Davoud Teimouri

Virtualization & Datacenter

What’s New Windows Server 2019

Windows Server 2019 General Availability

Microsoft has announced general availability of Windows Server 2019 on 2 October 2018. Latest version of Windows Server comes with cool features that I want to review those features in this post. It was announced on March 20, 2018, and the first Windows Insider preview version was released on the same day. Windows Server 2019 is built on the strong foundation of Windows Server 2016 and brings numerous innovations on four key themes: Hybrid, Security, Application Platform, and Hyper-Converged Infrastructure (HCI).

What’s New in Windows Server 2019

Windows Server 2019 has the following new features:

  • Windows Subsystem for Linux (WSL)
  • Support for Kubernetes (Beta)
  • Other GUI new features from Windows 10 version 1809.
  • Storage Spaces Direct
  • Storage Migration Service
  • Storage Replica
  • System Insights
  • Improved Windows Defender

Desktop experience

The Desktop Experience is back in Windows Server 2019! It is not included in Windows Server, version 1709, Windows Server, version 1803, or Windows Server, version 1809.
As with Windows Server 2016, during setup of the operating system it is possible to choose between Server Core installations or Server with Desktop Experience installations.

System Insights

System Insights is a new feature available in Windows Server 2019 that brings local predictive analytics capabilities natively to Windows Server. These predictive capabilities, each backed by a machine-learning model, locally analyze Windows Server system data, such as performance counters and events, providing insight into the functioning of your servers and helping you reduce the operational expenses associated with reactively managing issues in your Windows Server deployments.

Storage Replica

  • Test failover is a new feature that allows mounting of destination storage in order to validate replication or backup data.
  • Log Performance improvements v1.1
  • Storage Replica is available in Standard Edition and can create 1 Partnership with 1 Resource Group with single 2TB volumes. The feature can replicate between clusters, asynchronously and synchronously.

Windows Admin Center

Windows Admin Center is an evolution of Windows Server in-box management tools; it’s a single pane of glass that consolidates all aspects of local and remote server management. As a locally deployed, browser-based management experience, an Internet connection and Azure aren’t required. Windows Admin Center gives you full control of all aspects of your deployment, including private networks that aren’t Internet-connected.

  • Windows Admin Center is a free download, separate from the Windows Server 2019 download, for enhanced flexibility and remote management strategies.

Storage Migration Service

Storage Migration Service (SMS) is a new role included in Windows Server Standard and Datacenter editions. SMS is a job-based orchestration and proxy that:

  • Allows you to inventory existing servers for their data, security, and network settings.
  • Migrates that data, security, and network settings to a new, modern target by using the SMB protocol.
  • Takes over the identity of the old server completely, while decommissioning the original source, in such a way that your applications are unaffected and unaware that migration has taken place.

Server Core

The Server Core App Compatibility feature on demand (FOD) significantly improves the app compatibility of the Windows Server Core installation option by including a subset of binaries and components from Windows Server with the Desktop Experience, without adding the Windows Server Desktop Experience graphical environment itself. This is done to increase the functionality and compatibility of Server Core while keeping it as lean as possible.

This optional feature on demand is available on a separate ISO and can be added to Windows Server Core installations and images only, using DISM.

Azure Network Adapter

Now with Windows Server 2019, Windows Admin Center enables a one-click experience to configure a point-to-site VPN connection between an on-premises Windows Server and an Azure Virtual Network. This automates the configuration for the Azure Virtual Network gateway as well as the on-premises VPN client.

Windows Defender Advanced Threat Protection (ATP)

ATP’s deep platform sensors and response actions expose memory and kernel level attacks and respond by suppressing malicious files and terminating malicious processes.

Windows Defender ATP Exploit Guard is a new set of host-intrusion prevention capabilities. The four components of Windows Defender Exploit Guard are designed to lock down the device against a wide variety of attack vectors and block behaviors commonly used in malware attacks, while enabling you to balance security risk and productivity requirements.

  • Attack Surface Reduction(ASR) is set of controls that enterprises can enable to prevent malware from getting on the machine by blocking suspicious malicious files (for example, Office files), scripts, lateral movement, ransomware behavior, and email-based threats.
  • Network protection protects the endpoint against web-based threats by blocking any outbound process on the device to untrusted hosts/IP addresses through Windows Defender SmartScreen.
  • Controlled folder access protects sensitive data from ransomware by blocking untrusted processes from accessing your protected folders.
  • Exploit protection is a set of mitigations for vulnerability exploits (replacing EMET)that can be easily configured to protect your system and applications.

