windows server 2016 features

Below are windows server 2016 new features for reference

Built-in Security: Microsoft has included built-in breach resistance. This feature helps stop attackers on your system and allows a company to meet any compliance requirements.

Active Directory Certificate Services (ADCS): Provides a customizable set of services that allow you to issue and manage public key infrastructure (PKI) certificates. These certificates can be used in software security systems that employ public key technologies.

Active Directory Domain Services (ADDS):  Includes new features that make deploying domain controllers simpler and that let you implement them faster. ADDS also makes the domain controllers more flexible, both to audit and to authorize for access to files. Moreover, ADDS has been designed to make performing administrative tasks easier through consistent graphical and scripted management experiences.

Active Directory Rights Management Services (ADRMS): Provides management and development tools that let you work with industry security technologies, including encryption, certificates, and authentication. Using these technologies allows organizations to create reliable information protection solutions.

BitLocker: Tool that allows to encrypt the hard drives of computer. By encrypting the hard drives, you can provide enhanced protection against data theft or unauthorized exposure of your computers or removable drives that are lost or stolen.

BranchCache: Allows data from files and web servers on a wide area network (WAN) to be cached on computers at a local branch office. By using BranchCache, you can improve application response times while also reducing WAN traffic. Cached data can be either distributed across peer client computers (distributed cache mode) or centrally hosted on a server (hosted cache mode). BranchCache is included with Windows Server 2016 and Windows 10.

Containers: Windows Server 2016 has started focusing on an isolated operating system environment called Dockers. Dockers allow applications to run in isolated environments called Containers. Containers are a separate location where applications can operate without affecting other applications or other operating system resources. To understand Dockers and Containers, think of virtualization.

Virtual machines are operating systems that run in their own space on top of another operating system. Well Dockers and Containers allow an application to run in its own space and because of this, it doesn’t affect other applications. There are two different types of containers to focus on.

1. Windows Server Containers: Windows Server 2016 allows for an isolated application to run by using a technology called process and namespace isolation. Windows Server 2016 containers allow applications to share the system’s kernel with their container and all other containers running on the same host.
2. Hyper-V Containers: Windows Server 2016 Hyper-V Containers add another virtual layer by isolating applications in their own optimized virtual machine. Hyper-V  containers work differently than Windows Server Containers in the fact that the Hyper-V Containers do not share the system’s kernel with other Hyper-V Containers.

Credential Guard: Helps protect a system’s credentials and this helps avoid pass the hash attacks. This offers better protection against advanced persistent threats by protecting credentials on the system from being stolen by a compromised administrator or malware. It can also be enabled on Remote Desktop Services servers and Virtual Desktop Infrastructure so that the credentials for users connecting to their sessions are protected.

DHCP: Dynamic Host Configuration Protocol (DHCP) is an Internet standard that allows organizations to reduce the administrative overhead of configuring hosts on a TCP/IP-based network. Some of the features are DHCP failover, policy-based assignment, and the ability to use Windows PowerShell for DHCP Server.

DNS: Used in TCP/IP networks. It will convert a computer name or fully qualified domain name (FQDN) to an IP address. It has the ability to do a reverse lookup and convert an IP address to a computer name. DNS allows you to locate computers and services through user-friendly names.

Failover Clustering: Gives an organization the ability to provide high availability and scalability to networked servers. Failover clusters can include file share storage for server applications, such as Hyper-V and Microsoft SQL Server, and those that run on physical servers or virtual machines.

File Server Resource Manager: File Server Resource Manager is a set of tools that allows administrators to manage and control the amount and type of data stored on the organization’s servers. By using File Server Resource Manager, administrators have the ability to set up file management tasks, use quota management, get detailed reports, set up a file classification infrastructure, and configure file screening management.

Group Policy Objects: Group Policy Objects are a set of rules and management configuration options that you can control through the Group Policy settings. These policy settings can be placed on users’ computers throughout the organization.

Hyper-V: Hyper-V is one of the most changed features in Windows Server 2016. Hyper-V allows an organization to consolidate servers by creating and managing a virtualized computing environment. It does this by using virtualization technology that is built into Windows Server 2016.

Hyper-V allows you to run multiple operating systems simultaneously on one physical computer. Each virtual operating system runs in its own virtual machine environment.

Windows Server 2016 Hyper-V now allows an administrator to protect their corporate virtual machines using the new feature called Shielded Virtual Machine. Shielded Virtual Machines are encrypted using BitLocker and the VMs can only run on approved Hyper-V host systems.

