Lately, a new release to any Microsoft operating system has meant learning a new user interface, and Server 2016 is no exception. If you have been using and have become familiar with navigating around Windows 10, you should find yourself fairly comfortable with driving the new server operating system as well. We will actually cover quite a bit on this topic in just a minute, right inside this first chapter as we learn some tips and tricks for moving around smoothly and efficiently within the new interface.

An idea that started to take shape in Server 2012 was Software-Defined Networking (SDN), though at that time the only realistic functionality was provided by the specific component of Hyper-V Network Virtualization. Similar to the idea of virtualizing the server hardware platforms into virtual machines, we now have the capability to virtualize our network layer, which provides various benefits, especially for large organizations and cloud service providers. We will explore updates and features within SDN later in this book.

PowerShell is the new Command Prompt. More than that, PowerShell is arguably the most powerful configuration tool for every aspect within Windows Server. Most functions in Windows have a graphical interface from which you can make changes and adjust settings, and these GUIs have PowerShell counterparts, which allow you to perform the same actions from a command line. In fact, some features in Windows cannot even be performed without PowerShell; it is becoming that integral. We have a chapter coming up later, which will discuss new functionality and ideas in this latest version of PowerShell.

Microsoft has been including its own malware protection in the client operating systems since Windows 8, but never before on a server platform. Times have changed. Windows Defender has been improved, and it now runs by default in Windows Server 2016! Take a closer look at this feature in Chapter 7, Hardening and Security.

There's a new reboot sheriff in town. In an effort to speed up reboots, there is an optional reboot setting now called soft restart. This is a feature to be installed within the Windows Server 2016 operating system, and once installed, it provides the capability to initiate a soft restart. So what is a soft restart? It is a restart without hardware initialization. In other words, it restarts the operating system without restarting the whole machine. It is important to note that this feature needs to be specifically installed, and it is invoked when restarting by adding a special switch to either the shutdown command, or the Restart-Computer cmdlet. Here are examples of each:

You've probably heard of Server Core, but I doubt many of those reading this book have deployed it. Unfortunately, the powerful security story behind Server Core is going largely unused, but Microsoft expects this to change completely with the release of Nano Server in Windows Server 2016. Nano Server has a greatly decreased security footprint, and incredibly small hardware requirements. In the next few years, it is expected that many companies will swing a lot of their workloads from traditional servers over to Nano Servers. Make sure to check out Chapter 8, Tiny Servers.

Web Application Proxy (WAP) is a role that was introduced in Windows Server 2012 R2 and provides us with the ability to reverse proxy web applications. In other words, we can take internal web resources like Outlook Web Access or SharePoint sites, and publish them securely out to our remote users on the Internet. WAP in Server 2012 R2 came with very limited functionality, and that combined with some pretty steep installation requirements means that almost nobody is using it in production. We are talking about it here in our chapter on remote access because a number of new functions have been provided with the Server 2016 version, and we hope that many more folks will start deploying this new remote access technology.

So many companies are running a majority of their servers as virtual machines today. One of the big problems with this is that there are some inherent security loopholes that exist in the virtualization host platforms of today. One of those holes is backdoor access to the hard disk files of your virtual machines. It is quite easy for anyone with administrative rights on the virtual host to be able to see, modify, or break any virtual machine that is running within that host. And these modifications can be made in almost untraceable ways. Take a look inside Chapter 12, Virtualizing Your Datacenter with Hyper-V, to learn how the new capability to create shielded virtual machines closes up this security hole by implementing full disk encryption on those VHD files.