Microsoft Server first launched Windows Server in the year 2016. Since since then it has been a while since Windows Server has seen a dramatic improvement in its capabilities. Windows Server series has radically increased its capabilities. On February 2, 2021 Microsoft launched the most recent version of Server 2022.
The new operating system comes with sophisticated multilayer security and hybrid features, Azure and a scalable application platform.
It’s only the start of the improvement list.
With an ever-growing amount of investment in the capabilities of servers, Server 2022 boasts the latest technology for servers. To give you an overview of what you can anticipate from this latest Microsoft service we’ve created this guide to help you get started.
Here’s all you need to know about Microsoft Server 2022.
What is Windows Server 2022?
Windows Server is the latest operating system designed for on-premise data centers as well as virtual machines.
Contrary to earlier versions of Server that have been available since 2012 are available in two versions the new version of Server 2022 will come with three distinct versions. Standard Edition Standard Edition is limited to two virtual instances. It also includes the smaller version Storage Replica which is now limited to a single partnership , with maximum. 2 TB volumes.
It’s the Datacenter Edition, however, includes Shielded VMs, Storage Replica and software-defined storage, as well as Spaces Direct Storage. Spaces Direct.
If you’re creating an infrastructure that is virtual and you’re looking to build one, you’ll require to purchase the Datacenter Edition. It supports an unlimited number of virtual machines (VMs) (standard supports only two VMs) allows two) and you’ll require shielded Hyper-V VMs to provide better security and isolation.
What are we able to anticipate from Standard or Datacenter Editions?
Here are a few essential features shared by both versions:
- Windows Containers. Containers allow operating-system-level virtualization via access to the OS, libraries, and underlying resources to host applications in an isolated user space.
- Windows Defender. The Server Anti-malware software is installed as a default.
- Storage Spaces Direct. It allows high-availability storage by with local storage systems such as JBODs which are locally stored or networked through an existing storage pool.
- Active Directory Domain Services. To prevent the loss of credentials, Privileged Access Management (PAM) works in conjunction with Microsoft Identity Manager (MIM) to secure Active Directory (AD). Active Directory (AD). Furthermore, administrative access requests and account monitoring are currently dependent on an expiring link feature that restricts the window for administrative access to the duration of a certain time.
- Active Directory Federation Services. Provides a simple and secure identity federation as well as it also allows Single Sign-On (SSO) between organisations that are partners and ADFS-secured enterprises. It lets users store their user credentials in cloud-based providers or LDAP.
- HyperV.Virtual networking adapters and virtual machine memory can be used to provide hot management. Datacenter also has shield virtual machines to prevent the possibility of data theft or virtual machine states through encryption of both, preventing the analysis of video signals as well as disks.
New Azure Edition
With the most recent version, a new option is available: Windows Server 2022 Datacenter: Azure Edition. The most recent operating system has been specifically designed to work with the Microsoft cloud.
Its distinct highlights include hotpatching updating without reboots and SMB over QIC (a VPN alternative). Other than that the Azure Edition has the same features that Datacenter Edition. Datacenter Edition.
The Essentials Edition – previously offered for Server 2019 – has removed specific functions such as dashboards backup for clients, dashboard access from anywhere. Don’t think you’ll get this version that is stripped down. Instead, it’ll be an edition called the Standard Edition with an alternate license.
What is the minimal system requirements?
With the launch of any operating system Microsoft announces its minimum operating system specifications. In the case of Server 2022, the requirements are:
- 1.4 GHz 64-bit processor
- Compatible with the x64 instruction set
- Supports NX and DEP
- Supported CMPXCHG16b, LAHF/SAHF, and PrefetchW
- Error Correcting Code (ECC) similar technology or a variant is required to deploy physical hosts
- The minimum is 512 millibytes (2 GB are required to install Desktop Experience Server with Desktop Experience installation option)
- Conforms to PCI Express architecture specification. PCI Express architecture specification
- Ethernet cable adapter cable minimum 1 gigabits per second
- It is a UEFI 2.3.1c-based device and secure boot-supporting firmware
- Trusted Platform Module 2.0
What’s new in Windows Server 2022 ?
