pasUNITY has completed our Windows Server 2016, System Center 2016, and Exchange 2016 rollout of core infrastructure.  The rollout brings enhanced security, management, productivity, and enables a bevy of new features in our hosting environment.

Windows Server 2016

Our core infrastructure (Active Directory, mail, monitoring, and management) is now running on Windows Server 2016.  We have also updated our forest and domain functional levels to Windows Server 2016 and this brings some exciting new features.  First among them is group membership expiration.  This allows for the temporary assignment of users to groups that expire automatically.  This is handy when clients need to allow auditors and consultants into their managed resources for a limited time.  Now you do not need to worry about revoking that access or maintaining checklists for removal – it all happens automatically.  Combined with account expiration dates this enables a wide range of possibilities for our customers.  Our DNS servers now have Policies, which are essentially conditional rules that can direct end-users to resources based on factors such as client IP or even time of day, which makes maintenance windows less impactful.  Security improvements include an enhanced Windows Defender and anti-malware technology in new places – such as PowerShell scripting.

System Center 2016

Our entire System Center suite infrastructure underwent upgrade and we are now running Data Protection Manager 2016 (SCDPM), Virtual Machine Manager 2016 (SCVMM), Operations Manager 2016 (SCOM), and Configuration Manager 2016 (SCCM) all with the latest cumulative updates and all running on Windows Server 2016.
SCDPM includes a bunch of new features.  Chief among them is modern backup storage support for the Resilient File System (ReFS) which greatly improves backup and recovery time.  Another important feature is the ability to deploy and upgrade agent software without needing reboots – again saving time and making the maintenance window smaller. 
SCOM brings stability updates and support for Windows Server 2016.  It also automatically detects and recommends management packs to our IT staff ensuring faster adoption of new monitoring features.
SCVMM now allows for rolling upgrades of our failover clustered Hyper-V virtualization infrastructure.  Previously, this was a manual operation.  Now that we automate, the cluster upgrades look for even further diminished maintenance windows.  The SCDPM infrastructure upgrade allows us to deploy more Generation 2 Virtual Machines that feature a faster, more secure boot process and make use of a virtualized SCSI disk system (rather than the legacy IDE) which allows for dynamic add/remove/resizing of drives/memory/network components while the hosted virtual machines are running.  Again, less downtime for the solution.
SCCM is a key component in managing our Windows Server 2016 infrastructure and we would not have upgraded without it.  It includes an updates Endpoint Protection client for our legacy servers and integrates with Windows Server 2016 in a surprising and welcome way.  For Windows Server 2016 there is no actual Endpoint Protection client any more.  We now rely on built-in Windows Defender product, which SCCM takes over and manages.  This means less reboots due to patching and a higher-performing antivirus and antimalware engine with the same tightly controlled, centrally managed method of management we are accustomed.

Exchange Server 2016

We have completely overhauled our Exchange infrastructure with this release.  For starters, we now run Exchange on Generation 2 Windows Server 2016 virtual machines and use the Resilient File System (ReFS) for volumes that contain exchange mailbox stores.  ReFS, intended for volumes with large files and quantities of data like you find in an Exchange infrastructure, enables faster disaster recovery operations with SCDPM.  With this release of Exchange, we have introduced Modern Public Folders into our infrastructure.  Unlike Public Folders of the past, which presented a great number of performance, manageability, and architectural problems – the Modern Public Folders are easy to manage, perform better, and are highly available.  Modern Public Folders are collocated in the same mailbox databases and database availability groups used by normal user mailboxes.  Finally, we now have MAPI over HTTP, which enables a slew of client capabilities such as device hibernation, changing networks, faster reconnection, and are standards based in that they rely on traditional HTTP instead of RPC.

More to Come

We are constantly implementing new technology to provide a better and more secure experience for our customers.  In the coming months we will be updating our virtualization infrastructure to Windows Server 2016 and Hyper-V 2016 and introducing new product such as SQL Server 2016 into our data infrastructure.