The first of the two of the most relevant changes in Windows Server 2022 compared to the previous edition, Windows Server 2019, are the addition of containers. Windows Server Container and Hyper-V containers have been introduced to the operating system environment. The second prominent change is the addition of Nano Server, which is a minimal footprint deployment option which can be installed either on a physical host or on a VM.
Ideal for HPC, Big Data & Analytics. 3x PCI-E 4.0 x16 expansion slots. Redundant power supply. 90 3.5"/2.5" Hot-swap SAS3/SATA3 drives, 2x Fixed slim SATA SSD, 2x NVMe M.2.
Security - The latest security features integrated into Windows Server 2022 consolidate various security capabilities from different aspects of the operating system. This comprehensive, multi-layered security approach delivers robust protection against advanced threats, meeting the stringent security requirements of modern servers.
Secured-core server - OEM partner-certified Secured-core server hardware offers enhanced security safeguards against sophisticated attacks. This certified hardware provides heightened assurance for handling mission-critical data, especially in highly sensitive industries. Secured-core servers leverage hardware, firmware, and driver capabilities to enable advanced security features specific to Windows Server. Many of these features, previously available in Windows Secured-core PCs, are now also accessible through Secured-core server hardware in conjunction with Windows Server 2022.
Hardware root-of-trust - Employed in functions like BitLocker drive encryption, the Trusted Platform Module 2.0 (TPM 2.0) secure crypto-processor chips offer a safe, hardware-backed repository for safeguarding sensitive cryptographic keys and data, including measurements of system integrity. TPM 2.0 can validate the server's boot process with authentic code, establishing trust for subsequent code execution, an essential foundation referred to as a hardware root-of-trust.
Firmware protection - Firmware operates with elevated privileges and is frequently undetectable by conventional antivirus solutions, resulting in an increase in firmware-based attacks. Secured-core servers employ Dynamic Root of Trust for Measurement (DRTM) technology to assess and validate the boot processes. Additionally, they can isolate driver access to memory through Direct Memory Access (DMA) protection.
UEFI secure boot - UEFI secure boot stands as a security protocol designed to shield your servers against malicious rootkits. This feature guarantees that the server exclusively starts firmware and software that have been verified by the hardware manufacturer as trustworthy. Upon server startup, the firmware conducts a thorough examination of the signature of each boot component, encompassing firmware drivers and the operating system. If the signatures are confirmed as valid, the server proceeds to boot, and the firmware transfers control to the operating system.
Virtualisation-based security (VBS) - Secured-core servers offer advanced security features like virtualisation-based security (VBS) and hypervisor-based code integrity (HVCI). VBS leverages hardware virtualisation to create a secure memory area separate from the main operating system. This shields against certain vulnerabilities commonly exploited in cryptocurrency mining attacks. VBS also enables Credential Guard, securing user credentials within a virtual container that the OS can't directly access.
HVCI builds upon VBS to enhance code integrity. It enforces strict policies to prevent unsigned kernel mode drivers or system files from loading into system memory. Furthermore, Kernel Data Protection (KDP) safeguards kernel memory containing non-executable data by making it read-only and protecting it through the Hypervisor. KDP helps protect critical Windows Defender System Guard runtime structures from tampering.
Transport: HTTPS and TLS 1.3 enabled by default on Windows Server 2022 - Secure connections are essential in today's interconnected systems. TLS 1.3, the latest version of a widely used internet security protocol, encrypts data to ensure a safe communication link between two points. On Windows Server 2022, HTTPS and TLS 1.3 are now enabled by default, safeguarding client data when connecting to the server. TLS 1.3 removes outdated encryption methods, boosts security compared to older versions, and strives to encrypt as much of the connection setup as possible. You can find more information about supported TLS versions and cipher suites.
Server Message Block (SMB): SMB AES-256 encryption for the most security conscious - The DNS Client in Windows Server 2022 now includes support for DNS-over-HTTPS (DoH). This means that DNS queries are encrypted using the secure HTTPS protocol. DoH enhances privacy by protecting your traffic from eavesdropping and preventing manipulation of your DNS data. Discover how to configure the DNS client to utilize DoH for added security.
Secure DNS: Encrypted DNS name resolution requests with DNS-over-HTTPS - Windows Server now offers enhanced security for SMB encryption with AES-256-GCM and AES-256-CCM cryptographic suites. When connecting to a compatible computer, Windows will automatically choose a more advanced cipher method for encryption. You can also enforce this through Group Policy. For compatibility with older systems, Windows Server still supports AES-128 encryption. Additionally, signing performance has been accelerated with AES-128-GMAC signing.
SMB: East-West SMB encryption controls for internal cluster communications - Windows Server failover clusters now offer precise control over encrypting and signing storage communications within the cluster. This includes Cluster Shared Volumes (CSV) and the storage bus layer (SBL). If you're using Storage Spaces Direct, you have the flexibility to choose whether to encrypt or sign communications within the cluster, enhancing security for east-west communications.
