Windows Server 2022 – New Features

Microsoft released its latest server operating system, Windows Server 2022, on 18 August 2021. With this release came a variety of new features in four areas:

• Hybrid Azure Integration
• Security
• Application platforms
• Other

We’ll investigate each area in more detail below.

Hybrid Azure Integration

Azure Arc allows on-premises Windows servers and those hosted in other cloud environments to be managed as a resource in Azure, thereby giving a consistent experience managing native and hybrid systems.

Windows Admin Center ships with new features to enable, and report on, the new secured-core feature discussed below.

Specific to Windows Server 2022 Datacenter: Azure Edition is a new feature for patching guest virtual machines without requiring a restart.

Security

Secured-core servers rely on hardware, firmware, and drivers working together with the operating system to enable high-security features to provide additional security against sophisticated attacks.

Hardware root-of-trust uses TPM (Trusted Platform Module) 2.0 to ensure the server starts with untampered code.

Dynamic Root of Trust Measurement (DRTM) works to protect against firmware attacks. These are often undetectable to traditional antivirus software.

Secure boot with UEFI checks the validity of signatures for drivers at boot to ensure these are trusted. Only if these signatures pass scrutiny will the operating system be allowed to start.

Virtualization-based security is only available on secured-core servers. This feature isolates a region of memory from the host to prevent a prevalent vulnerability exploited by crypto-mining attacks.

Secure HTTP (HTTPS) is enabled by default.

DNS queries are now secured with HTTPS.

SMB (Secure Message Block) will automatically use AES-256 encryption for communication with other systems that support this protocol and AES-128 for systems that do not support it.

Application Platforms

Kubernetes Windows Containers images are approximately 40% smaller and load about 30% faster than previous versions.

Applications that rely on Azure Active Directory no longer require the container host to be domain-joined.

Intel Secured Guard Extension on Intel Ice Lake processors improved confidential computing by protecting memory to isolate applications.

Intel Ice Lake processors support 2048 logical cores on 64 physical sockets and up to 48TB of RAM on Server 2022.

Other

Nested virtualization, or the ability to run Hyper-V inside of a Hyper-V virtual machine, is now supported on AMD processors.

Internet Explorer is no longer available, having been fully replaced in Server 2022 with the Microsoft Edge browser.

Improvements have been made to the networking functionality to reduce packet loss and move more of the processing from the CPU to the dedicated network hardware.

Updates to the Storage Migration Service allows data to be migrated from more locations than previously.

Conclusion

Anybody looking for the most modern features for their server environment should undoubtedly consider Windows Server 2022.