This article describes some of the new features in Windows Server 2022. Windows Server 2022 is built on the strong foundation of Windows Server 2019 and brings many innovations on three key themes: security, Azure hybrid integration and management, and application platform. Also, Windows Server 2022 Datacenter: Azure Edition helps you use the benefits of cloud to keep your VMs up to date while minimizing downtime.
The new security capabilities in Windows Server 2022 combine other security capabilities in Windows Server across multiple areas to provide defense-in-depth protection against advanced threats. Advanced multi-layer security in Windows Server 2022 provides the comprehensive protection that servers need today.
Certified Secured-core server hardware from an OEM partner provides additional security protections that are useful against sophisticated attacks. This can provide increased assurance when handling mission-critical data in some of the most data-sensitive industries. A Secured-core server uses hardware, firmware, and driver capabilities to enable advanced Windows Server security features. Many of these features are available in Windows Secured-core PCs and are now also available with Secured-core server hardware and Windows Server 2022.
Trusted Platform Module 2.0 (TPM 2.0) secure crypto-processor chips provide a secure, hardware-based store for sensitive cryptographic keys and data, including systems integrity measurements. TPM 2.0 can verify that the server has been started with legitimate code and can be trusted by subsequent code execution. This is known as a hardware root-of-trust and is used by features such as BitLocker drive encryption.
Firmware executes with high privileges and is often invisible to traditional anti-virus solutions, which has lead to a rise in the number of firmware-based attacks. Secured-core server processors support measurement and verification of boot processes with Dynamic Root of Trust for Measurement (DRTM) technology and isolation of driver access to memory with Direct Memory Access (DMA) protection.
Virtualization-based security (VBS)
Secured-core servers support virtualization-based security (VBS) and hypervisor-based code integrity (HVCI). VBS uses hardware virtualization features to create and isolate a secure region of memory from the normal operating system, protecting against an entire class of vulnerabilities used in cryptocurrency mining attacks. VBS also allows for the use of Credential Guard, where user credentials and secrets are stored in a virtual container that the operating system cannot access directly.
HVCI uses VBS to significantly strengthen code integrity policy enforcement, including kernel mode integrity that checks all kernel mode drivers and binaries in a virtualized environment before they are started, preventing unsigned drivers or system files from being loaded into system memory.
Transport: HTTPS and TLS 1.3 enabled by default on Windows Server 2022
Secure connections are at the heart of today’s interconnected systems. Transport Layer Security (TLS) 1.3 is the latest version of the internet’s most deployed security protocol, which encrypts data to provide a secure communication channel between two endpoints. HTTPS and TLS 1.3 is now enabled by default on Windows Server 2022, protecting the data of clients connecting to the server. It eliminates obsolete cryptographic algorithms, enhances security over older versions, and aims to encrypt as much of the handshake as possible. Learn more about supported TLS versions and about supported cipher suites.
Although TLS 1.3 in the protocol layer is now enabled by default, applications and services also need to actively support it. Please see documentation for those applications and services for more information. The Microsoft Security blog has more detail in the post Taking Transport Layer Security (TLS) to the next level with TLS 1.3.
Secure DNS: Encrypted DNS name resolution requests with DNS-over-HTTPS
DNS Client in Windows Server 2022 now supports DNS-over-HTTPS (DoH) which encrypts DNS queries using the HTTPS protocol. This helps keep your traffic as private as possible by preventing eavesdropping and your DNS data being manipulated. Learn more about configuring the DNS client to use DoH.
Server Message Block (SMB): SMB AES-256 encryption for the most security conscious
Windows Server now supports AES-256-GCM and AES-256-CCM cryptographic suites for SMB encryption. Windows will automatically negotiate this more advanced cipher method when connecting to another computer that also supports it, and it can also be mandated through Group Policy. Windows Server still supports AES-128 for down-level compatibility. AES-128-GMAC signing now also accelerates signing performance.
SMB: East-West SMB encryption controls for internal cluster communications
Windows Server failover clusters now support granular control of encrypting and signing intra-node storage communications for Cluster Shared Volumes (CSV) and the storage bus layer (SBL). This means that when using Storage Spaces Direct, you can decide to encrypt or sign east-west communications within the cluster itself for higher security.