SMB Direct and RDMA encryption - "SMB Direct and RDMA offer fast and low-latency networking for various workloads such as Storage Spaces Direct, Storage Replica, Hyper-V, Scale-out File Server, and SQL Server. In Windows Server 2022, SMB Direct now supports encryption. In the past, enabling SMB encryption disabled direct data placement, which had a significant impact on performance. Now, data is encrypted before placement, resulting in much less performance impact, all while ensuring AES-128 and AES-256 packet privacy protection.
|AD Certificate Services||✔||✔ automatically installed/configured (1)|
|AD Domain Services||✔||✔ automatically installed/configured (2)|
|AD Federation Services||✔||✔|
|AD Lightweight Directory Services||✔||✔|
|AD Rights Management Services (3)||✔||✔|
|DNS Server||✔||✔ automatically installed/configured|
|File Services||✔||✔ automatically installed/configured (4)|
|Network Policy & Access Services||✔||✔ automatically installed/configured|
|Remote Access||✔||✔ automatically installed/configured (5)|
|Remote Desktop Services (6)||✔||- (7)|
|Web Server (IIS)||✔||✔ automatically installed/configured|
|Windows Deployment Services||✔||✔|
|Windows Server Update Services||✔||-|
|Core functionality of Windows Server||-||✔||✔|
|OSEs / Hyper-V containers||-||✔ 2||✔ unlimited|
|Windows Server containers||-||✔ unlimited||✔ unlimited|
|Host Guardian Service||-||✔||✔|
|Nano Server||-||✔ *||✔ *|
|Storage features including Storage Spaces Direct and Storage Replica||-||-||✔|
|Shielded Virtual Machines||-||-||✔|
Over the past 3 decades, Broadberry has provided storage server technology to some of the largest organisations in the world. The list of organisations includes the BBC, Sky, ESPN, Disney, the University of Oxford, the University of Cambridge, Tesco, Toshiba, Sony and many more.
Broadberry solutions feature full compatibility with all major storage server software. You have full reign to switch from one operating system to another whenever you want to, without having to get a whole new box. This cost-effective and very flexible usage makes Broadberry servers ideal for businesses of all sizes.
Broadberry systems are also free from vendor lock-in, meaning that you will be able to use 3rd party hardware with your Broadberry solution if you wish to do so.
The Broadberry CyberStore range of enterprise-grade storage servers are designed and built for a wide-range of storage applications.
Completely customisable from processing to storage type and capacity, to operating system - the CyberStore range is your go-to storage platform.
The CyberStore range of storage servers are used by the world's largest organisations from the BBC, to the CERN project, governement institutions, universities and much more.
Year-after-year, the Broadberry CyberStore range of unified storage appliances has beaten the likes of Dell and HPE to be crowned "Best Storage Appliance" by PC Pro magazine.
When compared to the likes of DELL, HPE, EMC etc, the Broadberry CyberStore range of enterprise-grade unified storage appliances is up to 60% cheaper, although using the same quality components such as Seagate drives and Kingston RAM.
The Bradberry CyberStore range has been built from industry-leading commodity hardware, and carefully designed to ensuure full compatibility with leading storage operating systems and database engines.
Broadberry enterprise storage appliances are on average 86% lower cost than EMC and 55% lower cost than DELL although built using the same leading-brand server components such as Intel processors and Samsung memory. HPE hard drives are rebadged Toshiba enterprise-class drives, the exact same models as found in Broadberry storage appliances.
When you buy a Broadberry storage appliance all drive bays are supplied with caddies - so if in 6 months time you decide to expand the storage you can source it freely from the marketplace or ourselves if you wish. The only way to add hard drives to HPE servers is to buy the drives along with caddies from HPE for 200% the price of Broadberry's price.
Broadberry storage appliances come with enterprise-grade features like IPMI included, whereas HPE charge large fees for perpetual licences for the same features.
Our website allows you to configure your server online with accurate prices, as opposed to NetApp who require several face-to-face meetings with them before they'll give you a price.
Over recent years there's been a massive move from the world's largest organisations such as Google to purchase their servers from the likes of Broadberry rather than DELL and HPE. This move is fuelled by the rise in commodity hardware.
Before leaving our UK workshop, all Broadberry server and storage solutions undergo a rigorous 48 hour testing procedure. This, along with the high-quality industry leading components ensures all of our server and storage solutions meet the strictest quality guidelines demanded from us.
Our main objective is to offer great value, high-quality server and storage solutions, we understand that every company has different requirements and as such are able to offer un-equaled flexibility in designing custom server and storage solutions to meet our clients' needs.
We have established ourselves as one of the biggest storage providers in the UK, and since 1989 supplied our server and storage solutions to the world's biggest brands. Our customers include: