Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises

donkeyswarmMobile - Wireless

Nov 24, 2013 (3 years and 4 months ago)

89 views









Windows 7
and Windows Server 2008
R2
Networking
Enhancements
for
Enterprises

Microsoft

Windows Family of Operating Systems



Published:
January 2009







Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises

ii


This document supports a preliminary release of a software product that may be changed subst
antially prior to
final commercial release. This document is provided for informational purposes only and Microsoft makes no
warranties, either express or implied, in this document. Information in this document, including URL and other
Internet Web site
references, is subject to change without notice. The entire risk of the use or the results from
the use of this document remains with the user. Unless otherwise noted, the companies, organizations,
products, domain names, e
-
mail addresses, logos, people,

places, and events depicted in examples herein are
fictitious. No association with any real company, organization, product, domain name, e
-
mail address, logo,
person, place, or event is intended or should be inferred. Complying with all applicable copyr
ight laws is the
responsibility of the user. Without limiting the rights under copyright, no part of this document may be
reproduced, stored in or introduced into a retrieval system, or transmitted in any form or by any means
(electronic, mechanical, phot
ocopying, recording, or otherwise), or for any purpose, without the express written
permission of Microsoft Corporation.

Microsoft may have patents, patent applications, trademarks, copyrights, or other intellectual property rights
covering subject matter
in this document. Except as expressly provided in any written license agreement from
Microsoft, the furnishing of this document does not give you any license to these patents, trademarks,
copyrights, or other intellectual property.

©
200
9

Microsoft Corpor
ation. All rights reserved.

Microsoft,

Outlook, Sharepoint,

Windows, Windows Media, Windows Server, and Windows Vista

are
trademarks
of the Microsoft group of companies
.

All other trademarks are property of their respective owners.

Windows 7 and Windows Server 2008 R2 Net
working Enhancements for Enterprises

iii


Contents

Introduction

................................
................................
................................

1

DirectAccess

................................
................................
................................

1

VPN Reconnect

................................
................................
.............................

3

Mobile Broadband

................................
................................
.........................

3

BranchCache

................................
................................
...............................

3

File Sharing and Offline Files Enhancements

................................
....................

5

Transparent Caching

................................
................................
...............

6

Background Synchronization for Offline Files

................................
..............

6

URL
-
based QoS

................................
................................
............................

6

DNS Security Extensions

................................
................................
...............

8

Support for Green IT

................................
................................
....................

9

Wake on Wireless LAN

................................
................................
.............

9

Smart Network Power

................................
................................
.............

9

Summary

................................
................................
................................
....

9



Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises

1


Introduction

In the past few years, advances in mobile computers and w
ireless broadband
have
enabled

users to be more productive while
away from
the

office.
According
to
IDC
i
,
the
third quarter of 2008 marked the point at which computer manufacturers began shipping
more mobile computers than desktop computers worldwide.

In 2
008, mobile workers will
represent
26.8% of the total workforce, and that number will increase to 30.4% by 2011
ii
.
Clearly, users are becoming more mobile, and IT
professionals
must provide an
infrastructure to allow them to remain productive.

Additionally
, more users are working from branch offices or home offices instead of the
central office.
The changing structure of business puts more pressure on
IT

professionals

to provide a
high
-
performance
and secure infrastructure for connecting remote users and
br
anch offices while minimizing costs.

With Windows
®

7


and Windows Server
®

2008 R2
, Microsoft
introduces

several new
networking features to
improve the productivity of
mobile users and users at branch
offices.
This paper describes th
ose features, as well as

other networking improvements in
Windows 7

and Windows Server 2008 R2
.

DirectAccess

DirectAccess provides users transparent access to internal network resources whenever
they are connected to the Internet. Traditionally, users connect to internal network
resources with a
v
irtual
p
rivate
n
etwork (VPN). However, using a
VPN can be
cumbersome

because
:



Connecting to a VPN takes several step
s
, and

the user need
s

to wait for the
authentication.

For organizations that check the health of a computer before
allowi
ng the connection, establishing a VPN can take several minutes.




Any

time user
s

lose their Internet connection, they need to re
-
establish the VPN
connection
.



Internet performance is slowed if all traffic is routed through the VPN
.

Because of these concerns
, many users avoid connecting to a VPN
.
Instead, they use
technologies such as
Microsoft Office
Outlook
®

Web Access (OWA) to connect to internal
resources.
With OWA, users can retrieve internal e
-
mail without establishing a VPN
connection. However, if a us
er tries to open a document on the internal network (often
linked from an e
-
mail), they
are

denied access because internal resources are typically
not accessible from the Internet.