SMB Direct and RDMA encryption
SMB Direct and RDMA supply high bandwidth, low latency networking fabric for workloads like Storage Spaces Direct, Storage Replica, Hyper-V, Scale-out File Server, and SQL Server. SMB Direct in Windows Server 2022 now supports encryption. Previously, enabling SMB encryption disabled direct data placement; this was intentional, but seriously impacted performance. Now data is encrypted data before placement, leading to far less performance degradation while adding AES-128 and AES-256 protected packet privacy.
More information on SMB encryption, signing acceleration, secure RDMA, and cluster support can be found at SMB security enhancements.
SMB over QUIC
SMB over QUIC updates the SMB 3.1.1 protocol in Windows Server 2022 Datacenter: Azure Edition and supported Windows clients to use the QUIC protocol instead of TCP. By using SMB over QUIC along with TLS 1.3, users and applications can securely and reliably access data from edge file servers running in Azure. Mobile and telecommuter users no longer need a VPN to access their file servers over SMB when on Windows. More information can be found at the SMB over QUIC documentation.
Azure hybrid capabilities
You can increase your efficiency and agility with built-in hybrid capabilities in Windows Server 2022 that allow you to extend your data centers to Azure more easily than ever before.
Azure Arc enabled Windows Servers
Azure Arc enabled servers with Windows Server 2022 brings on-premises and multi-cloud Windows Servers to Azure with Azure Arc. This management experience is designed to be consistent with how you manage native Azure virtual machines. When a hybrid machine is connected to Azure, it becomes a connected machine and is treated as a resource in Azure. More information can be found at the Azure Arc enables servers documentation.
Windows Admin Center
Improvements to Windows Admin Center to manage Windows Server 2022 include capabilities to both report on the current state of the Secured-core features mentioned above, and where applicable, allow customers to enable the features. More information on these and many more improvements to Windows Admin Center can be found at the Windows Admin Center documentation.
Azure Automanage – Hotpatch
Hotpatch, part of Azure Automanage, is supported in Windows Server 2022 Datacenter: Azure Edition. Hotpatching is a new way to install updates on new Windows Server Azure Edition virtual machines (VMs) that doesn’t require a reboot after installation. More information can be found at the Azure Automanage documentation.
There are several platform improvements for Windows Containers, including application compatibility and the Windows Container experience with Kubernetes. A major improvement includes reducing the Windows Container image size by up to 40%, which leads to a 30% faster startup time and better performance.
You can now also run applications that depend on Azure Active Directory with group Managed Services Accounts (gMSA) without domain joining the container host, and Windows Containers now support Microsoft Distributed Transaction Control (MSDTC) and Microsoft Message Queuing (MSMQ).
There are several other enhancements that simplify the Windows Container experience with Kubernetes. These enhancements include support for host-process containers for node configuration, IPv6, and consistent network policy implementation with Calico.
In addition to platform improvements, Windows Admin Center has been updated to make it easy to containerize .NET applications. Once the application is in a container, you can host it on Azure Container Registry to then deploy it to other Azure services, including Azure Kubernetes Service.
With support for Intel Ice Lake processors, Windows Server 2022 supports business-critical and large-scale applications, such as SQL Server, that require up to 48 TB of memory and 2,048 logical cores running on 64 physical sockets. Confidential computing with Intel Secured Guard Extension (SGX) on Intel Ice Lake improves application security by isolating applications from each other with protected memory.
Other key features
Nested virtualization for AMD processors
Nested virtualization is a feature that allows you to run Hyper-V inside of a Hyper-V virtual machine (VM). Windows Server 2022 brings support for nested virtualization using AMD processors, giving more choices of hardware for your environments. More information can be found at the nested virtualization documentation.
