404 Tech Support

Understanding Windows To Go, Server 2012 Security Tools, and Remote Desktop updates to 8.0

Jason

Here’s a quick wrap up of some topics that have come up lately but would be a little lacking as their own articles. Still, it’s information to know. With Windows 8 and Server 2012 out, they changed the game and brought a number of other things with them. To keep up, you can read about Windows To Go, security tools to administer Server 2012, and Remote Desktop Protocol updating to version 8.0.

Windows To Go

Windows To Go is an enterprise feature of Windows® 8 that enables the creation of a Windows To Go workspace that can be booted from a USB-connected external drive on PCs that meet the Windows 7 or Windows 8 certification requirements, regardless of the operating system running on the PC.

Windows To Go only comes with Windows 8 Enterprise. Before the launch Microsoft announced an update to enhance Software Assurance to allow additional licensing for Windows To Go.

There are a few key differences between a Windows To Go environment and your typical Windows install:

  • Internal disks are offline. To ensure data isn’t accidentally disclosed, internal hard disks on the host computer are offline by default when booted into a Windows To Go workspace. Similarly if a Windows To Go drive is inserted into a running system the Windows To Go drive will not be listed in Windows Explorer.
  • Trusted Platform Module (TPM) isn’t used. When using BitLocker Drive Encryption a pre-operating system boot password will be used for security rather than the TPM since the TPM is tied to a specific computer and Windows To Go drives will move between computers.
  • Hibernate is disabled by default. To ensure that the Windows To Go workspace is able to move between computers easily, hibernation is disabled by default. Hibernation can be re-enabled by using Group Policy settings.
  • Windows Recovery Environment isn’t available. In the rare case that you need to recover your Windows To Go drive, you should re-image it with a fresh image of Windows.
  • Push Button Reset isn’t available. Resetting to the manufacturer’s standard for the computer doesn’t really apply when running a Windows To Go workspace, so the feature was disabled.
  • Store is disabled by default. Apps licensed through the store are linked to hardware for licensing. Since Windows To Go is designed to roam to different host PCs access to the store is disabled. You can enable the store if your Windows To Go workspaces won’t be roaming to multiple PC hosts.

For more information on Windows To Go, consider reading these TechNet articles from Microsoft:

Security Tools to Administer Server 2012

This topic for the IT professional lists and describes Microsoft tools that are available for Windows Server 2012 to administer security technologies and address ongoing threats to your computers and network.

This page organizes many of the new aspects for Server 2012 with places to find tools in the categories of Access, Auditing, Certificates, Computers, Credentials, Cryptography, Files, Security Policies, Security Principals, and System Security. It also has links to useful security related PowerShell cmdlets.

Remote Desktop Protocol gets updated to RDP 8.0

Windows 8 and Server 2012 came with an update to Remote Desktop, bringing the version up to 8.0. Windows 7 SP1 and Server 2008 R2 SP1 computers can also get an update to be able to take advantage of the new features in RDP 8.0:

Description of the Remote Desktop Protocol 8.0 update for Windows 7 SP1 and Server 2008 R2 SP1

Make sure you install the update KB 2574819 to support DTLS first.

You can find the RDP 8.0 update downloads near the bottom of the KB 2592687 update.

Remote Desktop Services Blog on the RDP 8.0 Update: Enabling a great WAN user experience for Windows 7 SP1 virtual desktops.