Windows Defender Application Control (also known as Code Integrity (CI) policy) was released in Windows Server 2016. Customer feedback has suggested that it is a great concept, but hard to deploy. To address this, we have built default CI policies, which will allow all Windows in-box files and Microsoft applications, such as SQL Server, and block known executables that can bypass CI.

Security with Software Defined Networking (SDN)

Security with SDN delivers many features to increase customer confidence in running workloads, either on-premises, or as a service provider in the cloud.

Shielded Virtual Machines

  • Branch office improvements: You can now run shielded virtual machines on machines with intermittent connectivity to the Host Guardian Service by leveraging the new fallback HGS and offline modefeatures. Fallback HGS allows you to configure a second set of URLs for Hyper-V to try if it can’t reach your primary HGS server. Offline mode allows you to continue to start up your shielded VMs, even if HGS can’t be reached, as long as the VM has started successfully once, and the host’s security configuration has not changed.
  • Troubleshooting improvements: We’ve also made it easier to troubleshoot your shielded virtual machines by enabling support for VMConnect Enhanced Session Mode and PowerShell Direct. These tools are particularly useful if you’ve lost network connectivity to your VM and need to update its configuration to restore access.These features do not need to be configured, and they will automatically become available when a shielded VM is placed on a Hyper-V host running Windows Server version 1803 or later.
  • Linux support: If you run mixed-OS environments, Windows Server 2019 now supports running Ubuntu, Red Hat Enterprise Linux, and SUSE Linux Enterprise Server inside shielded virtual machines.

Linux containers on Windows

It is now possible to run Windows and Linux-based containers on the same container host, using the same docker daemon. This enables you to have a heterogenous container host environment while providing flexibility to application developers.

Building Support for Kubernetes

Windows Server 2019 continues the improvements to compute, networking and storage from the semi-annual channel releases needed to support Kubernetes on Windows. More details will be available in upcoming Kubernetes releases.

Storage Spaces Direct

  • Deduplication and compression: Get up to 10X more storage for free with deduplication and compression for the ReFS filesystem. (It’s just one click to turn on with Windows Admin Center.) The variable-size chunk store with optional compression maximizes savings rates, while the multi-threaded post-processing architecture keeps performance impact minimal. Supports volumes up to 64 TB and files up to 1 TB each.
  • Native support for persistent memory: Unlock unprecedented performance with native Storage Spaces Direct support for persistent memory modules, including Intel® Optane™ DC PM and NVDIMM-N. Use persistent memory as cache to accelerate the active working set, or as capacity to guarantee consistent low latency on the order of microseconds. Manage persistent memory just as you would any other drive in PowerShell or Windows Admin Center.
  • Nested resiliency for two-node HCI at the edge: Survive two hardware failures at once with an all-new software resiliency option inspired by RAID 5+1. With nested resiliency, a two-node Storage Spaces Direct cluster can provide continuously accessible storage for apps and virtual machines even if one server node goes down and a drive fails in the other server node.
  • Windows Admin Center: Manage and monitor Storage Spaces Direct with the new purpose-built Dashboard and experience in Windows Admin Center. Create, open, expand, or delete volumes with just a few clicks. Monitor performance like IOPS and IO latency from the overall cluster down to the individual SSD or HDD. Available at no additional cost for Windows Server 2016 and Windows Server 2019.
  • Performance history: Get effortless visibility into resource utilization and performance with built-in history. Over 50 essential counters spanning compute, memory, network, and storage are automatically collected and stored on the cluster for up to one year. Best of all, there’s nothing to install, configure, or start – it just works. Visualize in Windows Admin Center or query and process in PowerShell.
  • Scale up to 4 PB per cluster: Achieve multi-petabyte scale – great for media, backup, and archival use cases. In Windows Server 2019, Storage Spaces Direct supports up to 4 petabytes (PB) = 4,000 terabytes of raw capacity per storage pool. Related capacity guidelines are increased as well: for example, you can create twice as many volumes (64 instead of 32), each twice as large as before (64 TB instead of 32 TB). Stitch multiple clusters together into a cluster set for even greater scale within one storage namespace.
  • Mirror-accelerated parity is 2X faster: With mirror-accelerated parity you can create Storage Spaces Direct volumes that are part mirror and part parity, like mixing RAID-1 and RAID-5/6 to get the best of both. (It’s easier than you think in Windows Admin Center.) In Windows Server 2019, the performance of mirror-accelerated parity is more than doubled relative to Windows Server 2016 thanks to important architectural optimizations.
  • Drive latency outlier detection: Easily identify drives with abnormal latency with proactive monitoring and built-in outlier detection, inspired by Microsoft Azure’s long-standing and successful approach. Whether it’s average latency or something more subtle like 99th percentile latency that stands out, slow drives are automatically labeled in PowerShell and Windows Admin Center with ‘Abnormal Latency’ status.