Microsoft Edge browser
Microsoft Edge is included with Windows Server 2022, replacing Internet Explorer. It is built on Chromium open source and backed by Microsoft security and innovation. It can be used with the Server with Desktop Experience installation options. More information can be found at the Microsoft Edge Enterprise documentation. Note that Microsoft Edge, unlike the rest of Windows Server, follows the Modern Lifecycle for its support lifecycle. For details, see Microsoft Edge lifecycle documentation.
UDP performance improvements
UDP is becoming a very popular protocol carrying more and more network traffic due to the increasing popularity of RTP and custom (UDP) streaming and gaming protocols. The QUIC protocol, built on top of UDP, brings the performance of UDP to a level on par with TCP. Significantly, Windows Server 2022 includes UDP Segmentation Offload (USO). USO moves most of the work required to send UDP packets from the CPU to the network adapter’s specialized hardware. Complimenting USO is UDP Receive Side Coalescing (UDP RSC), which coalesces packets and reduces CPU usage for UDP processing. In addition, we have also made hundreds of improvements to the UDP data path both transmit and receive. Windows Server 2022 and Windows 11 both have this new capability.
TCP performance improvements
Windows Server 2022 uses TCP HyStart++ to reduce packet loss during connection start-up (especially in high-speed networks) and RACK to reduce Retransmit TimeOuts (RTO). These features are enabled in the transport stack by default and provide a smoother network data flow with better performance at high speeds. Windows Server 2022 and Windows 11 both have this new capability.
Hyper-V virtual switch improvements
Virtual switches in Hyper-V have been enhanced with updated Receive Segment Coalescing (RSC). This allows the hypervisor network to coalesce packets and process as one larger segment. CPU cycles are reduced and segments will remain coalesced across the entire data path until processed by the intended application. This means improved performance in both network traffic from an external host, received by a virtual NIC, as well as from a virtual NIC to another virtual NIC on the same host.
Storage Migration Service
Enhancements to Storage Migration Service in Windows Server 2022 makes it easier to migrate storage to Windows Server or to Azure from more source locations. Here are the features that are available when running the Storage Migration Server orchestrator on Windows Server 2022:
- Migrate local users and groups to the new server.
- Migrate storage from failover clusters, migrate to failover clusters, and migrate between standalone servers and failover clusters.
- Migrate storage from a Linux server that uses Samba.
- More easily synchronize migrated shares into Azure by using Azure File Sync.
- Migrate to new networks such as Azure.
- Migrate NetApp CIFS servers from NetApp FAS arrays to Windows servers and clusters.
Adjustable storage repair speed
User adjustable storage repair speed is a new feature in Storage Spaces Direct that offers more control over the data resync process by allocating resources to either repair data copies (resiliency) or run active workloads (performance). This helps improve availability and allows you to service your clusters more flexibly and efficiently.
Faster repair and resynchronization
Storage repair and resynchronization after events such as node reboots and disk failures are now twice as fast. Repairs have less variance in time taken so you can be more sure of how long the repairs will take, which has been achieved through adding more granularity to data tracking. This only moves the data that needs to be moved, and reduces the system resources used and the time taken.
Storage bus cache with Storage Spaces on standalone servers
Storage bus cache is now available for standalone servers. It can significantly improve read and write performance, while maintaining storage efficiency and keeping the operational costs low. Similar to its implementation for Storage Spaces Direct, this feature binds together faster media (for example, NVMe or SSD) with slower media (for example, HDD) to create tiers. A portion of the faster media tier is reserved for the cache. To learn more, see Enable storage bus cache with Storage Spaces on standalone servers.
ReFS file-level snapshots
Microsoft’s Resilient File System (ReFS) now includes the ability to snapshot files using a quick metadata operation. Snapshots are different than ReFS block cloning in that clones are writable, whereas snapshots are read-only. This functionality is especially useful in virtual machine backup scenarios with VHD/VHDX files. ReFS snapshots are unique in that they take a constant time irrespective of file size. Support for snapshots is available in ReFSUtil or as an API.
Changes to server and infrastructure roles
In the latest OS updates there’s been an enormous importance placed on migration and hybrid strategies. This has put Server OS in a bind.
