Microsoft will no longer release security for Windows Server 2008 and Windows Server 2008 R2 starting January 14, 2020. Remaining on legacy infrastructure exposes your business to security threats, makes you non-compliant with regulations, and is more costly to operate.
You can bet hackers have the Windows Server 2008 a end of service date penciled in their calendar. They will be adding their finds to the list of Windows Server 2008 vulnerabilities. Once hackers have crowd-sourced the list of vulnerabilities, they will conduct a quick Google search to download a list of companies currently on unsupported servers and will begin exploiting those companies.
It really is that easy. So instead of dealing with a data breach and explaining to your CEO and customers that you remained on legacy systems past the end-of-service date, you should probably just upgrade your IT infrastructure. I mean... it's over 10 years old anyway, it's about time you move on!
Windows Server 2008 End of Support
You have 3 options. One, Microsoft will allow you to perform a 'lift and shift' of your Windows 2008 servers, migrating them into Azure. You can re-host your workloads in Azure with no application code changes. Doing so will give you 3 more years of extended security updates(until July, 2023) at no additional cost andfrequently answered questions about extended security updates are addressed here. By re-hosting those same workloads on Azure you'll even be able to take advantage ofAzure Hybridand save money. Microsoft is giving you this option because they would rather you have secure infrastructure while you plan for the future than have you simply run unsupported technology. It will give you a taste of the realm of possibilities with Azure, keep your servers secure, and give you a little more breathing room to think about upgrades.
Two, you can upgrade your on premises 2008 to Windows Sever 2012, 2016, or 2019 by January 14, 2020 and leave it on-premise. Three, you can migrate and upgrade from Windows Server 2008 on-premise to Windows Server 2019, hosted on Azure. You'll reap the most benefits with this option as you'll be updating your in-house infrastructure to a PaaS model, shifting the burden of all the dirty work onto Microsoft, and freeing you up for more creative, high-level IT work. In addition, you'll get the benefits of cost savings and built-in security. Why do you save so much money? Because with Azure you only pay for the consumption you use, instead of paying for all the underutilized hardware you have in the office right now.
Step 1 - Assess
Now that you know your options, I'm going to prepare you by making sure you have the right tools and are thinking about the scope of the project. First, you'll obviously have to identify which workloads are running on Windows 2008 and assess the business priorities and risk involved with touching them. So you know, do you have a back up? Is there redundancy? What are your server roles? Does it need to be migrated at night when no one is using it? What are your custom line-of-business and Microsoft applications? What will the impact on your network be?How will a migration affect your budget and costs? Those types of questions. To get you started, take an inventory of your apps and workloads by the following types: custom applications, Microsoft server applications, Microsoft partner applications, and Windows Server workloads (DNS/file/print). Then score the business impact of those categories and how important they are to your business operations. Then also give a score for the complexity of the application, based on the expertise and confidence you and your team has in migrating them.
Second, you'll want to run the Microsoft Assessment and Planning (MAP) Toolkit, which Microsoft describes as a "an agentless, automated, multi-productplanning and assessment tool that enables faster and easier desktop, server, and cloud migrations". This tool will give you deep insights into the scope of work set out for you and offer recommendations so that your migration is as smooth as possible. When you're done with that, check out Azure migrate, a Microsoft service that allows you to access on-premise workloads to determine the migrations suitability of those machines by providing VM sizing recommendations based on your current workload's performance history.
Third, you're probably wondering how much it's going to cost you. You can check out the Azure Total Cost of Ownership (TCO) calculator to receive a ball park estimate of your monthly spend. Microsoft is really pushing Azure on everyone, so there are a ton of financial incentives set aside for customers that migrate, so be sure to ask about them when you reach out to us.
Step 2 - Migrate
Once you've assessed your infrastructure you'll have to think about your migration approach. You can re-host your Windows Server 2008 workloads using Azure Site Recovery in order to migrate the machine images (either physical or virtual machines) into Azure VMs while using Azure Networking Services to relay them back to your servers. For your Line-of-Business (LOB) applications, you can migrate them in Azure using containers with minimal to no coding. You can even test how your legacy LOB applications will function by creating a sandbox environment in Azure. You can learn how to do a lot of this from the Azure Learning Center. Many companies still use Windows Server 2008 to host their Active Directory, DNS, and file and print services. Azure can easily take care of all of that, taking the burden off of your IT team to manage that infrastructure. For one, you can move you on-premises Active Directory to the cloud-based identity and access management service, Azure Active Directory. Doing so will improve reliability, security, and allow your team to manage IT remotely. In addition, you can reduce your workload by migrating your DNS server to Azure DNS, further reducing the burden of your IT team to perform tedious maintenance tasks. Furthermore, use Windows Server Storage Migration Service to easily migrate your file server data to OneDrive for Business. After all, you're already paying for it through your Office 365 or Microsoft 365 licenses, and OneDrive data is automatically encrypted and backed up. A little side-note about OneDrive for business, my favorite feature is file-on-demand, which allows you to see all of your businesses' cloud files without needed to download them to your desktop.
With a clean installation you can move to the latest version of Windows Server on the same hardware, and you do this by installing the newer operating system over the old one, which is then deleted. When you're done you'll need to migrate your server roles. In addition, it's important to note Microsoft's advice on moving to Windows Server 2019, "If you’re using Windows Server 2008 or Windows Server 2008 R2, you’ll need to plan to use the server role migration method or upgrade from Windows Server 2008 to Windows Server 2012 R2 and then upgrade again to Windows Server 2016, and then Windows Server 2019, as direct updates are not supported". You can read the complete guide to migrating your Windows Servers for more details.
Step 3 - Optimize
Azure makes optimization easy and transparent when it comes to cost management, security, and governance. You can plug in Azure Cost Management for right-sizing your workloads for cost reduction, and Azure Advisor for best-practice recommendations. You should also use the Azure Trust Center and Office 365 Security and Compliance center for your data governance and compliance needs. While I can't cover everything, this is the foundation for what you'll need when upgrading and migrating away from Windows Server 2008!