Website under construction

3 
CHAPTER 1 | Introduction to Microsoft Windows Server 2016 
The following subsections dive deeper into the pillars and what Microsoft promises to deliver and, 
more important, how it will deliver on these promises. 
Security 
Windows Server 2016 gives you the power to prevent attacks and detect suspicious activity with new 
features to control privileged access, protect virtual machines (VMs), and harden the platform against 
emerging threats. Here’s what Windows Server 2016 can do for you: 

Prevent the risk associated with compromised administrative credentials 
Using the new privileged identity management features, you can limit access to Just Enough and 
Just-in-Time 1. And, using Credential Guard, you can prevent administrative credentials from 
being stolen by Pass-the-Hash attacks. 

Protect your VMs from compromised fabric administrators by using shielded VMs 
A shielded VM is a Generation 2 VM that has a virtual Trusted Platform Module (TPM), is 
encrypted by using BitLocker, and can run only on approved hosts in the fabric. 

Reduce your datacenter footprint and increase availability with just-enough OS. 
The new Nano Server deployment option is 25 times smaller than Windows Server, while still 
offering a desktop experience. This minimizes the attack surface, increases availability, and 
reduces deployment time, resource usage, and startup time. 

Add even more protection to every deployment of Windows Server 2016. 
Whether you’re running in any cloud or on-premises, you can take advantage of additional 
security features such as Code Integrity and Control Flow Guard to ensure that only permitted 
binaries are run and protect against unknown vulnerabilities. 

Detect malicious behavior through enhanced security auditing optimized for threat detection. 
Using new audit categories for group membership and PNP to identify and add additional 
information to audit events, administrators can dive deeper than ever to discover new threats

Defend against malware attacks by using the built-in antimalware 
Windows Defender is now included in Windows Server 2016 and optimized to support the various 
server roles and integrate with Windows PowerShell for malware scanning. 

Limit exposure in case of a security intrusion 
If you were to suffer a security breach, Windows Server 2016 can limit the exposure by 
segmenting your network based on workload or business needs using a distributed firewall and 
network security groups. You can apply rich policies within and across segments. 

Use Hyper-V Containers for a unique additional level of isolation for containerized applications 
without any changes to the container image. 
Hyper-V containers provide isolation at the hardware level, giving administrators the peace of 
mind that they have come to appreciate with hardware-based virtualization protection as it 
incorporates the same isolation methods. 

Download 13,37 Mb.

Do'stlaringiz bilan baham: