10 best features in Windows 7 for IT professionals
Federated search and enterprise search scopes
One of the big themes in Windows 7 for the corporate user is allowing easier access to information no matter where it's located. The big push here is for a unified interface for any given search, with results brought in from a variety of locations into one convenient window. Out of the box, Windows 7 allows users to search beyond their own computers. Some of the nice features here include one-click auto preview, the ability to search within specific "libraries" of information (libraries being a defined set of resources or locations to narrow the scope of a search) and integrated results presentation from SharePoint sites and beyond.
Federated search and enterprise search scopes
One of the big themes in Windows 7 for the corporate user is allowing easier access to information no matter where it's located. The big push here is for a unified interface for any given search, with results brought in from a variety of locations into one convenient window. Out of the box, Windows 7 allows users to search beyond their own computers. Some of the nice features here include one-click auto preview, the ability to search within specific "libraries" of information (libraries being a defined set of resources or locations to narrow the scope of a search) and integrated results presentation from SharePoint sites and beyond.
DirectAccess
In my humble opinion, this is one of the coolest features of Windows 7 with Windows Server 2008 R2 (also known as "Windows 7 Server" in some circles). Imagine the virtues of being connected to a VPN: access to your corporate network, file shares, intranet, seamless authentication with company resources and so on. Now imagine not having to create that expensive, giant tunnel through which these resources are accessed. That's DirectAccess. It requires deploying IPv6 and IPsec -- no small tasks by any means, though they should be on your radar already. The advantages? With DirectAccess, you can have essentially an "always managed" infrastructure, so you as the administrator can ensure that updates are distributed, that Group Policy is applied and that your known machines are trusted, anywhere, all the time. That's powerful.
BranchCache
BranchCache extends some of the improvements made in Windows Server 2003 R2 and Windows Server 2008 by caching downloaded information from the Web and intranet sites within a branch office the first time it is requested. Since branch offices often operate on lower-speed Internet links, user productivity is improved as the day goes on because more and more files are present within the cache. In a demo, a document was downloaded over a 512Kbit/sec. connection, taking about 30 to 45 seconds. After the cache, when another user in the same site requested that information, the transfer was nearly instantaneous. BranchCache works not only with a branch office server but also on a peer-to-peer basis among Windows 7 clients in the same location.
BitLocker to Go
Quick poll: how many USB thumb drives do you think exist within the four walls (or eight, or 16, or however many pertain to you) of your organization? I run a small company, and I am confident the number is over 100; frankly, I couldn't attempt to remember what kind of information is on each one, or even if I have lost one at some point in time. Consider the security risk that this tiny device represents. With BitLocker to Go, you as the administrator can set policies that require removable drives to be encrypted prior to allowing write access to them. You protect from the beginning, thereby reducing the risk of data loss or theft. The encryption process in most cases seems to take less than a minute and the process can alert the user automatically when he plugs in a not-yet-encrypted drive.
AppLocker
You might recall software restriction policies from Windows XP, a good-hearted but clumsy way for administrators to restrict certain binaries from running on the network. Enter AppLocker, which is exactly what it sounds like: a Group Policy-based way to identify applications that are permitted to run on your infrastructure. You can filter by publisher, which identifies a program's digital signature -- a much easier and more reliable method than a checksum or binary file name. You also get more granular control on the strength of the rule, allowing certain versions or groups of versions (i.e., Version 9 or above) to run, much more easily than having to create rules over and over again.
DNSSEC Support
Many security pundits have said that the next big plague facing the Internet is the inherent insecurity of the Domain Name System (DNS). Now DNSSEC comes to the rescue as a set of extensions to DNS that prevent spoofing address information. Windows 7 comes with DNSSEC support out of the box.
VHD Boot
VHD Boot works with a virtualized desktop infrastructure to ensure image consistency among client computers. If you have an environment employing strong Group Policy configuration, folder redirection, roaming profiles and the like, then you can feasibly boot from a virtual image. For example, the image used by a customer support team that works remotely could be the same one used on physical PCs for those users who require access to discrete hardware.
Windows Troubleshooting Platform
The Windows Troubleshooting Platform is a new, comprehensive approach to solving end user problems via troubleshooting packs that can be applied to PCs throughout the environment. And the Windows Troubleshooting Toolkit allows you as the administrator to create your own troubleshooting packs when you identify specific problems within your own infrastructure. Also, a separate new tool called Problem Steps Recorder allows an end user to record the steps he takes leading up to a problem and then capture those steps into automatically created screen grabs, and e-mail them to an administrator or help desk representative for easier problem resolution.
Windows PowerShell Integrated Scripting Environment
Because of PowerShell's popularity, Microsoft has introduced into Windows 7 a graphical interface for PowerShell that makes it very easy to learn the scripting language and use it in a color-coded, easy-to-read environment. Developing, debugging and running the scripts in this new environment is much easier than it was with the previous single-command-prompt method.
