INF403 - Windows Server Code Named "Longhorn" Terminal Services: Introduction

Alex BalcanquallProduct Manager

Agenda

• Why use Terminal Services

• What’s new in Longhorn Terminal Services

• TS Remote Programs

• TS Gateway

• TS Web Access

• The importance of x64 bit

• SoftGrid and Terminal Services ?

Advantages of Anywhere Application AccessAdvantages of Anywhere Application Access

Mobile WorkerMobile WorkerIn AirportIn Airport

Branch OfficeBranch Office

Home OfficeHome Office

Central LocationCentral Location

Terminal Services in Windows Server “Longhorn”

• Design Goals

• Improve basic out-of-box solution

• Provide improved platform for customers and partners

• Tighter integration with client OS to provide seamless experience

• Leverage and integrate with Microsoft management technology

• Solution Features

• TS Remote Programs (demo)

• TS Gateway (demo)

• TS Web Access (demo)

• Single Sign-on for managed clients

• Improved experience, security and manageability

Terminal Services Remote Programs

Alex Balcanquall

Product Manager

Security Product Management

TS Remote Programs Deployment Best Practices

• Put common application on same server

• Office Family

• Consider putting individual applications on separate servers when:

• Application has compatibility issues

• A single application and associated users may fill server capacity

• Create load-balanced ‘farm’ for single applications that exceed 1 server

TS Web Access

Alex Balcanquall

Product Manager

Security Product Management

TS Web Access Deployment Best Practices

• TS Web Access default is good for single server deployments

• Use Active Directory mode for multi-server deployments when customers are experienced in AD based software deployment

• When customer has no AD MSI experience use custom ASP scripting solutions or 3rd party solutions

Terminal Services GatewayRemote Access to internal applications resources

DMZDMZ

HTTPS / 443

InternetInternet Corp LANCorp LAN

Terminal Server

HotelEx

tern

al F

irew

all

Inte

rnal

Fire

wal

l

Home

Business Partner/Client Site

Other RDPHosts

TerminalServer

Internet

Terminal Services Gateway Server

Tunnels RDP Tunnels RDP over over

RPC/HTTPSRPC/HTTPS

Passes Passes RDP/SSL RDP/SSL

traffic to TStraffic to TS

Strips off Strips off RPC/HTTPSRPC/HTTPS

Network Policy Server

Active Directory DC

Terminal Services Gateway

Alex Balcanquall

Product Manager

Security Product Management

TS Gateway Best Practices• Use root-signed SSL certificate

• Don’t rely on TS Gateway to block devices

• Use a dedicated TS Gateway Server

• Consider placing behind ISA

• Use SSL terminator in DMZ and put TS Gateway in main network

• When should TS Gateway be used in place of VPN?

• When no local copy of data is required

• \When bandwidth or application data size makes VPN experiences suck

What else is new in LH TS?

Preparing for Windows Server “Longhorn” Terminal Services• Understand you applications and current scalability

limitations

• Re-evaluate hardware purchasing choices

• 4 to 8 cores are compelling price / performance for TS

• Ensure hardware has potential for memory and CPU upgrades you might need

• Can use 32-bit Windows until moving to x64 is possible

• Start deprecating 16-bit applications

• Test application compatibility on Beta 2 release

Citrix and Microsoft

• Citrix is a 2 time Gold Certified ISV Partner ( 2003 & 2005)

• Winner of Office Systems Desktop Deployment Technology of the Year (2006)

• Citrix Presentation Server

• Value-Add to TS & Microsoft

• Extends TS functionality

• Citrix MoM pack available

• Signed 5 year Joint Technology Agreement in 2004

• “Constellation Technologies” will add new value in the Windows Server “Longhorn” timeframe

Citrix Presentation Server on Longhorn Server

• End user acceptance through high performance systems with proactive performance alerting

• Preferential responsiveness for important users

• Secure systems with automatic failure avoidance

• Simpler system provisioning and control for quick time to market

Providing Service Level Assurance through autonomic, reconfigurable and high

performance system built for Longhorn

Connectivity

Access Policies Integration with Citrix Access

Gateway (Advanced Access Control option)

System Monitoring and Reporting Advanced Print Management

Enhanced Management Experience

Extended Shadowing Support Application Availability Control

Automatic Client Updates Unified Licensing

Simplified Application Installation Integration with Network

Management Consoles More….

Citrix Presentation Server 4.0Value-Add to Windows Server 2003

Scalability

End-User Experience

ManageabilityApplication Support

Application Isolation Environment

Virtual IP Address Support Support for local TWAIN

devices Support for ActiveSync\

more……

Security

SpeedScreenTM 3 Application Publishing

Content Publishing Content Redirection

Seamless Windows Desktop Integration SmoothRoamingTM

Simplified Printing Built-in Group Conferencing Pass-through authentication

Integration with Citrix Password Manager (single

sign-on) More……

Enterprise Load Balancing CPU Utilization Management Virtual Memory Optimization

Multiple Farm Support Supported and tested on 1000+

server farms More……

Two-Factor Authentication Support

Enhanced SmartCard Support Secure Gateway Access Policies

Integration with Citrix Access Gateway (SSL VPN)

More…..