Failover Clustering

  • Cluster Sets: Hyperscale a hyper-converged infrastructure by federating multiple Failover Clusters into a Cluster Set. Virtual Machines achieve fluidity across loosely coupled grouping of clusters for balancing and maintenance.
  • Azure Enlightened Clusters: Failover Clusters automatically detect and optimize the configuration when running in Azure IaaS virtual machines. Proactive failover and logging of Azure planned maintenance events to achieve the highest levels of availability. Simplified deployment by removing the need to configure the load balancer with Dynamic Network Name for Cluster Name.
  • Cross-domain Cluster Migration: Failover Clusters can now dynamically move from one Active Directory domain to another. Simplifying domain consolidation and allowing clusters to be pre-built and then shipped and domain joined onsite.
  • Cluster Hardening: Intra-cluster communication over Server Message Block (SMB) for Cluster Shared Volumes and Storage Spaces Direct now leverages certificates to provide the most secure platform. This allows Failover Clusters to operate with no dependencies on NTLM and enable security baselines.
  • USB Witness: A simple USB drive in a switch or device can now be used as a witness in determining quorum for a cluster. This extends the File Share Witness to support any SMB2 compliant device.
  • Cluster Infrastructure: The CSV Cache is now enabled by default to turbo boost virtual machine performance. MSDTC now supports Cluster Shared Volumes, to allow deploying MSDTC workloads on Storage Spaces Direct such as with SQL Server. Enhanced logic to detect partitioned nodes with self-healing to return nodes to cluster membership. Enhanced cluster network route detection and self-healing.
  • Cluster Aware Updating: Cluster Aware Updating (CAU) is now integrated and aware of Storage Spaces Direct, validating and ensuring data resynchronization completes on each node. Inspects updates to intelligently patch by only rebooting if necessary. Enables orchestrating restarts of all nodes in the cluster for planned maintenance, even when not patching.

Encrypted Networks

Encrypted Networks – Virtual network encryption allows encryption of virtual network traffic between virtual machines that communicate with each other within subnets marked as Encryption Enabled. It also utilizes Datagram Transport Layer Security (DTLS) on the virtual subnet to encrypt packets. DTLS protects against eavesdropping, tampering, and forgery by anyone with access to the physical network.

Network performance improvements for virtual workloads

Network performance improvements for virtual workloads will maximize the network throughput to virtual machines without requiring you to constantly tune or over-provision your host. This lowers the operations and maintenance cost while increasing the available density of your hosts. These new features are:

  • Receive Segment Coalescing in the vSwitch
  • Dynamic Virtual Machine Multi-Queue (d.VMMQ)

Low Extra Delay Background Transport

Low Extra Delay Background Transport (LEDBAT) is a latency optimized, network congestion control provider designed to automatically yield bandwidth to users and applications, while consuming the entire bandwidth available when the network is not in use.
This technology is intended for use in deploying large, critical updates across an IT environment without impacting customer facing services and associated bandwidth.

Windows Time Service

The Windows Time Service includes true UTC-compliant leap second support, a new time protocol called Precision Time Protocol, and end-to-end traceability.

High performance SDN gateways

High performance SDN gateways in Windows Server 2019 greatly improves the performance for IPsec and GRE connections, providing ultra-high-performance throughput with much less CPU utilization.

New Deployment UI and Windows Admin Center extension for SDN

Now, with Windows Server 2019, it’s easy to deploy and manage through a new deployment UI and Windows Admin Center extension that will enable anyone to harness the power of SDN.