Hyper-V also now includes a new feature called containers. Containers add a new unique additional layer of isolation for a containerized applications.

IPAM: IP Address Management (IPAM) is one of the features introduced with Windows Server 2012. IPAM allows an administrator to customize and monitor the IP address infrastructure on a corporate network.

Kerberos Authentication: Windows Server 2016 uses the Kerberos authentication (version 5) protocol and extensions for password-based and public key authentication. The Kerberos client is installed as a security support provider (SSP), and it can be accessed through the Security Support Provider Interface (SSPI).

Managed Service Accounts (gMSAs): Stand-alone group managed service accounts, originally created for Windows Server 2008 R2 and Windows 7, are configured domain accounts that allow automatic password management and service principal names (SPNs) management, including the ability to delegate management to other administrators. Service accounts are accounts that an administrator creates so that the account can be used to start a service. Managed service accounts are accounts that are created using PowerShell, and then Active Directory manages the account. This includes changing the password on a regular frequency.

Nano Server: Windows Server 2016 has introduced a brand-new type of server installation called Nano Server. Nano Server allows an administrator to remotely administer the server operating system. It was primarily designed and optimized for private clouds and datacenters. Nano Server is very similar to Server Core, but the Nano Server operating system uses significantly less hard drive space, has no local logon capability, and only supports 64-bit applications and tools.

Nested Virtualization: Windows Server 2016 introduces a new Hyper-V feature called Nested Virtualization. Nested Virtualization allows administrators to create virtual machines within virtual machines. As an instructor, I think this is an awesome new feature. Now I can build a Windows Server 2016 Hyper-V server with a training virtual machine. Then when I get to the part when I need to teach Hyper-V, I can just do that right in the classroom virtual machine. There are numerous possibilities and we will talk more about them throughout this book.

Networking: There are many networking technologies and features in Windows Server 2016, including BranchCache, Data Center Bridging (DCB), NIC Teaming, and many more.

PowerShell Direct: Windows Server 2016 includes a new simple way to manage Hyper-V virtual machines called PowerShell Direct. PowerShell Direct is a new powerful set of parameters for the PSSession cmdlet called VMName. This will be discussed in greater detail in the Hyper-V chapters.

Remote Desktop Services: Before Windows Server 2008, we used to refer to this as Terminal Services. Remote Desktop Services allows users to connect to virtual desktops, RemoteApp programs, and sessionbased desktops. Using Remote Desktop Services allows users to access remote connections from within a corporate network or from the Internet.

Security Auditing: Security auditing gives an organization the ability to help maintain the security of an enterprise. By using security audits, you can verify authorized or unauthorized access to machines, resources, applications, and services. One of the best advantages of security audits is to verify regulatory compliance.

Smart Cards: Using smart cards (referred to as two-factor authentication) and their associated personal identification numbers (PINs) is a popular, reliable, and cost-effective way to provide authentication. When using smart cards, the user not only must have the physical card but also must know the PIN to be able to gain access to network resources. This is effective because even if the smart card is stolen, thieves can’t access the network unless they know the PIN.

TLS/SSL (Schannel SSP): Schannel is a security support provider (SSP) that uses the Secure Sockets Layer (SSL) and Transport Layer Security (TLS) Internet standard authentication protocols together. The Security Support Provider Interface is an API used by Windows systems to allow security-related functionality, including authentication.

Windows Deployment Services: Windows Deployment Services allows an administrator to install Windows operating systems remotely. Administrators can use Windows Deployment Services to set up new computers by using a network-based installation.

Windows PowerShell Desired State Configuration: Windows Server 2016 created a new PowerShell management platform called Windows PowerShell Desired State Configuration (DSC). This enables the deploying and managing of configuration data for software services and it also helps manage the environment in which these services run.

It allows administrators to use Windows PowerShell language extensions along with new Windows PowerShell cmdlets, and resources.DSC allows you to declaratively specify how a corporation wants their software environment to be configured and maintained.

DSC allows you to automate tasks like enabling or disabling server roles and features, manage Registry settings, manage files and directories, manage groups and users, deploy software, and run PowerShell scripts to just name a few.

Windows Server Backup Feature: The Windows Server Backup feature gives an organization a way to back up and restore Windows servers. You can use Windows Server Backup to back up the entire server (all volumes), selected volumes, the system state, or specific files or folders.

windows server 2016 iso download can be found from microsoft evaluation center.