LOS ANGELES , Sept. 15, 2005— At the Microsoft Professional Developers Conference 2005 today,Bob Muglia, Microsoft’s senior vice president for the Windows Server Division, showcased some of the new capabilities and benefits in the upcoming Windows Server, code-named Windows Server “Longhorn,” and outlined how developers can use WinFX to take advantage of the rich set of identity and access capabilities. To learn more about these announcements and what they mean for developers and IT professionals, PressPass spoke with Muglia.
PressPass: At Tech•Ed in June this year, you introduced the five customer promises for the future development of Windows Server. What are those investment areas?
Bob Muglia, Senior Vice President, Microsoft Windows Server Division
Muglia:The five customer promises are areas where we can make a fundamental difference over the next five to 10 years in customers’ infrastructure, in the partner ecosystem and in the applications that are built on Windows Server.
The right server for the right jobis about addressing specific customer needs and challenges – either through concentrating on individual workloads or editions of the server product, or in some cases integrating products together for the best solution for our customers, as we do with Microsoft Small Business Server. Our goal is to be best of breed across every workload and be consistent in the way we offer each workload to customers.
An end-to-end connected systems platformrefers to the investments we’re making in Windows Server as an application platform, to enable business value through smart, distributed applications. We will deliver the key technologies that an application platform needs such as message queuing, transactions, adherence to Web services standards, and the rich programming environment around the .NET distributed applications platform.
Intelligent distributed storageis about making storage ubiquitous and always accessible. Microsoft wants to ensure that Windows can manage storage, be it centralized on a Storage Area Network (SAN) or on a remote worker’s desktop.
Secure anywhere accessmeans providing secure, policy-based access to the important information that people need on the network, regardless of location. That means making sure that people in branch offices or remote locations – historically thesecond-class citizensof the networking world – get the same level of service as people who are connected centrally at headquarters.
Finally,Self-managing dynamic systemsare focused on lowering the cost of managing IT by embedding and transferring system knowledge in models throughout the application lifecycle and across the organization of developers, IT professionals and information workers. Our Dynamic Systems Initiative (DSI) aims to build manageability into systems, helping customers increase productivity, automate system compliance and boost IT’s responsiveness to business needs.
PressPass: Windows Server “Longhorn” is a highly anticipated release. What new capabilities and benefits can customers expect?
Muglia:Windows Server “Longhorn” is going to be a big step forward in all five customer promise areas. But our No. 1 focus that cuts across all five customer promises, ensuring that the fundamentals – such as security and reliability – are rock solid. If there’s one thing our customers tell us, it is that we need to continue with our investments in making Windows Server even more secure, manageable, responsive and interoperable with their existing environment.
For example, a newsecure-at-install feature means that when an IT administrator installs a new server role, the system will dynamically check for security updates for that particular role and make sure that the latest vulnerabilities are patched during installation. In addition, hot-pluggable subsystems and self-healing file systems further streamline management by allowing the system to fix itself on the fly if there’s a bad sector on a disk or even a CPU that is exhibiting a high rate of self correcting errors. Windows Server “Longhorn” also adds transactional capabilities to the NTFS file system and registry. It allows system functions, applications and IT professionals to perform registry and file system operations in a transactional manner. So, if any errors occur the system can be rolled back to a known good state
In the area of an end-to-end connected system platform, one of the key things we’re doing in Windows Server “Longhorn” is centralized deployment and management of applications. This means that whenever users connect to an application, they get the latest version of that application dynamically delivered to their desktop. And with “Longhorn,” Web services are further integrated with Windows Communications Foundation (formerly known by the code name “Indigo”) for a secure, reliable and transacted messaging infrastructure to build and run connected systems.
In terms of operational infrastructure, there’s a new unified server management tool that provides administrators with a management portal for the server they are managing, and that makes it easy for them to control important server functions, such as installing server roles and features. In addition, image-based set-up and management capabilities are expected to reduce the cost associated with managing multiple images by allowing server images to be maintained and updated directly. And with Windows Server “Longhorn,” IT administrators who have to manage multiple OS languages can expect reduce the number of images and updates they have to deal with.