Web Interface for Remote Access

Universal Device Access DOS and Windows

Windows CE / PocketPC Macintosh

Java IBM OS/2 Warp

EPOC / Symbian OS UNIX platforms

Support for Unix Applications Support for Direct Dial-Up Extended Network Support

More…

Benefits of x64 Architecture• Can act like an x86 processor when an x64 system is booted into a 32-bit

operating system and as such runs all 32-bit versions of Windows commercially available today

• Runs 32-bit software without being recompiled

• Runs 32-bit apps at high performance

• 4 GB User VA for Large Memory Aware Processes

• Eases Migration to 64-bit infrastructure

• X64 ideal for current deployments that are kernel VA limited

• x64 provides opportunities to increase user density with new multi-core processors

Features Not Supported in x64

Why is x64 so Important for TS?• Up to 4x improvement in on

comparable hardware

• Expected sweet spot for TS moves to 4 cores or more

• If driver compatibility is an issue consolidate onto Windows Server 2003 x86 SP1 with 2 to 4 cores

• x64 needs more resources for same workload set

• Performance is entirely dependent on scenario

• Whitepaper @ http://www.microsoft.com/ts

Knowledge WorkerKnowledge Worker

X86 & x64 TS User Capacity ScalingX86 & x64 TS User Capacity Scaling

2003 x64

4cores

2003 x64

8 coresWindows Server 2000 32 Bit Baseline

2003 x86

4 cores

2000 x86

4 cores

~ x2

~ x4

~ x6

Based on Initial Internal Testing

x86 & x64 Performance Tip:x86 & x64 Performance Tip: Registry Setting to Reduce Microsoft® Outlook® 2003 Periodic Registry Setting to Reduce Microsoft® Outlook® 2003 Periodic Polling:Polling:HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\RPCHKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Outlook\RPC [dword] ConnManagerPoll = 0x600[dword] ConnManagerPoll = 0x600

SoftGrid for Terminal Services• Benefits

• Improve application compatibility

• Reduce application regression testing

• Eliminate silos – enable server consolidation

• Uses same infrastructure as SoftGrid for desktops.

• Requirements

• SoftGrid CAL for TS for every user / device connect to TS managed with SoftGrid

• Not part of Microsoft Desktop Optimization Pack.

• Availability

• Currently available from SoftGrid channel

• Available in MS channels from 01/01/07

Applications are Applications are virtualized per instance:virtualized per instance:

Files (incl System Files)Files (incl System Files)RegistryRegistryFontsFonts.ini.iniCOM/DCOM objectsCOM/DCOM objectsServicesServicesName SpacesName SpacesSemafores, MutexesSemafores, Mutexes

Applications do not get Applications do not get installed or alter the installed or alter the operating systemoperating system

Yet Yet tasks process locallytasks process locally on the terminal server.on the terminal server.

Microsoft SoftGridApplication Virtualization

Terminal Services Partners

http://www.microsoft.com/windowsserver2003/partners/termsrvs.mspx

Summary• Centralized application access using TS is about more than just

remote access

• New Longhorn TS features enable new native TS scenarios

• TS Remote Programs and TS Gateway provide a complete solution for low complexity scenarios

• Expect 3rd party value to still be required for many scenarios in Windows Server “Longhorn” and beyond

• Consolidation using x64 on Windows Server 2003 gives significant current benefit

• Terminal Services is a Rich Client Technology

• Terminal Services can reduce application deployment and management overhead

• TS isn’t just about WAN links

ResourcesIT Forum:TS Longhorn Q&A – INFCT08, Room 130, 10:45am TodayTS Longhorn HOL - INFHOL04LH TS Information and Webcast :http://www.microsoft.com/windowsserver/longhorn/terminal-services/default.mspx

TechNet online TS LAB: http://go.microsoft.com/?linkid=5496773

TS Blog: http://blogs.msdn.com/ts

TS Main Page: http://ww.microsoft.com/ts

TS LH Web Forum: http://forums.microsoft.com/TechNet/ShowForum.aspx?ForumID=580&SiteID=17

TS x64 Scalability Whitepaper: http://www.microsoft.com/downloads/details.aspx?familyid=9B1A8518-D693-4BBB-9AF8-B91BBC0D2D55&displaylang=en Application Compatibility Toolkit:http://www.microsoft.com/technet/prodtechnol/windows/appcompatibility/default.mspx

©© 2006 Microsoft Corporation. All rights reserved.2006 Microsoft Corporation. All rights reserved.This presentation is for informational purposes only.This presentation is for informational purposes only.

MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS MICROSOFT MAKES NO WARRANTIES, EXPRESS OR IMPLIED, IN THIS SUMMARY.SUMMARY.