Persistent Memory support for Hyper-V VMs

To leverage the high throughput and low latency of persistent memory (a.k.a. storage class memory) in virtual machines, it can now be projected directly into VMs. This can help to drastically reduce database transaction latency or reduce recovery times for low latency in-memory databases on failure.

Windows Server 2019 System Requirements

The following are estimated system requirements Windows Server 2019. If your computer has less than the “minimum” requirements, you will not be able to install this product correctly. Actual requirements will vary based on your system configuration and the applications and features you install.

Unless otherwise specified, these minimum system requirements apply to all installation options (Server Core, Server with Desktop Experience, and Nano Server) and both Standard and Datacenter editions.

Processor

Processor performance depends not only on the clock frequency of the processor, but also on the number of processor cores and the size of the processor cache. The following are the processor requirements for this product:

Minimum:

  • 1.4 GHz 64-bit processor
  • Compatible with x64 instruction set
  • Supports NX and DEP
  • Supports CMPXCHG16b, LAHF/SAHF, and PrefetchW
  • Supports Second Level Address Translation (EPT or NPT)

Memory

The following are the estimated RAM requirements for this product:

Minimum:

  • 512 MB (2 GB for Server with Desktop Experience installation option)
  • ECC (Error Correcting Code) type or similar technology

Storage controller and disk space requirements

Computers that run Windows Server 2019 must include a storage adapter that is compliant with the PCI Express architecture specification. Persistent storage devices on servers classified as hard disk drives must not be PATA. Windows Server 2019 does not allow ATA/PATA/IDE/EIDE for boot, page, or data drives.

The following are the estimated minimum disk space requirements for the system partition.

Minimum: 32 GB

Compare Editions

Locks and LimitsWindows Server 2019 StandardWindows Server 2019 Datacenter
Maximum number of usersBased on CALsBased on CALs
Maximum SMB connections1677721616777216
Maximum RRAS connectionsunlimitedunlimited
Maximum IAS connections21474836472147483647
Maximum RDS connections6553565535
Maximum number of 64-bit sockets6464
Maximum number of coresunlimitedunlimited
Maximum RAM24 TB24 TB
Can be used as virtualization guestYes; 2 virtual machines, plus one Hyper-V host per licenseYes; unlimited virtual machines, plus one Hyper-V host per license
Server can join a domainyesyes
Edge network protection/firewallnono
DirectAccessyesyes
DLNA codecs and web media streamingYes, if installed as Server with Desktop ExperienceYes, if installed as Server with Desktop Experience

 

Windows Server roles availableRole servicesWindows Server 2019 StandardWindows Server 2019 Datacenter
Active Directory Certificate ServicesYesYes
Active Directory Domain ServicesYesYes
Active Directory Federation ServicesYesYes
AD Lightweight Directory ServicesYesYes
AD Rights Management ServicesYesYes
Device Health AttestationYesYes
DHCP ServerYesYes
DNS ServerYesYes
Fax ServerYesYes
File and Storage ServicesFile ServerYesYes
File and Storage ServicesBranchCache for Network FilesYesYes
File and Storage ServicesData DeduplicationYesYes
File and Storage ServicesDFS NamespacesYesYes
File and Storage ServicesDFS ReplicationYesYes
File and Storage ServicesFile Server Resource ManagerYesYes
File and Storage ServicesFile Server VSS Agent ServiceYesYes
File and Storage ServicesiSCSI Target ServerYesYes
File and Storage ServicesiSCSI Target Storage ProviderYesYes
File and Storage ServicesServer for NFSYesYes
File and Storage ServicesWork FoldersYesYes
File and Storage ServicesStorage ServicesYesYes
Host Guardian ServiceYesYes
Hyper-VYesYes; including Shielded Virtual Machines
MultiPoint ServicesYesYes
Network ControllerNoYes
Network Policy and Access ServicesYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Print and Document ServicesYesYes
Remote AccessYesYes
Remote Desktop ServicesYesYes
Volume Activation ServicesYesYes
Web Services (IIS)YesYes
Windows Deployment ServicesYesYes
Windows Server Essentials ExperienceYesYes
Windows Server Update ServicesYesYes

 

