Security protocol is now used to establish a connection between two nodes. And finally, the new Server Message Block feature eliminates the need for a VPN for remote workers and mobile users - thanks to the Use Datagram Protocol that ensures that Internet traffic is encrypted.
- Microsoft Azure Enhancements
If you don't already know it, Azure is Microsoft's cloud. It is where a variety of computing services are born, such as hosting websites and applications, data storage, and analysis capabilities, among others. It is often used by entrepreneurs to facilitate the implementation and scalability of computing resources useful to the company.
In this release, the platform's capabilities have been extended to what we now know as Azure Arc: with support for virtualization off the network or from other providers, in hybrid or multicloud environments. This means that the user can now manage and protect resources in physical, public cloud (such as Google Cloud Platform) or private cloud environments from a single platform.
- Application Platform Enhancements
Hosting and managing business-critical applications is easier in Windows Server 2022. Not only thanks to the container logic, which is introduced in the previous version, but because application loading is 30% faster in this version.
For those using .NET applications, the Windows Admin Center tools have also been updated in this release, and the administrator can now use it to control the infrastructure through the browser.
- Effortless Cloud Management
The Azure edition of Windows Server 2022 has a new feature that allows you to manage and automate processes in the cloud, with security best practices such as:
- Ability to apply security patches without restarting the computer
- Automation of administrative tasks such as monitoring and archiving
- On-premises data migration to Azure without changing the original IP
- Network Enhancements
In any network communication there are two main protocols: User Datagram Protocol (UDP) and Transmission Control Protocol (TCP). You can learn more about each if you click on the hyperlinked name but, more than understanding them, what matters is that Microsoft has significantly improved them in Windows Server 2022.
Shall we go for more strange names? To reduce the load on the CPU we have also included UDP Segmentation Offoad (USO) and UDP Receive Side Coalescing (UDP RSC) have been included. And TCP HyStart++ helps reduce packet loss during connection startup. Finally, RACK helps reduce retransmission time.
One last reference to QUIC which makes it easy to copy files remotely, without the need for a VPN, thanks to a feature we have already covered in this article: an advanced SMB (Message Block Serve).
Well... Enough with the weird names!
And what has been discontinued?
With each new version of Windows Server, Microsoft makes improvements and enhancements, which involve (also) discontinuing old features. In the transition from Windows Server 2019 to 2022, these were some of the discontinued features:
- Semi-Annual Channel or SAC
SAC is a Windows Server upgrade channel that offers two versions per year, allowing users to access new features and system improvements faster.
It has been replaced by a long-term channel (LTS) with support for up to 10 years. But it will continue for Kubernetes communities, such as Azure Kubernetes Services (AKS) and Azure Stack HCK. I know... More weird names!
- Internet Storage Name Service (iSNS) Server
This software allows you to automatically find network storage devices in corporate IT environments. And of course: it allows you to group them by type or function and define access policies by group.
It should be said that support for this feature will continue but there will be no development of the tool in the future.
- Guarded Fabric and Shielded Virtual Machines (VMs)
In a very simplified way, these are features that protect virtual machines from malicious threats in data center environments. Specific, I know.
The Guarded Fabric Fabrics protect the physical host hardware and use technologies such as Trusted Platform Module (TPM) and Secure Boot to ensure the integrity of the platform. The Shielded VMs are virtual machines protected by encryption from unauthorized access.
This feature will be removed completely in the client version of Windows Server 2022.
- Windows Deployment Services (WDS)
It serves to facilitate the automated deployment of operating systems on networked computers. For example: it allows you to install Windows on multiple machines, with or without a hard disk, as well as upgrade existing operating systems.
The important thing to retain: WDS resources are going to be limited.
Now that you know what Windows Server 2022 brought new, the features it dropped, and the risks of not upgrading to this version, it's time to answer the million-dollar question: how do you start using it?
This is what we will find out in the next chapter.
How to get started with Windows Server 2022
For the migration to be completed successfully, there are a number of decisions that you must make. We will walk you through them all, so that no detail is left to chance.
First of all, you must choose between the four versions available on the market: Essential, Standart, Data Center, and Azure Data Center. Let's look at the differences between all the versions.
But first: all versions of WIndows Server 2022 have the option to install both the server version and the desktop version:
- The desktop edition is installed for remote work sessions hosted on serverless services;
- The server edition is installed to handle specific functions such as DNS server, Web server, virtualization, and others.
