MENU




 SEARCH
RECENT

RECENT
SPONSORED CONTENT

Three Critical Areas of Desktop Deployment That You Must Get Right 

Microsoft Sees Need For Regulation, Laws For AI Advances 

JAN 19, 2018
SaaS Developer Tool CircleCI Closes $31 Million Series C Funding Round 

JAN 18, 2018

Savill's FAQs: System Center Endpoint Protection Manual Install 

JAN 18, 2018

Why Bosch’s NA President Is Upbeat about Self-Parking Cars 

JAN 17, 2018

FEATURED

From Patches to Performance: What Enterprises Need to Know About Meltdown and
Spectre 

JAN 05, 2018

Watch Out for Mobile Data Transparency in 2018 

JAN 01, 2018

Artificial Intelligence and Automation Make Waves in Shipping 

JAN 05, 2018

Five Linux Server Distributions to Consider in 2018 

JAN 04, 2018

MANAGEMENT & MOBILITY

Q. What are the server roles in Windows Server 2008?

John Savill | May 24, 2008

A. Windows Server 2008 is designed around certain roles and features. A role is a
primary duty that a server performs. For example, you typically would point at a server
and say "that's my domain controller (DC) and DNS server." A feature is something that
helps a server perform its primary duty (Windows Backup, network load balancing).
Certain roles are comprised of sub-elements called Role Services, which are distinct
units of functionality. For example, within the role of Terminal Services, is the TS
 Gateway and TS Licensing Role Services (among others). Please note that Server 2008
Web Edition has only the Web Server role. Also note that WINS isn't a role in Server
2008, it's a feature (see also, "Control Windows Server 2008 Roles and Features" and
"Windows Server 2008 in Perspective").

The Server 2008 roles are as follows:

  Active Directory Certificate Services. Provides the services for creating and managing
public key certificates used in most aspects of security today, including HTTP Security (HTTPS),
which is vital to many Windows Roles; Wireless network security; VPNs; IPsec; Encrypting File
System (EFS); and other software security systems that require encryption or digital signatures.

  Active Directory Domain Services. Previously known as just Active Directory, AD Domain
Services stores information about users, computers, and other devices on the network in a
security boundary known as a domain. With resources and users being  members of a domain or
trusted hierarchy of domains known as a forest, access to company wide information is secure
and no burden on the user.

  Active Directory Federation Services (ADFS). Provides Web single-sign-on (SSO)

capabilities across separate organizations, allowing authentication across multiple Web
applications in various companies using a single user account. ADFS accomplishes this by
securely federating, or sharing, user identities and access rights, in the form of digital claims,
between partner organizations once a federation trust has been established.

  Active Directory Lightweight Directory Services. Previously known as Active Directory

Application Mode (ADAM), Active Directory Lightweight Directory Services provides a directory
service that organizations can use to store information specific to an application that is separate
from the organization's main AD. Active Directory Lightweight Directory Services runs as a non-
OS service and doesn't require deployment on a DC, with multiple Active Directory Lightweight
Directory Services instances supported on a single server.

  Active Directory Rights Management Services. Provides very granular protection on

supported documents via AD RMS-enabled applications to not only protect documents and
other digital information but also to control the actions that authorized consumers of the
information can do.

  Application Server. Comprises a number of components that are responsible for the
deployment and managing of .NET Framework 3.0 applications. These components include
the .NET Framework, Web Server (IIS) Support, Message Queuing, COM+ Network Access, TCP
Port Sharing, Distributed Transactions and Windows Process Activation Service Support.

  Dynamic Host Configuration Protocol (DHCP) Server. Allows servers to assign or lease
IP addresses to computers and other devices that are enabled as DHCP clients on the network.
  DNS Server. DNS is used to resolve host names to IP addresses, both IPv4 and IPv6.

  Fax Server. Sends and receives faxes, and allows you to manage fax resources such as jobs,
settings, reports, and fax devices on this computer or on the network.

  File Services. Provides technologies for storage management, which includes control of the
types of files stored on a server via file screens and powerful quotas, file replication, distributed
namespace management, NFS, and support for UNIX clients.

  Hyper-V. Provides the services that you can use to create and manage virtual machines (VMs)
and their resources. Hyper-V will ship within 180 days of the Server 2008 launch, but a beta
version is supplied with the 2008 RTM.

  Network Policy and Access Services. Delivers a variety of methods to provide users with
local and remote network connectivity, to connect network segments, and to allow network
administrators to centrally manage network access and client health policies. With Network
Access Services, you can deploy VPN servers, dial-up servers, routers, and 802.11 protected
wireless access. You can also deploy RADIUS servers and proxies, and use Connection Manager
Administration Kit to create remote access profiles that allow client computers to connect to
your network.

