To Upgrade or Not To Upgrade

By Steven Warren

(Back to article)

There is a lot of hype in the IT industry when it comes to new releases of products. Look at the iPhone, Windows Vista, WiMax, OSX Leopard, etc. Hype is a part of our culture. Being able to sift through the hype and make a logical decision is what separates a sound business decision from a poor business decision.

More Tech Trends on CIO Update

Vista to be a More Secure Platform

Taking Vista for a Test Drive

Vista Designed with Security in Mind

If you want to comment on these or any other articles you see on CIO Update, we'd like to hear from you in our IT Management Forum. Thanks for reading.

- Allen Bernard, Managing Editor.

FREE IT Management Newsletters

Windows Server 2008 (formerly Longhorn Server) comes out next year and I want to dig through the hype to help you make a decision for yourself whether migrating servers will be worth it in the next 18-24 months.

I can throw words like increased security, flexibility, ease-of-use, locked down, great protections, but what does it really mean and how does it benefit you ? Do you just believe the wordsmiths or do you perform your own due diligence? I hope the latter.

In all honesty, my answer to the question of should you upgrade would be it depends. Let me explain. If your company is completely satisfied with the status quo of Windows Server 2003 and does not have any pressing need for any of the new features in Windows Server 2008, stay the course and save some money. An upgrade of systems and servers requires much planning and a good deal of money.

On the other hand, if you have a need for a Windows Server Core only installation, network access protection, read-only domain controllers, built-in virtualization, scripting, or any other new feature, migrating to Windows Server 2008 makes sense.

Perfect World

For example, in a perfect world, all domain controllers would be in a single server room with unlimited bandwidth and powered with constant surveillance. We do not live in this world, and in many corporations there are quite a few satellite or branch offices throughout the country or world. But Windows Server 2008 allows you to configure read-only domain controllers (RODC).

An RODC is a domain controller that you can install at a remote location. Its sole purpose is to host a read-only copy of your Active Directory (AD) database. This method gives you peace of mind in not having to worry about the physical security of a domain controller hundreds or thousands of miles away. The RODC holds a minimal set of information and all changes made must come from a domain controller with full control that replicates to the RODC.

In the real world, a major car dealership could have all of their domain controllers in corporate headquarters and put an RODC in every dealership throughout the country instead of the current, common practice of a full-control domain controller.

For many corporations throughout corporate America, this single feature will make migrating worth it. For companies who do not need this feature or any other “Hot Hype” features, they will not be fazed.

Let’s move on and talk about companies who are actively consolidating and wanting to really secure and streamline Windows servers. In your current server environment, you load the complete Windows OS and kernel environment on a single server. You then can use roles to only turn on certain features.

What if I told you that you can now perform a Windows server core installation with only the minimum environment necessary to run the specific role you have in mind? If your server is going to just be a DHCP server, you can configure the role to just be a DHCP server and only a DHCP server. You no longer have to install the whole Windows OS, just install the feature you want and best of all it has a minimum user interface (UI).After installing Windows server core and booting up, all you get is a command line box and a minimum UI. With a Windows server core installation, you get none of the following: desktop shell (aero, wallpaper, etc.), CLR and .NET Framework, MMC console or snap-ins, start menu, control panel, Internet Explorer, Windows Mail, WordPad, Paint, Windows Explorer, run box, etc. It is bare bones.

You do get the kernel and that is all you need. It allows you to have a very secure deployment of a specific role of Windows. This type of configuration allows a corporation to easily consolidate Windows server to very specific locked down roles. For example, you can have a dedicated command line IIS Web server, dedicated DHCP server, DNS Server. You could even take it one step further and virtualize these systems. Many data centers and network operation centers (NOCS) will take advantage of a Windows server core installation. It is a very secure and tight installation.

Additionally, many IT administrators prefer command line over a UI. A new scripting language will be included in Windows Server 2008 called Powershell. It allows IT administrators to script out many tasks and allows for automation of many Windows administration tasks. Best of all the language is based on .NET and has more than 130 standard command lines tools if you are not up to speed on this technology or are not a scripting expert.

Imaging being able to write a script that quickly checks the service pack level and network configuration on every server in your environment. The sky is the limit with this scripting language. It is Microsoft’s plan to have you be able to script every task in Windows that has a UI.

The needs of your remote users could also cause you to migrate to Windows Server 2008 more quickly than other people. Currently, if you want remote users to access your system, you configure a virtual private network (VPN) connection into your network. Some may feel that this provides remote users too much access to the network and is an unacceptable risk.

In Windows Server 2008, you could use terminal services gateway (TSG) to allow your remote users securely through your firewall to applications running on terminal servers on your network. Combine this with the ability to publish applications, which is new in Windows Server 2008, and you have a much more secure deployment for end users. If none of this matters to you and you feel you have a secure VPN than migrating may not make much sense.

As you can see, there is no clear-cut answer on whether or not you should migrate to Windows Server 2008. If you can benefit from any of the new features of Windows Server 2008, it is a good idea for you to migrate to the new platform. If you are happy with Windows Server 2003, stay the course and be content.

Now, if you are running Windows Server 2000 the next logical upgrade would be to Windows Server 2008. You wouldn’t want to upgrade to Windows Server 2003 when a new server OS is coming out right around the corner.

On the other hand if you are planning a desktop upgrade from Windows 2000 Professional\Windows XP to Windows Vista, in the next 18-24 months, moving to Windows Server 2008 is ideal since it will be designed to run best with Windows Server 2008. The choices all revolve around your specific needs. There is no wrong decision.

Steven Warren is an IT consultant for the Ultimate Software Group and a freelance technical writer who has been a regular contributor to TechRepublic, TechProGuild, CNET, ZDNET, DatabaseJournal.com and, now, CIO Update. He the author of "The VMware Workstation 5.0 Handbook" and holds the following certifications: MCDBA, MCSE, MCSA, CCA, CIW-SA, CIW-MA, Network+, and i-Net+.