Microsoft's first service pack for Windows Server 2003, which is due in the first half of 2004, will include several new features that add desirable functionality and address customer concerns. Whether you maintain a Windows 2003 environment or plan to roll out a deployment soon, you should research this important update. Here's what you need to know about Windows 2003 Service Pack 1 (SP1).
A New Security Configuration Wizard
The new roles-based Security Configuration Wizard will finally answer what might be the most commonly asked question about Windows 2003: Which services can you turn off? This question has been difficult to answer to date because of the thousands of possible combinations of installed technology, each with a cascading hierarchy of dependencies, that can exist on any Windows system. And when you add to the mix other Microsoft server systems, such as Microsoft Exchange Server or Microsoft SQL Server, the dependencies change yet again.
To address this problem and give administrators a way to configure server systems to run only those services that are required by the roles assigned to a server, the Security Configuration Wizard accesses a back-end XML database that knows about Windows 2003 and all the Microsoft enterprise products that run on it. The wizard can run in two modes.
In the first mode, the wizard examines the system and reports the roles the server is assigned; when prompted by the user, the wizard will shut down any inappropriate services not related to the currently configured roles. In the second mode, you simply tell the wizard which roles the server should fulfill, and it automatically configures the server for the currently configured roles. In addition to shutting down services, the wizard can shut down ports that are unnecessary to the server's currently configured roles.
The Security Configuration Wizard can also export and import configurations. This feature lets you configure one server and apply that configuration to other servers. Another useful feature lets administrators and third parties add information about custom applications and third-party servers to the XML database.
Enhanced Support for 32-Bit Applications on Itanium 2
Enterprises that are examining or deploying Windows 2003 on 64-bit Itanium 2 servers must address one big headache—application incompatibility. To address the need to run 32-bit x86-based Windows applications and services on 64-bit systems, Intel added an x86 compatibility mode runtime environment, but the environment runs much more slowly than the underlying system. With Windows 2003 SP1, however, this discrepancy will no longer exist on Itanium 2 systems—the 64-bit versions of the service pack will enable a new execution layer that lets 32-bit applications run at the processor's native speed.
Bug and Security Fixes
Of course, Windows 2003 SP1 will include fixes for all the security vulnerabilities and other bugs that Microsoft has discovered since the OS's release to manufacturing (RTM) in March 2003. Whether the company will produce service pack releases for Windows 2003 more regularly than it has for Windows XP is unclear, but Microsoft representatives I've spoken with expressed a desire to issue service packs on a more consistent basis.
Deployment
Enterprise customers have typically waited for the first service pack before deploying Microsoft server products, a practice that Microsoft has been trying to discourage with Windows 2003. Although one Windows Server release probably isn't enough to change many minds, the high quality of the product has certainly helped to lessen customer resistance to rolling out products earlier. That said, Windows 2003 SP1 is an important release, one that will again make or break the company's reputation in the eyes of its enterprise customers. All enterprises deploying or thinking about deploying Windows 2003 should evaluate SP1 as soon as possible for the Security Configuration Wizard alone. And for customers considering an Itanium 2—based environment, SP1 could be the deal maker.