Avoiding VPNs
also
causes problems for IT

professionals, who
can only manag
e mobile
computers when they connect to the internal network. When users avoid establishing
an
internal connection, mobile computers miss critical updates and changes to Group Policy
settings.

Windows 7
and Windows Server 2008 R2
introduce DirectAccess,
w
hich

enables users
to have the same experience working at home or at a wireless hotspot as they would in
the office. With DirectAccess,
authorized
users
on Windows 7 computers
can access
corporate shares
,
view
intranet Web sites, and

work with intranet app
lications without
going through
a
VPN.

2

Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises


DirectAccess also benefits IT
professionals

by
enabling
them
to manage
mobile
computers
outside of the office

anytime, anywhere

even
though

the computers are not
connected to the VPN
.
E
ach time a mobile
computer

con
nect
s

to
the I
nternet
, before the
user logs on
, DirectAccess establish
es

a bi
-
directional

connection

that

enables
the client
computer to stay up

to

date with company policies and to
receive
software updates.

DirectAccess provides a secure and flexible netw
ork infrastructure using technologies
such as IPv6 and IPsec. Security and performance features include:



Authentication
. DirectAccess authenticates the computer

before

t
he

user log
s
on
, allowing IT

professionals

to manage the computer

when the I
nternet
con
nection is established
.
DirectAccess can
also
authenticate user
s

and
supports multifactor authentication
methods
such as a smart card

authentication
.



IPv6
.
DirectAccess uses IPv6

t
o provide globally routable IP addresses for
remote access clients. Organiza
tions that are not yet ready to fully deploy IPv6
can use IPv6 transition technologies
such as
ISATAP, 6to4, and Teredo to
enable clients to connect across the IPv4 Internet and to access IPv4 resources
on the
enterprise

network.

These technologies
provide

IPv6
s
upport for
devices
and s
ervers that do not support IPv6 natively.



Encryption
. DirectAccess uses IPsec to provide
authentication and
encryption
for communications across the Internet.

You can use any IPsec encryption

method
, including DES
,
which uses

a 56
-
bit key
,

and 3DES
,
which uses three
56
-
bit keys
.



Access control
.
With DirectAccess,
IT

professionals

can configure
the

internal

resources
to which
each

user can
connect
,

grant
ing

unlimited access or allow
ing

access

only to

specific servers or network
s.

DirectAccess uses split
-
tunnel routing,
as illustrated in Figure
1
,
which

reduce
s

unnecessary traffic on the corporate network
. Split
-
tunnel routing

send
s

only traffic
destined for
the
enterprise

network through the DirectAccess server.
Although split
-
t
unnel
routing is the default configuration for DirectAccess,
IT
professionals
can disable

the
feature

to send
all
traffic through the
enterprise

network.

Internet
Intranet
DirectAccess
server
DirectAccess
client
Corporate resources
Internet servers
Internal traffic
Internet traffic

Figure
1
: DirectAccess
traffic flow

with split
-
tunnel routing
.

Windows 7 and Windows Server 2008 R2 Net
working Enhancements for Enterprises

3


VPN Reconn
ect

DirectAccess
can replace the VPN as the preferred
remote
access method for many
organizations
.

However,
some
organizations will continue to use VPN
s

side
-
by
-
side with
DirectAccess
. Therefore, Microsoft is improving VPN usability in Windows 7
with
VPN
Reconnect.

VPN Reconnect
uses IKEv2 technology to
provide seamless and consistent VPN
connectivity
,
automatically re
-
establish
ing

a VPN
when
user
s

temporarily lose their
Internet connection
s
. Users who connect
using
wireless

mobile
broadband

will
benefit
m
ost

from this capability
.

For example, consider a user traveling to work on a train
. To make the most out of
her
time,
she
use
s

a
wireless
mobile
broadband
card to connect to the Internet and then
establish
es

a VPN connection to
her company’s
network.
As
the train passes through a
tunnel,
she loses her

Internet connection.
Once o
utside of the tunnel, the
wireless
mobile
broadband
card
automatically
reconnect
s to the Internet
. However,
with earlier versions
of Windows, the VPN
does not

reconnect
, and she
ne
ed
s

to repeat the multi
-
step
process of connecting to the VPN.
T
his can quickly become
time consuming
for mobile
users with intermittent connectivity
.