With regards to better integrating the edge, a new capability called Network Access Protection prevents unhealthy devices from accessing the network. Any time a machine connects to the network, locally or remotely, Windows Server “Longhorn” can do a health check to make sure that a particular desktop or laptop has the proper security patches, virus signatures, firewall, etc. If it doesn’t, the system can redirect the device to a quarantine network where update servers can either bring the desktop or laptop into compliance and allow it onto the network, or keep it quarantined.
Another aspect of secure anywhere access is the work we’re doing with Terminal Services to create a seamless environment for remote users. We’re adding capabilities in Windows Server “Longhorn” that allows IT administrators to give users access to remote desktop applications that look and act as if they are running locally, and without requiring a full VPN connection. This greatly increases the attractiveness of Terminal Services to many customers, especially mid-sized ones, and makes it much safer as well.
PressPass: Today at the Professional Developers Conference you addressed software developers. What specifically will Windows Server “Longhorn” mean for them?
Muglia:Windows Server “Longhorn” builds on developers’ existing skill sets, such as .NET and Win32, so they can essentially move forward with the platform. But there is also a whole new set of capabilities that expands the horizons of what they can do to deliver rich new applications and end user experiences. A lot of it is around federated security and the work we’re doing with Active Directory around federation, authorization and authentication, for instance. Federated security enables single sign-on, for example, grants business partners access to applications without forcing them to log on multiple times. It’s also a way to establish that a business partner is who he or she says he is. So the federated security models we’re putting into Active Directory and Active Directory Federation Services (ADFS) will be a brand-new set of capabilities.
Windows Server “Longhorn” will also deliver a unified Web platform that integrates Internet Information Services (IIS), ASP.NET, Windows Communications Platform (formerly known by the code name “Indigo”) and Windows SharePoint Services. IIS 7.0 will enhance the productivity of developers and IT professionals alike by delivering a single, consistent development and administration model for Web solutions. As I mentioned before, we continue to support application services such as transactions, queuing and clustering. And certainly the support of Windows Communications Foundation is our way of supporting the Web services protocol, which means interoperability across Web services.
PressPass: You talked about Microsoft’s solution and strategy for identity and access in your keynote today. Tell us about that.
Muglia:Customers have told us the challenges in dealing with compliance, security, privacy and integrating with business partners in an increasingly connected world are prohibitive. Today, I outlined our strategy for the identity and access technologies currently found in Windows Server, such as Active Directory services, Rights Management Services (RMS), Certificate Services, and the Identity Integration Feature Pack. Our goal over time is to provide even greater integration of these and new technologies in a way that uniquely enables applications that run on Windows Server to inherently meet customers’ challenges.
We will also add a new service to Active Directory, called a Security Token Service (STS), that integrates authentication and authorization in a manner that simplifies access management in a connected system world. The Security Token Service extends the capabilities we are introducing with ADFS to include support for smart clients, “InfoCards,” richer federation and privacy support, and integrated resource discovery and management. For example using the STS, customers will be able to automatically find application resources and operations, and provide granular access control for these operations.
PressPass: How do developers take advantage of these identity and access management capabilities?
Muglia:Today, developers building applications on Windows can already take advantage of the rich set of capabilities such as Active Directory single sign-on, strong credentials using Certificate Services, information protection using the Rights Management Services, and many others through managed code, Win32, and standard protocols. With Windows Server 2003 R2, developers can use the federation services for Web single sign-on and federation for Web-based applications. WinFX, available in the code distributed at the PDC, takes this a step further and removes many of the complexities of building identity and access into applications. For example, when using WinFX, developers don’t need to write complex security code for dealing with identity and access. WinFX handles these complexities for the developer and gives more control to the IT professional when deploying and running the application.
PressPass: When will these technologies be available to developers and customers?
Muglia:The first phase is Windows Server 2003 R2, slated for release by the end of 2005. With R2, we’ll deliver the first version of Active Directory Federation Services (ADFS) to make it easier for developers to build federated Web applications. In the Windows Vista timeframe, we will deliver WinFX and the “InfoCard” user experience. With Windows Server “Longhorn,” we will begin to align the existing technologies around a common architecture, policy, developer model, and management experience. Later in the Windows Server “Longhorn” wave, Microsoft will add new capabilities to Active Directory such as the Security Token Service to simplify identity and access in a service-oriented world.