Although there are a number of variations among the many ways to deploy Windows Server 2022, we will focus on themain differences between the four possible versions in the server edition.
- Standart Edition
It is the base version of Windows Server 2022 with a single standard version license, able to run with two virtual machines and one host Hyper-V. The option Replica Storage option is available, with capacity up to 2 terabytes. Features such as Hot Paching or storage are not available in this version.
- Data Center Edition
This version offers features such as Protected VMs, which we have already covered in this article - it is a feature that protects firmware and boot files and enables BitLocker disk encryption.
As for data management and protection, essential for any business infrastructure, Microsoft has integrated two main functions: software-defined storage and storage replication with Storage Spaces Direct.
Storage replication offers the ability to replicate data in bulk without loss and replicates open files. Software-defined storage, on the other hand, enables more manageability and scalability - it supports up to 16 servers and up to 1 petabyte of clustered storage.
- Azure Data Center Edition
As the name suggests, this is the version designed for the Microsoft Azure platform, with features that are not available in the previous two versions. Here the Hot Patch allows you to install updates without rebooting the server; and the Server Message Block via QUIC provides access to shared files without the need for a VPN on the network.
This edition runs virtual machines on the operating system Azure Stack Hyper-Converged Infrastructure (HCI) known for its high levels of security, performance, and new hybrid features. To get an idea of the power of HCI, it would warrant an article on its own!
- Essential Edition
Designed for small organizations, they support a maximum of 25 users and 50 devices. No features like system dashboard, backups, or remote access. Supports processors with a maximum of 10 cores.
For the servers to run without frustration or crashes, Microsoft has published suggested minimum hardware requirements. If these are not met, the installation of the operating system will probably not even be completed.
These are the recommended prerequisites:
- 64-bit, 1.4 GHz compatible processor
- 512 MB RAM and 2 GB for server
- Network: NIC card with minimum bandwidth of 1 GBPS
- HDD: 32GB
Shall we continue?
If you want to try Windows Server 2022 before you buy it, you can download the 180-day trial by installing this file. If you are satisfied and want to move on to the purchase phase, there are versions ranging from $500 to $6000, depending on the edition you choose and the features you want to include.
Attention: especially if you are going to change hardware as well, take care of the migration process properly.
With so many modular tools, it is not uncommon for a migration to take about 18 months to complete. What's more, if the transition is done without prior planning, the process can seriously disrupt operations and cause serious problems. But don't worry...
...in the next chapters I will teach you how to avoid problems in the migration and system installation process!
How to avoid problems in migration?
If one of your current concerns is to react to the growing number of attacks on Portuguese companies and to avoid security breaches, yes: you should migrate your "business machine" to the new operating system as soon as possible. But as with everything...
...if poorly managed, the migration process can open up opportunities for error and create even greater security risks!
A real-life example of this happened with the UK bank (TSB), which suffered severe disruptions during a migration process and was vulnerable to fraudulent activities, costing it +£300 million in damages. All due to lack of rigorous testing and early project execution.
To avoid problems, I will give you a checklist with all the precautions you need to take in the data center migration process. Use this list to ensure that the process of migrating critical data and applications to your data center (local or virtual) goes smoothly:
- Appoint the team that will be in charge of the migration process. If your IT partner will be responsible for the entire operation, set deadlines, costs, and trade-offs in case of accidents or negligence;
- Schedule your migration strategy. Transferring data means not being able to access machines or files during the period when the migration takes place. Make sure that the entire enterprise does not grind to a halt at the same time;
- Set a budget. Technical problems and delays can happen, but make sure that the price of the operation does not double or triple. And define with the team that manages the migration (if it is external) the limit beyond which the responsibility for problems and delays is no longer borne by you.