  Print Services. Enables the management of print servers and printers. A print server reduces
administrative and management workload by centralizing printer management tasks. Also part
of Print Services is the Print Management Console, which streamlines the management of all
aspects of printer server management including the ability to remotely scan a subnet for printers
and automatically create the necessary print queues and shares.

  Terminal Services. Enables users to access Windows-based programs that are installed on a
terminal server or to access the Windows desktop from almost any computing device that
supports the RDP protocol. Users can connect to a terminal server to run programs and to use
network resources on that server. Server 2008 has technologies that allow the RDP traffic
necessary for communication with a terminal server from a client to be encapsulated in HTTPS
packets, which means all communication is via port 443 so no special holes are required in the
firewall for access to terminal servers within an organization from the Internet.

  Universal Description, Discovery, and Integration (UDDI) Services. UDDI Services

provides description, discovery, and integration capabilities for sharing information about Web
services within an organization's intranet, between business partners on an extranet, or on the
Internet.

  Web Server (IIS). Enables sharing of information on the Internet, intranets, or extranets. It's
a unified Web platform that integrates IIS 7.0, ASP.NET, and Windows Communication
Foundation. IIS 7.0 also features enhanced security, simplified diagnostics, and delegated
administration.
  Windows Deployment Services (WDS). Used to install and configure Windows OSs that
are stored in the Windows Imagine format remotely on computers via Pre-boot Execution
Environment (PXE) boot ROMs.

I created a screencast outlining these roles, which you can view here.

Windows Server 2008: Server Role Features

TAGS: WINDOWS 8
1 COMMENT

RELATED

Consumer Electronics Show 2018: Business and Enterprise Expectations

JAN 05, 2018

How to Remove 'Open PowerShell' from Windows 10 Context Menu

JAN 02, 2018

Watch Out for Mobile Data Transparency in 2018

JAN 01, 2018
Add 'Open Command Window Here' to Windows 10 Context Menu
DEC 21, 2017

COLLABORATION>OFFICE 365

OneDrive for Business Feature is Best Protection from

Malware

Richard Hay | Jan 23, 2018

 START SLIDESHOW   ›
Files Restore, a new OneDrive for Business feature that was announced last year at Ignite, will
provide end users the best protection from malware in case of file corruption or deletion.
Thanks to the ever-present, ever-evolving threat of malware, it is more important than
ever to keep a backup of your important files and data. And here's a new wrinkle: With
cloud storage options that typically sync file changes between devices and your cloud
storage provider, the risk of a malware infected file propagating to other systems can be
a valid concern.

A new feature that began rolling out this week on OneDrive for Business looks to offer
the best protection from malware for most end users.

Files Restore, a new OneDrive for Businessfeature that was initially announced last year
at Microsoft Ignite, now puts the power of recovering from corrupted or deleted cloud
based files in the hands of the end user.

According to Microsoft’s Stephen Rose, Files Restore is a full self-service restoral option
that provides administrators and users the ability to restore files from any moment in
the past 30 days. That means you can go back to just one second earlier than when a file
might have been corrupted or accidentally removed and regain full access to that file.

Before this new feature can be fully at your users' disposal, there are a couple of key
items that need to be turned on already by OneDrive for Business administrators. Files
Restore uses the file version history and the Recycle Bin to recover files. Just for clarity
these are the settings for the users OneDrive For Business portal on the web and not the
local machines file system version history and Recycle Bin. Although you can revert back
to a previous version of a file using its versions history, if the site Recycle Bin is turned
off, then deleted files are not going to be accessible for restoration. However, as I
mentioned earlier, if either of these settings are turned off at the administrator level
then the full Files Restore functionality will not be available.

Another clarification to be aware of with Files Restore: Documents can only be restored

by their original owner. That means a document you have been invited to collaborate
on cannot be restored except by the original owner through their own OneDrive for
Business storage portal. However, as a source at Microsoft confirmed for me after this
announcement, a user who has edit permissions on that file can use File Versioning
option to restore any previous version of that file from the previous 30 days from within
their own OneDrive for Business storage.

Now let’s get down to how you would use this feature once it is rolled out to your
organization. Check out this associated gallery for screenshots of the four steps it takes
to use Files Restore on your OneDrive for Business storage and enjoy that best
protection from malware which is right at your fingertips.
 START SLIDESHOW   ›

TAGS: MICROSOFT SHAREPOINT
0 COMMENTS

RELATED

SPONSORED CONTENT

Three Critical Areas of Desktop Deployment That You Must Get Right
JAN 23, 2018

How to Effectively Manage Each Step When Migrating to Windows 10

JAN 09, 2018
2017 Was the Year the Quantified Workplace Hit Our Desktops
DEC 26, 2017

SPONSORED CONTENT

Podcast: What You Need to Know About Managing Office 365

DEC 19, 2017

Sign up for the ITPro Update newsletter.