With VPN Reconnect, Windows 7 automatically re
-
establish
es

active

VPN connection
s

when
Internet connectiv
ity re
-
establishe
s
.
While the
re
-
connection might take several
seconds,
it
is completely transparent

to
users, who
are more likely to stay connected to a
VPN and get more use out of internal network resources.


Mobile
Broadband

E
arlier versions of Windows

require

users of
wireless broadband cards
to install
third
-
party software
, which

is difficult for IT
administators

to manage, especially considering
that every wireless broadband provider has different software.
U
sers

also

must be trained
to use the softw
are

and
must have administrative access to install
it
, preventing standard
users from easily adding a wireless broadband card.

With Mobile
Broadband
, Windows 7 provides a driver
-
based model for wireless
broadband cards
. Now, users can simply connect a wire
less broadband card and
immediately begin using it. The interface is built into Windows and
is the same

regardless
of the wireless broadband provider,
reducing the need for
training and management
efforts. With
Windows 7
Mobile
Broadband
, connecting to the

Internet with wireless
broadband is as
straightforward
as connecting
to a wireless local area
network

(LAN)
.

BranchCache


With
BranchCache

, Windows 7

and Windows Server 2008 R2

reduce wide area
network (WAN) utilization while simultaneously increasing
t
he responsiveness of network
applications at remote offices. When
IT professionals
enable
BranchCache

in Windows 7

and Windows Server 2008 R2
,
data retrieved from Web
and
file servers on the enterprise
wide area network (WAN) is stored on the local branch
office network.
. If another client
at
the same
branch
requests the same
content
, the client can
access
it directly from the
local network, without
fetching
the
entire file

across
the WAN
.

Clients are always
authorized by the server
at the datacenter
before

they can retrieve the content from the
local branch network.

4

Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises


BranchCache

can operate in one of two modes:



Distributed
Cache
. Using a peer
-
to
-
peer architecture, Windows 7 clients cache

content retrieved from Windows Server 2008 R2

and send
the content
dire
ctly to
other Windows 7 clients as they need it, without
those

client
s

having to retrieve
the same content over the WAN link
.
A d
istributed
c
ache

is the best choice for
branches
without

a computer running Windows Server 2008 R2
.



Hosted
C
ache
.
Using a clien
t/server architecture, Windows 7 clients copy
content
to a
local
computer
(Hosted Cache)
running Windows Server 2008 R2
that has
BranchCache

enabled
.
Other client

computer
s
that
need the same
content
retrieve it directly from the
H
osted
C
ache
.
Compared to
the Distributed
Cache,
Hosted Cache

increases the cache availability because content is
available even if the client that originally requested the data is offline.
Additionally, a Hosted Cache works across subnets and reduces multicast traffic
on the local

network. Typically, administrators can configure an existing computer
running Windows Server 2008 R2 to act as the Hosted Cache, because the
Hosted Cache does not require a dedicated server.

Distributed Cache
Hosted Cache
Headquarters
Branch office
Branch office

Figure
2
:
Comparison of
BranchCache

D
istributed
C
ache and
H
osted
C
ache
modes.

BranchCache

currently
supports

the following protocols

and is fully compatible with end
-
to
-
end encryption such as IPsec
:



HTTP

(including HTTPS)
. The standard protocol for Web transfers
, used by
applications such a
s Internet Explorer
®
,
Windows Media
®
, and
Windows
SharePoint
®
.



SMB

(including
s
igned SMB)
.

T
he standard protocol for network file transfers

when connecting to shared folders from Windows Explorer.

Windows 7 and Windows Server 2008 R2 Net
working Enhancements for Enterprises

5


When
BranchCache

is enabled on both the client
computer
and

server

computer
, the
client
computer
follows this process

to retrieve data using HTTP or SMB
:

1.

The
client computer running
Windows 7 connects to
a computer running
Windows
Server 2008 R2
at the datacenter
and requests
content

exactly as it
would if it were

to retrieve
content

without using
BranchCache
.

2.

The server

computer
at the datacenter

authenticates the user and verifies that
the user is authorized to access the data.

3.

The server
computer
at the datacenter returns identifiers (hashes) of the
requested c
ontent to the client

computer

instead of sending
the content itself.
The server
computer
does so over the same channel that the
content
would have
normally been sent
.

4.

Using the

retrieved identifiers
, the client

computer

does the following
:

a.

