Some thoughts about Windows Server 2008

Windows Server 2008 has shipped! And a fine product it is, too!

Windows Server 2008 is the first Windows Server to go through the full SDL process, making it the most secure version of Windows Server to date. We raised the security bar in Windows Vista, and we REALLY raised the bar in Windows Server 2008.

Windows Server 2008 is a prime product example of our ongoing commitment to Trustworthy Computing, and how the company is making good on its commitment to continue to build the most secure computing environment possible. After the Trustworthy Computing commitment was made a few years ago, we've has made great strides in the right direction, and last week's product launch (Windows Server 2008, SQL Server 2008, and Visual Studio 2008) clearly shows that security remains a top priority.

While I tend to focus on "Secure Features" Windows Server 2008 is full of "Security Features." Someone asked me for my favorite security features. In no particular order, they are:

  • The various defenses we see in Windows Vista: stack defenses, heap defenses, ASLR, NX etc etc
  • Server Core (ok, technically not a security feature, but a critical way to dramatically reduce a server's attack surface)
  • Network Access Protection (NAP)
  • Server and Domain Isolation
  • Read-Only Domain Controllers
  • Suite-B crypto support

Oh, the Windows Server 2008 Security Guide is now available!