- Take an inventory of the equipment that will be migrated to your new data center to ensure that no data is lost or machines damaged in the process;
- Make sure that all hardware, cables and racks are identified. There are small stickers or labels, specifically designed for this purpose:
- Schedule software or equipment updates that are critical to the operation of your production chain, and make sure there are alarms and reminders that remind you (or the designated responsible party) of these updates;
- Confirm the space, power, cooling, and Internet access you need before you begin the migration. And if so, send this information to the IT partner responsible for building the infrastructure;
- Remember to ask your electrical installation supplier to refine the system's physical structures and circuits for the required electrical redundancy;
- Confirm the number and dimensions of the racks needed to build your data center just as you envisioned it;
- Confirm that the physical space where the data center will rise can accommodate both the technology infrastructure you need now and future equipment your company will need in the coming years;
- Make a final confirmation of the physical and digital security of the entire system, before making it accessible to all your employees;
- If available, confirm the operation of uninterruptible power systems (UPS) that guarantee the continuity of your production chain in case of an unexpected power cut;
- This caution seems strange but we always recommend it: make sure that the machines turn on again after being turned off, in this new technological environment.
- Consider replicating some data and files critical to the operation of your system. For example, did you know that your company is required by law to keep accounting documents for ten years?
- Understand the specific connection and speed needs of the various sectors of your company. For example: if the company's computers connect to the Internet via WiFi, the office farthest from the router will take longer to access the files stored in the data center, which may affect your production chain;
- Test the P2P circuits of the system and define which poles should have a direct connection to each other (in telecommunications, a P2P connection refers to a direct connection between two poles). For example: your accounting department should have access to the storage that holds invoices and sales slips, but your marketing department should not;
- Review the decisions you have made about on-site Internet access and the connections you have established between the various data center hubs. Your IT consultant will help you understand whether the plan you have laid out meets the needs of your supply chain.
- Set a deadline for the entire migration process. Remember to plan how long the systems can be offline, so that the company's production chain is not compromised;
- Confirm that there are backups for all the information to be migrated and that there are systems in place to protect you from the accidents that can happen in such a process;
- Define an alternative action plan to secure your company's production chain if accidents occur during the process;
- Remember to ensure the correct accommodation of the equipment when transporting it to the new location, and if necessary, hire the support of armed security during the transport of disks with valuable data and trade secrets;
- Clearly define how the equipment to be transported will enter the data center room. This should include measuring the width and height of doors and windows through which the equipment will pass;
- If you need the help of a carrier, make sure it is a reputable company that is aware of all the care and specifications you have recorded up to this point. Also make sure that you inform them of the entry points of the equipment into the building, such as garages or unloading points.
How to avoid problems when installing the operating system?
Step 1. Download the Windows Server 2022 ISO
1. The first step in the process of installing the new Windows Server 2022 is to download the installation file. I added the ISO file you need further back in this article, when I explained how to test the system for free. But you can run the official Microsoft process here;
2. Click Windows Server 2022 and select "Download the ISO" from the available options. Click Continue;
3. You will be asked for information so that you can download the Windows Server 2022 ISO image. Make sure you enter your information accurately, as verification may be required later. When you are finished, click Continue;
4. Choose the language you wish to use. Currently, you can choose from 8 different languages, including English, Portuguese and Japanese. Once selected, click the Download button;
5. The download may take several hours to complete. Make sure that you do not disconnect your computer from the power or the internet while the process is running.
Step 2. Run the ISO image for Windows Server 2022
1. After downloading the Windows Server 2022 ISO file, it's time to run the installation process. You can install the system on a physical host (such as a server in your company) or on a virtual machine using an ISO image;
2. If you chose the second option in the previous step, there are two techniques you can use: either create a bootable drive via USB Flash Drive, or create a bootable drive via USB using Rufus. Click on the hyperlinked phrases to follow the process for each of these options, step by step;
3. If you have access to MSDN (via your Visual Studio subscription), you will have the option to download the Windows Server 2022 ISO from there. All you need to do is generate a new key by clicking "Get Key" and use that key to activate the Windows Server 2022 installation.
Step 3. Install Windows Server 2022
With the boot process ready, you can now proceed with the installation of Windows Server 2022. Since it is an extensive operating system, with several editions available for purchase or download, remember to choose a priori which version to install before starting the installation process.
For example in this article, I will show you step by step the process of installing Server Core and Desktop Experience. Relax, I will explain the differences in a moment!
Step 3.1. Install Windows Server 2022 (Server Core)
Server Core is a minimal installation method that interacts directly via commands on the server. It is suitable for smaller companies that need to save space and resources.