If configured to

use
D
istributed
C
ache
,
t
he client

computer

multicasts on
the local network to find other client

computer
s that have already
downloaded the content.

b.

If configured to use
H
osted
C
ache
,
the client

computer

looks up content
availability on the
Hosted Cache
.


5.

If the content is available in the branch (either on one or more clients or the
Hosted Cache
),
the client computer
retrieves
the data from within the branch,
and ensures that the data is
current and has
not
been
tampered

with or
corrupted
.

6.

If the content
is not available in the branch,
the client computer
retrieves the
content directly from the server

computer
at the datacenter

and
either
makes
it

available on
the local network
to other requesting client

computer
s or
sends it to
the
Hosted Cache
, where it
is made available to other client computers
.

All content
transfers
between client

computer
s or between a client

computer

and
the
Hosted Cache

are
encrypted.

File Sharing
and
Offline Files
Enhancements

IT
professionals

can take advantage of the Windows 7
file sharing

enhancements to
further improve user productivity in
b
ranch
o
ffices.

Windows 7 provides:



Transparent
c
aching on client

computers

for share
d folders
, reducing the time
required to access files
for the second and subsequent times

across
a

slow
n
etwork
. This is combined with p
rotocol enhancements
that e
liminat
e

multiple,
redundant network operations when opening or saving files

to
provide an
i
mproved
application

experience
across
slow networks
.



Background

synchronization capabilities for
o
ffline
f
iles
,
reducing

administrative
overhead and

enhancing

end
-
user

experience
.


6

Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises


Transparent Caching

Before Windows 7, to open a file
across
a slow network, client

computer
s
always retrived
the file from the server

computer
, even if the
client

computer

had recen
tly read the
file.
With
Windows 7
t
ransparent
c
aching
,

client

computer
s cache
remote
files more
aggressively, reducing the number of times a client

computer

might have to retrieve the
same data from a server

computer
.

The first time a user opens a file in
a shared folder,
Windows 7
reads
the file
from the server

computer

and then
stores it in
a
cache

on the
local
disk
. The second and subsequent times a user reads the same file, Windows 7
retrieves it from
disk

instead of
reading

it
from the server

computer
.


To provide data integrity, Windows 7 always contacts the server
computer
to ensure the
cached copy is up
-
to
-
date
. T
he cache is never accessed if the server

computer

is
unavailable, and
updates to the file are always written
directly to the server

compute
r
.
Transparent
c
aching is not enabled by default on fast networks. IT Professionals can use
Group Policy to enable
transparent
caching
, t
o improve the efficiency of the cache
,

and
to
save disk space on the client, configur
ing

the amount of disk space
the c
ache
use
s

and
prevent
ing

specific file types from being synchronized.

These benefits are transparent to end
-
users and provide an experience for users at
branch offices that more closely resembles the experience of being on the same LAN as
servers. Addition
ally, the improved cache efficiency can reduce utilization across WAN
links.

Background Synchronization for Offline Files

With Windows Vista,

user

updates
to files
are written to the server

computer

when the
user is online
.

If the user is offline, t
he
file

updates are cached on
the client computer’s

dis
k

and synchronized
with the server
the next time the user is online
.
In Windows 7,
synchronization can happen automatically and in the background, without requiring the
user to
choose between online and offli
ne modes.

File synchronization is
transparent to
the end user,
centrally configurable using Group Policy settings
,

and can be monitored
and controlled from Sync Center. This provides reliable and transparent shared folder
synchronization, giving users acc
ess to files on shared folders even when they are
disconnected from the network.

Users need not worry about manually synchronizing their
data over slow networks, and
IT professionals
are
assured that

data

from client
computers is

backed up on the servers.

By making synchronization more powerful and transparent,
F
older
R
edirection
,
a feature
that allows user folders such

as

Documents

to be
re
-
directed to

a server

computer,
becomes much more useful. IT
professionals

can use Group Policy settings to enable
bot
h
F
older
R
edirection and synchronization
.
Windows 7 redirect
s

user folders to the
network location and automatically synchronize
s

files
between the
version on the
client
computer
and the version on the server
. When the user disconnect
s

from the network,
Wi
ndows 7 open
s

the local copies of the files exactly as if the user were connected to the
network
, and c
hanges synchronize the next time the user connects.
T
his provides
automatic network backup of user data without impacting the user
. Windows 7 adds the
“u
sually offline” mode, which provides similar capabilities when connected to a server
across a slow network.