AfghanistanAland IslandsAlbaniaAlgeriaAmerican
SamoaAndorraAngolaAnguillaAntarcticaAntigua and
BarbudaArgentinaArmeniaArubaAustraliaAustriaAzerbaijanBahamasBahrainBangladeshBarbad
osBelarusBelgiumBelizeBeninBermudaBhutanBoliviaBosnia and HerzegovinaBotswanaBouvet
IslandBrazilBritish Indian Ocean TerritoryBritish Virgin IslandsBruneiBulgariaBurkina
FasoBurundiCambodiaCameroonCanadaCape VerdeCaribbean NetherlandsCayman
IslandsCentral African RepublicChadChileChinaChristmas IslandCocos (Keeling)
IslandsColombiaComorosCongo (Brazzaville)Congo (Kinshasa)Cook IslandsCosta
RicaCroatiaCubaCuraçaoCyprusCzech RepublicDenmarkDjiboutiDominicaDominican
RepublicEcuadorEgyptEl SalvadorEquatorial GuineaEritreaEstoniaEthiopiaFalkland
IslandsFaroe IslandsFijiFinlandFranceFrench GuianaFrench PolynesiaFrench Southern
TerritoriesGabonGambiaGeorgiaGermanyGhanaGibraltarGreeceGreenlandGrenadaGuadeloup
eGuamGuatemalaGuernseyGuineaGuinea-BissauGuyanaHaitiHeard Island and McDonald
IslandsHondurasHong Kong S.A.R., ChinaHungaryIcelandIndiaIndonesiaIranIraqIrelandIsle of
ManIsraelItalyIvory
CoastJamaicaJapanJerseyJordanKazakhstanKenyaKiribatiKuwaitKyrgyzstanLaosLatviaLebano
nLesothoLiberiaLibyaLiechtensteinLithuaniaLuxembourgMacao S.A.R.,
ChinaMacedoniaMadagascarMalawiMalaysiaMaldivesMaliMaltaMarshall
IslandsMartiniqueMauritaniaMauritiusMayotteMexicoMicronesiaMoldovaMonacoMongoliaMonte
negroMontserratMoroccoMozambiqueMyanmarNamibiaNauruNepalNetherlandsNetherlands
AntillesNew CaledoniaNew ZealandNicaraguaNigerNigeriaNiueNorfolk IslandNorthern Mariana
IslandsNorth KoreaNorwayOmanPakistanPalauPalestinian TerritoryPanamaPapua New
GuineaParaguayPeruPhilippinesPitcairnPolandPortugalPuerto
RicoQatarReunionRomaniaRussiaRwandaSaint BarthélemySaint HelenaSaint Kitts and
NevisSaint LuciaSaint Martin (French part)Saint Pierre and MiquelonSaint Vincent and the
GrenadinesSamoaSan MarinoSao Tome and PrincipeSaudi
ArabiaSenegalSerbiaSeychellesSierra LeoneSingaporeSint MaartenSlovakiaSloveniaSolomon
IslandsSomaliaSouth AfricaSouth Georgia and the South Sandwich IslandsSouth KoreaSouth
SudanSpainSri LankaSudanSurinameSvalbard and Jan
MayenSwazilandSwedenSwitzerlandSyriaTaiwanTajikistanTanzaniaThailandTimor-
LesteTogoTokelauTongaTrinidad and TobagoTunisiaTurkeyTurkmenistanTurks and Caicos
IslandsTuvaluU.S. Virgin IslandsUgandaUkraineUnited Arab EmiratesUnited KingdomUnited
StatesUnited States Minor Outlying
IslandsUruguayUzbekistanVanuatuVaticanVenezuelaVietnamWallis and FutunaWestern
SaharaYemenZambiaZimbabwe
SIGN UP

Thinkstock
SECURITY

Tackling the IoT Security Challenge: A Business-Minded

Approach

It may be tricky to ask for an ROI on your security spending, but IoT security is best viewed
through a business lens.

Brian Buntz | Jan 23, 2018

“Forget about perfection; focus on progression, and compound the
improvements.” —Sir Dave Brailsford

In the early 2000s, there was an apparent uptick in experts claiming to make surprising
discoveries by applying statistics and economics to random-seeming subjects. The 2003
book “Moneyball” explored the use of analytical tools to competitive baseball. Two years
after that, “Freakonomics” used economic theory to analyze such subjects as sumo
wrestling and parenting. In 2002, Sir Dave Brailsford brought the idea of continuous
improvement, a hallmark of Kaizen and Six Sigma methodologies to British cycling.
Having earned an MBA, Brailsford helped popularize what he termed “aggregation of
marginal gains.” The basic idea is that an organization can make dramatic progress by
taking a complex problem, breaking it into smaller elements and aiming to improve
each of those by 1 percent. Long story short, Brailsford went on see great success at the
Olympics and later, with Britain's first professional cycling team.

