Features Exclusive to Windows 8 Enterprise
In addition to the Windows Pro‑based business features that were discussed in this chapter, Microsoft is also providing a unique set of features for users of the Windows 8 Enterprise edition. This high‑end Windows 8 product edition is available only to corporate customers that subscribe to Microsoft’s Software Assurance volume licensing program. So while it doesn’t make sense to spend too much time describing each feature, we can at least provide a rundown of what most of us are missing.
Unique features in Windows 8 Enterprise include the following:
• Windows To Go: This feature lets you deploy a new, fully manageable Windows 8 environment on a bootable external USB flash drive, enabling the “Bring Your Own PC” (BYOPC) usage scenario. Employees can use Windows To Go on any company PC as well as from their home PC, securely accessing corporate resources on an encrypted device that would be useless in the hands of others. Windows To Go is a feature we hope to see ported to other Windows editions in the future, and it would be a huge boon to lab environments of all kinds, including those used by educational institutions.
• DirectAccess: This is a more modern take on VPN functionality, letting remote users seamlessly access corporate network resources without dealing with the hassles common to VPN solutions. DirectAccess is based on the proven HTTPS (secure HTTP) tunneling technology Microsoft first used with Exchange Server. There’s no VPN configuring, connecting, and reconnecting. In fact, there’s no VPN at all. Instead, DirectAccess‑enabled PCs are simply always connected, securely, to the corporate network. As long as you have an Internet connection, you’re in. And for the end user, there’s nothing to see or configure. You’re simply connected. And on the administrative side, IT pros and admins can configure which corporate resources are available to which users, and they can direct Internet‑based network traffic as they see fit.
• BranchCache: Aimed at distributed corporations, BranchCache lets servers and users’ PCs in branch offices cache files, websites, and other content that is sent from a central office over the WAN, so that it is not repeatedly downloaded at great cost by different users in the same location. With more and more corporate mergers and acquisitions, and larger companies maintaining separate physical offices in different locales, this is a real need.
• AppLocker: Introduced with Windows 7 as a replacement for Software Restriction Policies (SRP), AppLocker is more flexible and malleable but offers the same basic functionality: It uses Group Policy‑based rules to determine which applications users can and cannot access. But it goes deeper than SRP by introducing the concept of publisher rules, where admins can specify which application versions are allowed or disallowed. For example, suppose there’s a known vulnerability in an out‑of‑date version of Adobe Reader, the popular PDF viewer utility. With AppLocker, you could specify that users are allowed to install and use Adobe Reader 10.01 (or whatever) or newer, only. Problem solved: Users retain the ability to view PDFs and you, the administrator, don’t need to worry that they’re doing so with obsolete and potentially dangerous versions of the software.
• VDI enhancements: With updates to RemoteFX and Windows Server 2012, users can access virtualized instances of Windows 8 Enterprise from the data center and receive rich desktop experiences via thin clients, including, interestingly, Windows RT‑based tablets. (See the following section for more information about Windows RT in the enterprise.)
• Windows 8 (Metro‑style) app deployment: Domain‑joined PCs and tablets running Windows 8 Enterprise will automatically be enabled to “side‑load” internal, Windows 8 Metro‑style apps, bypassing the Windows Store.
Дата добавления: 2015-05-13; просмотров: 897;