URL
-
based QoS

Adding more bandwidth cannot solve every network performance issue. Any network
connection, when fully utilized, will cause communicat
ions to slow down
while
the router
is forced to queue outgoing traffic. This often happens with an Internet
or WAN
Windows 7 and Windows Server 2008 R2 Net
working Enhancements for Enterprises

7


connection because traffic from multiple clients on a high
-
speed LAN must share a lower
-
speed connection
.

For example, if
an organization

ha
s

a 1000 Mbps LAN and a 10 Mbps Internet
connection, computers can send requests across the LAN to the
router
much faster than
the
router can forward the requests to the Internet. In this scenario, the router has to hold
the outgoing requests in a queue an
d send each request
when
more bandwidth is
available.

By default, routers send outgoing traffic from the queue in a first
-
in, first
-
out
bas
is. Therefore, critical traffic might be waiting in the queue behind less critical traffic.

Figure
3
shows two client
s sending traffic to two websites: www.contoso.com (a critical
internal website) and www.southridgevideo.com (a non
-
critical personal website).
As the
figure
demonstrates
, the router treats the packets exactly the same, and packets
destined for www.southri
dgevideo.com might be sent after packets

destined for
www.contoso.com.

Router
http
://
www
.
contoso
.
com
http
://
www
.
southridgevideo
.
com
Internet
Figure
3
:
Without QoS, low
-
priority traffic can be sent before high
-
priority traffic
.

When
IT professionals
configure
Quality of Service (QoS)
, Windows

mark
s outgoing
packets with a
Differentiated Services Code Point

(DSCP) number. Routers then
examine the DSCP value to determine the packet’s priority. If a network connection is
fully utilized and the router is holding packets in a queue, higher
-
priority pack
ets are sent
before lower
-
priority packets
, overriding the default first
-
in, first
-
out behavior
. Therefore,
QoS can
maintain the responsiveness of
critical network applications even when
the

network is busy.

With earlier versions of Windows,

IT
professiona
ls
could specify

applications,
IP
addresses
,

and port numbers to determine
QoS
priorities. With this level of granularity, IT

professionals

could prioritize database traffic over Web and e
-
mail traffic

a useful
capability. They could also prioritize
traffi
c to a critical server over traffic to a less
-
critical
server.


However,
with the growth of W
eb services and application server consolidation,
IT
professionals
need finer control over how Windows prioritizes
W
eb traffic.
For example, a
single intranet serv
er might host a critical customer service application and a non
-
critical
discussion forum on the same server. Web services or applications on a
single

server
share a common
IP address,
limiting the value of
IP
-
based prioritization
.
IT
professionals
need
to be able to assign different priorities to different
Web
applications
and sites
on a
single

server.

Windows 7 allows
IT
professionals
to prioritize Web traffic based on the URL. With URL
-
based QoS,
IT
professionals
can
ensure important Web traffic is p
rocessed before less
-
important traffic, improving performance on busy networks.
For example,
IT professionals
can assign Web traffic for
critical
internal

Web
sites
a higher priority than
external
Web
sites
, maximizing performance when
the

network is busy.

Similarly, if users visit non
-
8

Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises


work
-
related
Web
sites
that consume a large portion of
the network’s
bandwidth,
IT
professionals
can assign that traffic a low priority so other traffic isn’t impacted.

With URL
-
based QoS,
IT
professionals
can also configure

the

path portion of a URL,
known as the Uniform Resource Identifier (URI). For example,
IT professionals
could
assign
http://contoso.com/cust_serv/

a high priority and
http://contoso.com/forum
/

a low
priority.
IT
professionals

can configure
QoS using Grou
p Policy settings.

Router
High priority
:
http
://*.
contoso
.
com
Low priority
:
http
://*.
southridgevideo
.
com
Internet
Figure
4
: URL
-
based QoS allows IT
professionals

to prioritize Web traffic

DNS Security Extensions

DNS client
s

running

Windows 7
or Windows Server 2008 R2
and
DNS servers running
Windows Server 2008 R2

support

DNS Security Extensions (DNSSEC)
to validate the
integrity of DNS records
as per Request For Comments (RFCs) 4033, 4034 and 4035. By
validating that a DNS record was generated by the authoritative DNS server and that the
DNS record has not been modified,
computers running
Windows 7 and Windows Server
2008 R2 can validate the integrity of DNS responses.