The time is ripe to embrace such an analytics- and economics-driven approach to

address the current IoT security challenge. A casual glance at the IoT security landscape
reveals a whirlwind of vendors with dramatically different messaging and products.
Listening to the profusion of messages can lead to the conclusion that an organization
can achieve a rarified security level by purchasing a slew of security products and
services. But your organization could spend an infinite level on IoT security and still get
hacked.

[Internet of Things Worlddemonstrates how the next generation of IoT

will converge to unlock the intelligence of things in the industrial,
enterprise and consumer realms. See what’s new for 2018.]

Framing security through an economic lens — and working with partners that share that
vision — is a more fruitful approach than viewing cybersecurity in binary terms.

In the IT space, the idea of risk alignment in business and security has been popular for
about a decade. But while it is easy to pay lip service to the notion of business-minded
IoT security, there are numerous examples of insecure IoT products in the field today
that indicate this approach is rarer than it should be.
The problem is often rooted in a cultural disconnect that separates executives as well as
IT and OT professionals. “Executives generally treat [security] like a technical problem
handled by technical people buried in IT,” said Paul Proctor, VP and distinguished
analyst at Gartner at the last Gartner Symposium in Barcelona. In theory, executives
want their products to be secure “until you start telling them that it is going to double
their budget, double their schedule and negatively impact customer experience,’”
Proctor added. 

Something similar to this scenario is happening in the IoT world, where too many
organizations hawking IoT products have been lackadaisical about security, rushing
products to the market with security snafus such as hard-coded passwords, insecure web
interfaces and shoddy cloud interfaces.

While there is certainly a value in analyzing common IoT security challenges and

mistakes, it is perhaps more helpful to view them as symptoms of a larger problem:
carelessness. There’s also the idea that achieving IoT security is a goal that runs counter
to business aims — triggering, for instance delays, usability hassles and added costs. But
organizations with such a cavalier attitude toward security invite “black swan” events —
“high-impact events that are rare and unpredictable, but in retrospect seem not so
improbable,” as Harvard Business Review puts it. In the IoT realm, such episodes are
costly and can even have fatal consequences under the right circumstances. For
instance, a 2015 Jeep hack by a pair of security researchers managed to trigger a recall
of 1.4 vehicles by remotely killing a Jeep on the freeway with the driver’s consent.
Imagine the possible consequences if black hat hackers pulled a similar stunt to an
unsuspecting motorist.

Given the very real possibility for such outcomes, organizations should view security as a
critical business consideration, working to improve their security posture at every
possible level and with every team member. By incrementally improving security
throughout, organizations can dramatically curb their risk of falling prey to cyber
disasters, while developing a higher resolution view of the state of their business and the
risks it faces. In fact, each discrete business unit within an organization should “decide
how much security they want and how much they want to spend,” Proctor
recommended. Proctor also is a fan of framing security like Olympic medals — with
gold, silver and bronze options.   

Organizations shooting for gold-security would do well to take to heart Sir Dave
Brailsford’s so-called podium principles, built on strategy, performance and continuous
improvement. Such an approach can transform security from something that seems
abstract and unobtainable to something vital and within reach, as the prospect of
winning gold medals first seemed to the British Cycling team in 2002 — when they won
just one gold medal in 76 years. “To give you a bit of background, when we first started
out, the top of the Olympic podium seemed like a very long way away. Aiming for gold
was too daunting,” Brailsford told Harvard Business Review. In the 2008 and 2012
Olympics, the team went on to win seven of the 10 gold medals possible. What a
difference a bit of economic theory and some hard work can make — for athletics, IoT or
nearly anything else. 

TAGS: INTERNET OF THINGS (IOT)

RELATED

SPONSORED CONTENT

Locking Active Directory in a Box: How to Secure AD in a Threat-Intensive

World
JAN 11, 2018

ITPro SnapShot: Resources for the Meltdown and Spectre Flaws

JAN 05, 2018
 SPONSORED CONTENT

Beginners Guide to SIEM

JAN 03, 2018

SPONSORED CONTENT

Insider’s Guide to Incident response

JAN 03, 2018

 Next Article
 Previous Article

 About
 Advertise
 Contact Us
 Sitemap

 Privacy Statement
 Terms of Service
 Ad Choices
Follow us:
© 2018 Informa USA, Inc., All Rights Reserved