However the way Vijay Kumar, director of Windows Server and Azure product marketing, assured customers, “Windows Server is a highly versatile, multi-purpose operating system, with dozens of roles and hundreds of features, including guest rights.” He continued to mention that the latest software will incorporate Software-Defined Data Center (SDDC) featuresthat allow customers to use it for to use the software for multiple purposes, e.g., running files service as well as SQL Server.
However there is it is the Azure Stack HCl has been intended for running virtual machine in-house that connect directly to Azure Hybrid Services. On the hardware you own, Azure Kubernetes Service is still primarily about infrastructure, not an application server or storage service.
It’s now supporting even more RAM: 48 Tb and that can support up to 64 sockets and 248 logical processors. It even supports secure computing by using Intel SGX on Ice Lake CPUs.
With every day new cyber attacks secure connectivity is essential. This is why Windows has prioritized the introduction of new features to ensure secure connections in Server 2022. This includes Secure DNS Another high-end upgraded feature designed to offer security and reliability.
Additionally in addition, it is also worth noting that the DNS Client also supports DNS-over-HTTPS (DoH). It works by DoH is a cipher used to encrypt DNS requests by using the HTTPS protocol, which keeps the data private and increases security.
The cryptographic suites AES 256-GCM and AES 256-CC are supported within Windows Server for Server Message Block encryption and marking. As adversaries continue to discover ways to differentiate security calculations, a solid encryption is essential when it comes to registration. But, thankfullyfor us, AES-256-GCM and AES-256 CCM use ensures an adequate level of security, even though AES-128 to ensure down-level similarity is still in use.
Two security features of utmost importance are now available on Server 2022:
- Secured-core servers
- Secure connection
Secured-core server integrates threat protection software , which results in multi-layered security across your IT infrastructure, including hardware, firmware, as well as your operating system. It is based on the Trusted platform module 2.0 as well as System Guard, booting up Windows Server 2022 now minimizes the vulnerability of firmware. The new features include such as VBS, which is a virtualization-based security (VBS) (which includes the Credential Guard as well as Hypervisor-protected code integrity (HVCI)). Credential Guard work as a security measure to protect vulnerable assets. Meanwhile, HVCI prevents malware tampering via hardware-rooted security.
Secured connectivity as mentioned enhances security while transport to ensure extra security. It also provides speedier and more secure encryption HTTPS as well as TLS 1.2 is set as default.
Microsoft has provided SMB compression to provide additional capabilities , allowing users to compress files in order to speed up transfer speeds. In one test, SMB compression was shown to be able to handle a 20GB file with ease. With no SMB compression the file took 3 minutes to compress, however, it took it took only 30 seconds when using the new version.
Furthermore compression benefits are accessible to users who access the file share via Windows Explorer.
The latest Azure Edition is a game-changer for the Server series. By using Azure Arc, you can now manage, secure and manage Windows Server 2022 across a array of settings, including on-premises as well as at the edge or through a multi-cloud.
Additionally, you can use Azure management tools such as Azure Defender, Azure Policy as well as Azure Monitor on these servers. You can also allow connectivity using Windows Admin Center in Azure Arc.
In addition, to enhance the seamlessness of connectivity Azure offers Storage Migration Service to facilitate the transfer of data to servers, while maintaining low latency , and thus reducing the footprint of your storage on premises.
How much does Server 2022 cost?
The price for Server 2022 will be based on which version you select for Standard, Datacenter or Essentials. According to Microsoft these are the costs and suggestions for your options:
- Essentials. (Suggested retail price of $501) ideal for small-sized businesses that have at least 25 employees and up to 50 computers. It also comes with special servers, no CAL needed.
- Standard. (Suggested retail price: $1069) is ideal for virtualized or physical environments. It is based on the core of Windows Server for CAL.
- Datacenter. (Suggested retail price of $6155) Ideal for virtualized data centers as well as cloud environments. Core-based; needs Windows Server CAL.
Here’s an in-depth overview of latest version of Microsoft Windows Server 2022. With significant changes from Server 2019’s release, the latest version by Microsoft is an exciting upgrade to a reliable operating system.
Which version you select will be based on the current needs of your business. Most small-sized businesses can be satisfied using or Standard and Datacenter Editions.