Windows Server 2008 includes a new implementation (a complete redesign) of the original TCP/IP protocol stack called the Next Generation TCP/IP stack. This new framework is a total rewrite of TCP/IP functionality for both IPv4 and IPv6. It’s designed to better meet connectivity and performance needs in various networking environments using various networking technologies.

For the benefit of those stuck in a cave in Patagonia since the early 1980s, TCP/IP is the de facto standard network protocol stack for most server and workstation computers you’ll encounter, but it’s by no means the only one. It expands to Transmission Control Protocol/Internet Protocol and serves as the foundation for network traffic shuttled across the Internet. It’s become a nearly universal means for networked communications of all kinds.

The core network stack framework is improved and enhanced to increase existing functionality, complement it with supplementary performance enhancing functionality, and further expand that framework through additional features and components. The following are material that’s both directly and indirectly related to advances in the Next Generation TCP/IP network protocol stack in Windows Server 2008.


Receive window auto-tuning
In TCP, a receive window size defines the amount of data that a TCP...

A huge number of things are happening at any one time on a server: Users are logging in and accessing files, drives are spinning away, and processors are trying to make sense of it all. Each of these instances is considered an event. Being able to monitor these events and use them to interpret the health of your servers is an important aspect of administering a Windows Server 2008 network.

As its name suggests, the Event Viewer is used to view events. Although it is more of a passive tool (it doesn't supply you with the real-time data that you see in the Performance Monitor), it does give you access to a great deal of information.

You can view the events related to a particular role by selecting that role node in the Server Manager. For example, you can view the events related to file services on a file server by clicking the File Services node in the Server Manager node tree.

Although the Server Manager provides quick access to events related to a role, let's take a closer look at the Event Viewer, which can be opened as a separate snap-in. The Event Viewer accumulates events...

The Reliability and Performance Monitor snap-in enables you to monitor server performance in real time. You can monitor hardware and application performance and create threshold alerts and performance reports. In terms of defining performance and reliability, performance describes how quickly the server completes the tasks it must accomplish. Reliability, on the other hand, is more a measure of how often the server performs exactly as you would expect in relation to its configuration.

The Reliability and Performance Monitor snap-in also provides access to the Performance Monitor, which was available in Windows Server 2003, and the new Reliability Monitor. The Performance Monitor enables you to add counters to quickly view real-time hardware information such as the percent processor time and also view information related to system services such as HTTP (on a web server).

The Reliability Monitor provides a System Stability chart that can be used to quickly view specific information about hardware, application, and Windows failures. You can click on a chart date, which runs along the x-axis of the chart and then view various system stability reports related to alerts and failures. The Reliability Monitor, which, in effect, provides some of the same type of information that...

Using GP, you can assign scripts to entire domains, organizational units, sites, and groups instead of repeatedly entering the same login script into multiple users' profiles. You can launch four types of scripts using a GPO: logon and logoff scripts, which apply to users, and startup and shutdown scripts, which apply to computers. Startup scripts are executed before logon scripts, and logoff scripts are executed before shutdown scripts.

You can write scripts in any number of languages. Windows Server 2008 is prepared to accept Jscript (.JS) and Visual Basic Scripting Edition (.VBS) files in addition to batch (.BAT), compiled command scripts (.COM), and application executables (.EXE). Scripts to be run through GP are stored on domain controllers in %SystemRoot%\SYSVOL\yourdomain.com\Policies\scripts, with yourdomain.com replaced with your fully qualified domain name.

You can assign startup and shutdown scripts in GP using the following procedure:

1. In the Group Policy Object Editor, navigate in the lefthand pane through Computer Configuration, Policies, Windows Settings, and Scripts (Startup/Shutdown).

2. In

...

Software Restriction Policies allow you to control the execution of certain programs. It's an excellent feature to use on terminal servers or machines serving as a public kiosk, so users are locked into one specific function and can't mess with administrative tools or Internet applications and utilities.

Windows can identify software to either restrict or allow in several different ways. For one, it can use hash rules, which are made by identifying characteristics of files and executables that come with a program and generating an algorithmic hash from them. Hashes are great for identifying specific versions of programs because the hash value would change when different files are used to compute the hash (which is a near certainty with newer version of a program). Certificate rules can identify software via a digital signature, which is a useful method to secure authorized scripts. Windows also can identify software via its path and the Internet zone (inside Internet Explorer) from which a particular piece of software is downloaded. Finally, Windows can create a rule that catches any software not explicitly identified either in a list or by any other

...

You can use the folder redirection functionality of GP to change the target location of many folders within a particular user's Windows interface. For example, you can specify custom locations for the Application Data, Desktop, Documents (including the Pictures, Music, and Videos subfolders), Favorites, Contacts, Downloads, Links, Searches, Saved Games, and Start Menu folders. Using folder redirection circumvents the nasty problem of roaming profiles: severe network traffic hikes caused by copying large My Documents and Desktop folders to workstations around the network when users log on. You also can back up the share where the folders are redirected using a normal network backup procedure, automatically protecting the contents.

To access the folder redirection functionality, launch the Group Policy Object Editor for a particular GPO and navigate through User Configuration, Policies, Windows Settings, and Folder Redirection. In the righthand pane, you'll see the folders you can redirect. Right-click each folder to bring up the Properties window.

On the Target tab, you can choose the type of redirection for this policy. For this example, choose the basic method, which simply redirects all users' folders to

...