Windows Server Features installable with Server Manager (or PowerShell)Windows Server 2019 StandardWindows Server 2019 Datacenter
.NET Framework 3.5YesYes
.NET Framework 4.6YesYes
Background Intelligent Transfer Service (BITS)YesYes
BitLocker Drive EncryptionYesYes
BitLocker Network UnlockYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
BranchCacheYesYes
Client for NFSYesYes
ContainersYes (Windows containers unlimited; Hyper-V containers up to 2)Yes (all container types unlimited)
Data Center BridgingYesYes
Direct PlayYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Enhanced StorageYesYes
Failover ClusteringYesYes
Group Policy ManagementYesYes
Host Guardian Hyper-V SupportNoYes
I/O Quality of ServiceYesYes
IIS Hostable Web CoreYesYes
Internet Printing ClientYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
IPAM ServerYesYes
iSNS Server serviceYesYes
LPR Port MonitorYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Management OData IIS ExtensionYesYes
Media FoundationYesYes
Message QueueingYesYes
Multipath I/OYesYes
MultiPoint ConnectorYesYes
Network Load BalancingYesYes
Peer Name Resolution ProtocolYesYes
Quality Windows Audio Video ExperienceYesYes
RAS Connection Manager Administration KitYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Remote AssistanceYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Remote Differential CompressionYesYes
RSATYesYes
RPC over HTTP ProxyYesYes
Setup and Boot Event CollectionYesYes
Simple TCP/IP ServicesYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
SMB 1.0/CIFS File Sharing SupportInstalledInstalled
SMB Bandwidth LimitYesYes
SMTP ServerYesYes
SNMP ServiceYesYes
Software Load BalancerYesYes
Storage ReplicaNoYes
Telnet ClientYesYes
TFTP ClientYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
VM Shielding Tools for Fabric ManagementYesYes
WebDAV RedirectorYesYes
Windows Biometric FrameworkYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Windows Defender featuresInstalledInstalled
Windows Identity Foundation 3.5Yes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Windows Internal DatabaseYesYes
Windows PowerShellInstalledInstalled
Windows Process Activation ServiceYesYes
Windows Search ServiceYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
Windows Server BackupYesYes
Windows Server Migration ToolsYesYes
Windows Standards-Based Storage ManagementYesYes
Windows TIFF IFilterYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience
WinRM IIS ExtensionYesYes
WINS ServerYesYes
Wireless LAN ServiceYesYes
WoW64 supportInstalledInstalled
XPS ViewerYes, when installed as Server with Desktop ExperienceYes, when installed as Server with Desktop Experience

 

Features available generallyWindows Server 2019 StandardWindows Server 2019 Datacenter
Best Practices AnalyzerYesYes
Constrained Storage ReplicaYes, (1 Partnership and 1 Resource Group with Single 2TB volume)Yes, unlimited
Direct AccessYesYes
Dynamic Memory (in virtualization)YesYes
Hot Add/Replace RAMYesYes
Microsoft Management ConsoleYesYes
Minimal Server InterfaceYesYes
Network Load BalancingYesYes
Windows PowerShellYesYes
Server Core installation optionYesYes
Nano Server installation optionYesYes
Server ManagerYesYes
SMB Direct and SMB over RDMAYesYes
Software-defined NetworkingNoYes
Storage Management ServiceYesYes
Storage SpacesYesYes
Storage Spaces DirectNoYes
Volume Activation ServicesYesYes
VSS (Volume Shadow Copy Service) integrationYesYes
Windows Server Update ServicesYesYes
Windows System Resource ManagerYesYes
Server license loggingYesYes
Inherited activationAs guest if hosted on DatacenterCan be host or guest
Work foldersYesYes

 

See Also

[Review]: Microsoft Server Performance Advisor

Microsoft HPC Pack

Microsoft Security Compliance Toolkit 1.0

[Review]: Introducing Windows Server System Insights

[Review]: Performance Tuning Guidelines for Windows Server 2016

[Review]: What’s Remote Direct Memory Access(RDMA)?

Reference

Get Started with Windows Server 2019

Windows Server 2019

1,129 total views, 30 views today

What’s New Windows Server 2019
5 (100%) 1 Votes

Davoud Teimouri is as a professional blogger, vExpert 2015/2016/2017/2018, VCA, MCITP. This blog is started with simple posts and now, it has large following readers.

Leave a Reply

Your email address will not be published. Required fields are marked *

Teimouri.net © 2012 Frontier Theme
Read previous post:
HPE Customized ESXi Image
HPE Customized ESXi Image – September 2018

What's New in HPE Customized ESXi Images HPE has released the latest version of customized ESXi images with latest available...

Close