1. start up your physical or virtual machine using the boot file you created in the previous step. You will be asked to press any key at first. This command is a kind of starting point for the installation;
2. Next you must select a language, as well as the keyboard layout and time/currency settings. Click "Next" in the window that appears after you have made your choice;
3. Click the "Install Now" button to start the Windows Server 2022 installation process. This step will start the installation process for the Server Core edition;
4. In the next window, choose the Windows Server 2022 server option that you want to install with Server Core. It is this decision that will give you (or take away) access to use some of Microsoft's command line tools. Click "Next" to proceed;
5. Next, you must read the license terms and conditions and agree to them in order for the installation process to continue. Check the box "I accept all license agreements"to continue the process;
6. At installation, select "Custom: Install Windows Server Operating System only" if you are installing Windows Server 2022 on a new server. Otherwise, if you are upgrading from a previous version of Windows Server, choose the option "Upgrade: Install Microsoft Server Operating System and keep files, settings, and applications".
7. Select a partition for installing Windows Server. You can optionally create a new partition or use the entire size of the drive. When you have selected the designated operating system partition, proceed by clicking "Next".
8. The installer will start installing the necessary system files. When the process is complete, the system will reboot automatically.
9. If the installation was successful, the system should reboot immediately and will prompt you for an administrator password. Enter this information; re-enter it to verify it and continue.
10. You will then be taken directly to Microsoft's PowerShell interface, where you can begin managing your newly installed Windows Server 2022 operating system via the Server Core interface.
Step 3.2. Install Windows Server 2022 (Desktop Experience)
Desktop Experience has a dedicated GUI (Graphical User Interface) similar to a normal Windows operating system, which will make it easier for you to administer the server.
1. Follow the same installation instructions as for Server Core, until the system reboots after installing the operating system. And make sure you select "Desktop Experience" when choosing your version of Windows Server 2022;
2. After restarting the system, you will see a graphical interface. You will be asked to create an administrator password before proceeding. Click "Finish" when you are finished;
3. The login screen will appear when you press Ctrl+Alt+Del. Enter the password you set in the previous step to continue towards your server;
4. You should see the "Server Manager Launch" by default. You can start configuring your server at this stage or explore more options in the "Control Panel" accessible in the same way as in normal Windows operating systems.
Step 4. Configure the network on Windows Server 2022
In the previous sections I showed you how to install Windows Server 2022, but now it's time to configure it. The first things that need to be configured on your network are the IPs and gateway addresses, so that system administrators can administer the server remotely and access their virtual environments. How?
Step 4.1 Network Configuration in Windows Server 2022 (Server Core)
1. To configure the network for Windows Server 2022, run the following command in the command area: "SConfig";
2. You will see a menu open on the screen. Choose option 8 for "Network Settings". At that point you will be directed to the network configuration page, where all settings are made (for wired and wireless networks);
3. To start the configuration, you will need to choose which IP to configure first. In this case, as an example, we will choose 1 because our server has only one network connection.
4. After selecting the IP you want to configure, you can start customizing these settings. The computer's network settings will be updated automatically. The process should not take more than five minutes to complete.
Step 4.2 Network Configuration in Windows Server 2022 (Desktop Experience)
1. Open the search interface from the taskbar by clicking the magnifying glass icon. You can also create it with the "Windows + S" keyboard shortcut.
2. Type the words "Control Panel" and click on the first search result. When it opens, navigate to "Network and Internet > Network Connections".
3. Right-click on the network you wish to configure. We only have one network connection to the computer that hosts the server, in this example; however, you will have more possible options. Select the one you wish to configure and choose "Properties" from the context menu.
4. You can start setting up the network connection using the GUI (Graphical User Interface), which you are probably familiar with thanks to Windows 10.
And how long will this Windows Server last?
During the first five years of a Windows Server product's lifecycle - the base support phase - Microsoft continually releases updates that include new features, service packs, patches, and fixes.
During extended support - up to ten years after the initial release - the product is no longer the focus of the Microsoft team, and new products are likely to be released to replace it.
Only critical security updates and patches will be developed by Microsoft. Therefore, if a product encounters a critical flaw, the company can no longer count on Microsoft to fix it. I will leave you with a chart that shows how long you can count on official Microsoft assistance, for each version of Windows Server:
I want to replace Windows Server 2012 but would rather have help... What to do?
If you don't want your company to be the next TBS bank and have problems in the process of installing or upgrading to Windows Server 2022, you can ask Morebiz to do it for you. Find out the process in the video below: