On January 14th 2020, support for Windows Server 2008 and 2008 R2 came to an end, which means regular patches and security updates are no longer available from Microsoft.
There are many risks and options open to organizations relying on unsupported software now that the EOS milestone has been reached.
The following interview with my highly revered colleague, Marcial Antigua, outlines the options for moving to a modern environment and explores the topics organizations should consider as they plan their migration or upgrade from Windows Server 2008.
Mustafa Hamid, Global Discipline Lead at Dell Technologies
As the Global Discipline Lead for Workforce Transformation Consulting Services at Dell Technologies, my role focuses on thought-leadership, strategy, and helping to develop Dell Consulting Services best practices.
Marcial Antigua, Technical Design Architect at Dell Technologies
Marcial Antigua is a Technical Design Architect for Dell Technologies. He works in Communications and Collaboration Workforce Transformation, and has been in Consulting Delivery, leading and delivering projects for customers throughout his career. Marcial’s role extends into sales and pre-sales. He works closely with Mustafa on many IT development projects and service upgrades, one of which is EOS service offerings.
What options are customers facing, now that they have servers in their estate that are no longer supported by Microsoft?
Mustafa: “The first option is migration to a public cloud, the most compelling one being Microsoft Azure. For organizations who prefer an on-premises solution, Azure Stack, is another option. The Azure options allow organizations to lift and shift without upgrading and still receive security updates for 3 more years from Microsoft.
Another option is re-hosting to a modern on-premises operating system (OS) such as Windows Server 2019 with any number of on-premises hardware solutions, including an existing system for an in-place upgrade to a modern OS.
The least optimal option, would be to do nothing, and purchase an extended support contract with Microsoft.”
What are the risks of running without support?
Marcial: “Support has ended therefore servers are already at risk. In between updates, there’s a monthly patch cycle that Microsoft has. Ad hoc security patches are also released in between. Some are for zero-day exploits and need to be applied immediately. Unprotected servers risk exploitation from things like malware, hackers and cybercriminals.”
Mustafa: “If the server is connected to the network, which most servers are, the entire connected network at risk from potential exploits. So, it’s really hard to overstate the risk involved. In the rare case there’s a decision to leave servers running without support and security updates, it’s important to have a proactive plan to mitigate the risk as much as possible.”
What are some best practices for planning the migration process?
- Assessment and discovery
Marcial: “In any migration or project of this type, it’s important to conduct a thorough assessment and discovery of the current state. Use the proper tools to explore service applications, and dependencies on other systems, such as storage, medical engineering equipment and the like.
It’s necessary to classify and prioritise servers and applications. Determine if an application is custom or off-the-shelf; whether the application is still supported or not; if the vendor is still available and establish if the application is currently in use.”
- Handling data
Mustafa: “Success in these types of migrations depends on having the tools to deal with governance, bringing disparate data together that will then be used to orchestrate the shift.
It’s particularly the case with large, potentially siloed organisations where the silos all depend on each other. Without repeatable frameworks, governance and tools that help manage the shift, there may be a disconnect which increases the risk. At Dell Technologies Services, we have a repeatable framework and methodologies, IP, and custom tools specifically built to manage these migrations.”
- Balancing cost against the target environment
Marcial: “Regarding the cost and effort, one would have to consider whether the target is physical or virtual, as some systems cannot be virtualised. Consider whether the organization wants to keep the servers on-premises, in the cloud, or in a hybrid environment.
Ensure sure there’s capacity to support the current environment and the current state, maybe also to support the environment when it’s in transition from old to new. Enough capacity is needed to support the future estate and projected growth.”
- Turning to Azure
Mustafa: “Azure comes with cloud operating model benefits, typically involving a change from a CAPEX to an OPEX type of financial model – which is obviously the case for Azure or any other type of cloud operating model such as AWS or Google Cloud.
There are a number of benefits Azure provides just from economies of scale – things like improved efficiencies, and the ability to expand capacity on demand, avoiding the need to size for peaks.
Another benefit of turning to Azure is essentially outsourcing the sophisticated expertise that is needed to operate these data centres allowing in-house staff to focus on more business related initiatives.”
- Skills and staff to support migration
Marcial: “Technical skills come into play with Windows Server and Microsoft technology, seeing as we are dealing with Microsoft products, systems and operating systems, when considering Win 2008 end of support.
Expertise is needed for any products that run on Microsoft server, such as Active Directory, SQL, and Exchange, so the skills element primarily involves Microsoft related technology.
General IP and knowledge concerning applications and infrastructure are important because there are many other applications running on Windows servers. Understand how these are installed, how they interact and work with other systems.
Project management is critical, especially with large projects that span multiple locations, dealing with many business units, different departments and lots of people.”
Mustafa: “Active engagement from the organizations’ key stakeholders such as the IT team and most certainly the application owners are critical to ensure migration success. It’s really difficult and somewhat unrealistic to out-source the entire project and truly be successful.”
- Planning and preparation
Marcial: “It’s essential to plan and prepare properly for different outcomes, especially where highly critical business applications are concerned. Have backups, a roll back plan, or a secondary solution ready in case problems occur.”
Mustafa: “We advise to do these migrations iteratively and in bitesize chunks. This way allows for the benefit of leveraging learnings to continuously improve, tune processes and procedures, and balance risk.
That’s the powerful thing about technologies such as Azure or Azure Stack, cloud models and containerisation, Kubernetes, Pivotal Cloud Foundry (PCF). They allow for less dependency on underlying components and they grant the flexibility to adapt to changes in the IT environment. These technologies form the foundation for true business agility and allow organizations the flexibility to rapidly respond to changing conditions.”
- Application testing
Marcial: “As part of any EOS phase-out or migration project, include application testing and verification to ensure that whatever the application is, the business can run normally after the shift. Then make sure to have contingencies in place in case the migration is not successful.
Ultimately, whatever the target is, when a migration or an upgrade is completed, verify that the applications running on those servers operate normally and as expected.”
In Summary, How Can Dell Technologies Services Help?
Mustafa: “At Dell Technologies Services, we have a long track record of doing these types of migrations, and we have the methodologies, the processes and the tools in place. We can ramp up or on-board resources to speed up certain types of efforts, and we also have factory capabilities which allows us to perform migrations at velocity and during off-hours. Dell Technologies Services can help through its capability to increase and scale resources as needed.
We have strong relationships with software partners and other hardware contractors to support migrations that involve multiple systems and applications.
We have a tool called Dell Transformation Manager (DTM) which orchestrates migrations as part of a migration framework. Another tool, called DTM-SAM, is an assessment and survey module which helps assess the environment and then recommends dispositions of applications during the assessment phase.
Those are two of our key tools, developed and proprietary to Dell Technologies. We also leverage 3rd party tools in combination with our unique methodologies. For example, we have methodologies to do dependency mapping, discovery, cloud suitability, all of those things.”
Customers who have not already migrated can learn more about how to fast-track their upgrade to more modern infrastructures in this Strategies to Consider Post-Windows 2008 EOS webinar produced by Dell Technologies. Hear Mark Allbritten, experienced Data Centre Solution Principal and Mustafa Hamid, Global Discipline Lead from Dell Technologies explain:
- How Dell Technologies can help plan your cloud or on-premises migration, upgrade and re-platform, as well as consolidate and archive.
- How we can provide full-service installation, configuration, and end-to-end project management.
- Why Dell Technologies Services is the partner of choice for organizations around the world.
What strategy does your organization have in place to migrate to a modern environment?
Comment below to start the conversation, or contact Dell Technologies Consulting to learn how we can help you.