With DNS
SEC
, authoritative
DNS servers running
Windows Server 2008 R2 that support
DNSSEC will cryptographically sign a DNS zone to generate digital signatu
res for all the
resource records in the zone. Other DNS servers can use a trust anchor to verify that a
DNS record was signed by the authoritative DNS server and that it has not been
modified.

While DNS servers perform the validation of DNS records,
DNS c
lients running
Windows
7

are

DNSSEC
-
aware.
A DNS
client

running Windows 7

relies on its local DNS server
for DNSSEC validation and can check whether validation has been successfully
performed on the responses before returning the results of the query to a
n application.

Figure 5 illustrates how IPsec and DNSSEC can provide an end
-
to
-
end DNSSEC solution
to validate a DNS request that must traverse multiple levels of DNS servers. For
example, the client computer could be located at a branch office and config
ured to use
IPsec to connect to a local, non
-
authoritative
DNS server running
Windows Server 2008
R2. The local DNS server can forward requests to the domain’s authoritative DNS server,
use DNSSEC to verify the integrity of internal DNS records (even if th
ere are multiple
interim DNS servers), and inform the client that DNSSEC was used to validate the
records.

Windows 7 and Windows Server 2008 R2 Net
working Enhancements for Enterprises

9



Client
Caching
DNS server
Authoritative
DNS server
Authenticated
/
encrypted
IPsec
Validated
DNSSEC

Figure
5
:
DNSSEC can prevent man
-
in
-
the
-
middle attacks
.

Support for Green

IT

Windows 7 offers Wake on Wireless LAN (WO
WL) and
Smart Network P
ower f
eature
s

to

reduce

power consumption.

Wake on Wireless LAN

Users

can save energy by putting computers into
s
leep mode when they’re not in use.

With earlier versions of Windows,
users and
IT professionals
could use Wake on LAN
(
WO
L) to wake the computer so that it could be managed across the network.

However,
WOL only works when computers are connected to wired networks. Wireless computers
in
s
leep mode cannot be started or managed across the network, allowing them to fall
behind

on configuration changes, software updates, and other management tasks.

Windows 7

adds support for Wake on Wireless LAN (
Wo
WL
AN
).
With
Wo
WL
AN
,
Windows 7 can reduce electricity consumption by enabling users
and
IT professionals

to
remotely wake computers c
onnected to wireless networks from
s
leep mode. Because
users can wake computers to access them across the network, IT
professionals

can
configure
them

to enter the low
-
power
s
leep mode when not in use.

Smart Network Power

Wired network connections use powe
r when they’re enabled, even if a network cable isn’t
connected.
Windows 7
offer
s

the ability to

automatically turn

off power to the network
adapter when the cable is disconnected.
When the user connects a cable, power is
automatically restored.
This featu
re
offer
s

the power
-
saving benefits of disabling a wired
network connection while still allowing users to connect
easily
to wired networks.

Summary

Windows 7
and Windows Server 2008 R2
offer the following features to
help remote
users feel like they’re wo
rking in the office by keeping them connected and making the
most out of intermitte
nt

and low
-
bandwidth links
:



DirectAccess, VPN Reconnect, and Mobile
Broadband
make getting connected
and staying connected easy or completely automatic.



BranchCache

and fil
e sharing enhancements make the most out of low
-
bandwidth connections.

10

Windows 7 and Windows Server 2008 R2 Networking Enhancements for Enterprises



By providing a secure and flexible infrastructure
, Windows 7 and Windows Server 2008
R2 provide IT
professionals
with the following benefits
:



DirectAccess and VPN Reconnect increase
the time mobile
users
are connected
to the internal network, improving manageability.



DNSSEC allows client

computer
s to authenticate DNS servers,
and DNS servers
to authenticate each other,
reducing the risk of man
-
in
-
the
-
middle attacks.



Mobile
Broadband

simplifies configuration of wireless broadband adapters.

Finally, these benefits reduce costs for IT
professionals
:



BranchCache
, URL
-
based QoS, and file sharing enhancements optimize
bandwidth utilization.



S
upport for
g
reen

IT allows users to
save power

while still enabling
administrators to manage computers across the network.

In summary, the networking improvements in Windows 7 and Windows Server 2008 R2
improve user productivity and decrease management costs
,
adding significant value to
Microsoft’s ne
west client and server operating system
s
.




i

IDC Worldwide Quarterly PC Tracker, December 2008.


ii

IDC, "Worldwide Mobile Worker Population 2007

2011 Foreca
st," Doc #209813, Dec 2007
.