BOOK AN APPOINTMENT WITH AN IT SPECIALIST TODAY

How New Windows Server 2022 Features Improve Hybrid Integration and Security

How New Windows Server 2022 Features Improve Hybrid Integration and Security

Microsoft recently announced the preview of the latest Windows Server. The new release comes with several key features, such as Azure automanage (hotpatching) and virtualization-based security (VBS). Windows Server 2022 allows users to leverage the cloud to maximize uptime and keep virtual machines (VMs) up to date. It introduces enhanced security features and Azure hybrid integration and management.

Windows Server now has an Azure edition, thanks to Microsoft’s plans to promote Azure as the ideal platform for hosting the 2022 release. The integrated edition provides access to features unavailable outside of Azure Stack and the public cloud. In addition, you can also expect enhanced integration with various cloud services, such as Azure App Service. Windows Admin Center (WAC) and Azure Automanage.

Windows Server 2022

Security Enhancements

Microsoft has enrolled Windows Server 2022 into its Secured-Core program. The 2022 release derives several security benefits from the program’s features. These benefits include the secure operating system, firmware, and hardware features, which provide robust protection against sophisticated cyber attacks.

Secured-Core servers maximize security, thanks to the advanced protection measures deployed at the software and hardware layers. The security features include Windows Defender System Guard. According to Microsoft, companies can take advantage of verifiable security solutions to maintain the integrity of operating systems. These measures harden defenses against firmware attacks.

Windows Server 2022 ensures faster and secure connectivity because it enables TLS 1.3 by default. This configuration protects your organization from attacks by safeguarding HTTPS connections. On the other hand, the 2022 release comes with DNS over HTTPS (DoH) and Secure DNS.

Microsoft improved fileserver features to maximize security for connections using SMB AES-256 encryption. Likewise, internal cluster communication relies on East-West SMB encryption controls. The best part about the enhanced connection security in Windows Server 2022 is that encryption does not affect performance. This benefit is particularly true for the Remote Direct Memory Access (RDMA).

Additional Security Improvements in Windows Server 2022

  • Virtualization-based security (VBS): Leverages the hardware virtualization capabilities of Hyper-V technology to protect control flow guard (CFG) bitmap modification. VBS also verifies the validity of EV certificates.
  • Memory protection: Helps secure technologies that store sensitive data in memory while the system is operational. Malicious software in a drive plugged into a port cannot read data stored by security solutions like Bitlocker. Boot direct memory access (DMA) prevents such attacks.
  • SMB VPN for remote workers: This feature is critical for high-security organizations looking to maximize network protection for mobile users. Meanwhile, SMB over QUIC employs TLS 1.3 encrypted tunnel to avoid exposing server message block (SMB) traffic to the network. The best part is that functions like authorization and authentication work optimally inside the tunnel.

Azure Hybrid Capabilities in Windows Server 2022

The 2022 release makes it easier to expand your data centers to Azure without compromising agility and efficiency. Additional capabilities you should know about include improved admin center reporting, application compatibility, enhanced server management, and streamlined update installation.

Windows Admin Center

You can now report the state of secure-core features via the Windows admin center. It is also possible to allow some customers to activate specific features.

Azure Arc Enabled Windows Servers

With Azure Arc, the 2022 release integrates multi-cloud and on-premise Windows Servers with Azure. The integration streamlines the management experience to ensure consistency with Azure virtual machine administration. Once you connect a hybrid machine to Azure, it operates as a resource and a connected machine.

Application Platform Improvements

Microsoft improved several platform functions for Windows containers. As a result, you can expect a better experience for the container with Kubernetes and app compatibility. More importantly, the tech giant significantly reduced the image size in the Windows container. This change translates to reduced startup time and improved overall performance.

Azure Automanage – Hotpatch

Windows Server 2022 Datacenter: Azure Edition is compatible with Hotpatch, a component of Azure Automanage. This new feature eliminates the need to reboot after installing updates on the Azure Edition virtual machines (VMs).

Additional Key Features

Other notable Windows Server 2022 features include nested virtualization for AMD processors, improved storage migration service, and SMB compression. With the nested virtualization, you can operate a Hyper-V inside a virtual machine, thanks to AMD processors. This capability expands hardware options for your organization’s environments.

In addition, you can now compress server message block (SMB) files during transmission over the network. This functionality is available to users and applications; it eliminates the need to handle file compression manually.

More Like This

AA22-223A: #StopRansomware: Zeppelin Ransomware

Original release date: August 11, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for …

AA22-223A: #StopRansomware: Zeppelin Ransomware Read More »

Read More

AA22-216A: 2021 Top Malware Strains

Original release date: August 4, 2022 Summary Immediate Actions You Can Take Now to Protect Against Malware: • Patch all systems and prioritize patching known exploited vulnerabilities. • Enforce multifactor authentication (MFA). • Secure Remote Desktop Protocol (RDP) and other risky services. • Make offline backups of your data. • Provide end-user awareness and training …

AA22-216A: 2021 Top Malware Strains Read More »

Read More

Small Business Guide To Microsoft Azure Virtual Desktop

Small Business Guide To Microsoft Azure Virtual Desktop The business world is becoming increasingly digital. Since the COVID-19 pandemic began, many companies have moved into work-from-home situations, which has made remote and hybrid working environments more desirable and commonplace for workers across the country. The modern workforce is more flexible and mobile than ever, and …

Small Business Guide To Microsoft Azure Virtual Desktop Read More »

Read More

AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector

Original release date: July 6, 2022 Summary The Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), and the Department of the Treasury (Treasury) are releasing this joint Cybersecurity Advisory (CSA) to provide information on Maui ransomware, which has been used by North Korean state-sponsored cyber actors since at least May 2021 to …

AA22-187A: North Korean State-Sponsored Cyber Actors Use Maui Ransomware to Target the Healthcare and Public Health Sector Read More »

Read More

AA22-181A: #StopRansomware: MedusaLocker

Original release date: June 30, 2022 Summary Actions to take today to mitigate cyber threats from ransomware: • Prioritize remediating known exploited vulnerabilities. • Train users to recognize and report phishing attempts. • Enable and enforce multifactor authentication. Note: this joint Cybersecurity Advisory (CSA) is part of an ongoing #StopRansomware effort to publish advisories for …

AA22-181A: #StopRansomware: MedusaLocker Read More »

Read More

AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems

Original release date: June 23, 2022 Summary Actions to take today: • Install fixed builds, updating all affected VMware Horizon and UAG systems to the latest versions. If updates or workarounds were not promptly applied following VMware’s release of updates for Log4Shell in December 2021, treat all affected VMware systems as compromised. • Minimize the …

AA22-174A: Malicious Cyber Actors Continue to Exploit Log4Shell in VMware Horizon Systems Read More »

Read More