PowerShell Remoting
Also new to PowerShell is support for the WS-Management protocol that allows you to remotely run commands on client PCs. You can use this capability on a one-to-one basis, say for specific requests in response to help desk calls, or you can fan out with one-to-many remoting and run cmdlets on multiple PCs from within the Windows PowerShell Integrated Scripting Environment.
Source: Jonathan Hassell, Opinion: 10 best features in Windows 7 for IT professionals, Retrieved on 10/29/2008 from computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=NOSes+and+Server+Software&articleId=9118322&taxonomyId=156&pageNumber=2
In my humble opinion, this is one of the coolest features of Windows 7 with Windows Server 2008 R2 (also known as "Windows 7 Server" in some circles). Imagine the virtues of being connected to a VPN: access to your corporate network, file shares, intranet, seamless authentication with company resources and so on. Now imagine not having to create that expensive, giant tunnel through which these resources are accessed. That's DirectAccess. It requires deploying IPv6 and IPsec -- no small tasks by any means, though they should be on your radar already. The advantages? With DirectAccess, you can have essentially an "always managed" infrastructure, so you as the administrator can ensure that updates are distributed, that Group Policy is applied and that your known machines are trusted, anywhere, all the time. That's powerful.
BranchCache
BranchCache extends some of the improvements made in Windows Server 2003 R2 and Windows Server 2008 by caching downloaded information from the Web and intranet sites within a branch office the first time it is requested. Since branch offices often operate on lower-speed Internet links, user productivity is improved as the day goes on because more and more files are present within the cache. In a demo, a document was downloaded over a 512Kbit/sec. connection, taking about 30 to 45 seconds. After the cache, when another user in the same site requested that information, the transfer was nearly instantaneous. BranchCache works not only with a branch office server but also on a peer-to-peer basis among Windows 7 clients in the same location.
BitLocker to Go
Quick poll: how many USB thumb drives do you think exist within the four walls (or eight, or 16, or however many pertain to you) of your organization? I run a small company, and I am confident the number is over 100; frankly, I couldn't attempt to remember what kind of information is on each one, or even if I have lost one at some point in time. Consider the security risk that this tiny device represents. With BitLocker to Go, you as the administrator can set policies that require removable drives to be encrypted prior to allowing write access to them. You protect from the beginning, thereby reducing the risk of data loss or theft. The encryption process in most cases seems to take less than a minute and the process can alert the user automatically when he plugs in a not-yet-encrypted drive.
AppLocker
You might recall software restriction policies from Windows XP, a good-hearted but clumsy way for administrators to restrict certain binaries from running on the network. Enter AppLocker, which is exactly what it sounds like: a Group Policy-based way to identify applications that are permitted to run on your infrastructure. You can filter by publisher, which identifies a program's digital signature -- a much easier and more reliable method than a checksum or binary file name. You also get more granular control on the strength of the rule, allowing certain versions or groups of versions (i.e., Version 9 or above) to run, much more easily than having to create rules over and over again.
DNSSEC Support
Many security pundits have said that the next big plague facing the Internet is the inherent insecurity of the Domain Name System (DNS). Now DNSSEC comes to the rescue as a set of extensions to DNS that prevent spoofing address information. Windows 7 comes with DNSSEC support out of the box.
VHD Boot
VHD Boot works with a virtualized desktop infrastructure to ensure image consistency among client computers. If you have an environment employing strong Group Policy configuration, folder redirection, roaming profiles and the like, then you can feasibly boot from a virtual image. For example, the image used by a customer support team that works remotely could be the same one used on physical PCs for those users who require access to discrete hardware.
Windows Troubleshooting Platform
The Windows Troubleshooting Platform is a new, comprehensive approach to solving end user problems via troubleshooting packs that can be applied to PCs throughout the environment. And the Windows Troubleshooting Toolkit allows you as the administrator to create your own troubleshooting packs when you identify specific problems within your own infrastructure. Also, a separate new tool called Problem Steps Recorder allows an end user to record the steps he takes leading up to a problem and then capture those steps into automatically created screen grabs, and e-mail them to an administrator or help desk representative for easier problem resolution.
Windows PowerShell Integrated Scripting Environment
Because of PowerShell's popularity, Microsoft has introduced into Windows 7 a graphical interface for PowerShell that makes it very easy to learn the scripting language and use it in a color-coded, easy-to-read environment. Developing, debugging and running the scripts in this new environment is much easier than it was with the previous single-command-prompt method.
PowerShell Remoting
Also new to PowerShell is support for the WS-Management protocol that allows you to remotely run commands on client PCs. You can use this capability on a one-to-one basis, say for specific requests in response to help desk calls, or you can fan out with one-to-many remoting and run cmdlets on multiple PCs from within the Windows PowerShell Integrated Scripting Environment.
Source: Jonathan Hassell, Opinion: 10 best features in Windows 7 for IT professionals, Retrieved on 10/29/2008 from computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=NOSes+and+Server+Software&articleId=9118322&taxonomyId=156&pageNumber=2
Posts
