Understanding new and improved features in Windows Server 2019

With Windows Server 2016 End of Life, I wanted to take a minute to look at some of the key new and improved features included in Windows Server 2019. “Whats new with Windows Server 2019?” is a question we've heard a lot since this operating system launched. Customers have been wondering what technological advancements it includes over previous generations of Windows Server.

With the latest hardware, such as HPE ProLiant Gen10 Servers, Windows Server 2019 can help businesses prepare for the future, build sales, optimize operations, and stay protected with advanced security capabilities. This cloud-ready operating system provides businesses with the flexibility to connect on-premises hardware with Microsoft Azure and begin moving to the cloud with it best fits the business’ needs. It also gives the flexibility to move applications and data back from the cloud if that need should arise.

Windows Server 2019 Advanced Security Capabilities

Organizations can elevate their security posture by protecting the data center starting with the operating system. Windows Server 2019 does not disappoint when it comes to security features for both on and off premises data. Building onto a solid security foundation in Windows Server 2016, new and improved technologies in Windows Server 2019 help organizations manage privileged identities, secure the operating system, and secure virtualization fabric.

New/improved Windows Server 2019 security features include:

Enhanced Windows Defender Advanced Threat Protection (ATP)

Windows Defender ATP Exploit   Guard is a new set of host intrusion prevention capabilities such as preventative protection, attack detection, and zero-day exploits.

Shielded VMs for Linux

Windows Server 2019 supports Shielded VMs for Linux to protect Linux VMs from attacks and compromised administrators in the underlying fabric and extensive threat resistance components.

HGS offline mode for shielded VM

Offline mode allows shielded VMs to turn on when HGS cannot be reached, as long as the security configuration of your Hyper-V host has not changed.

VMConnect for shielded VMs

Enhances the interactive session experience by providing a functionality similar to a remote desktop connection while interacting with a shielded VM for Windows and Linux machines.

Cluster hardening

New clusters running Windows Server 2019 will not require NTLM, which completely removes the requirement of Active Directory for clusters in Windows Server.

SDN encrypted subnet

Virtual network encryption provides the ability for the virtual network traffic to be encrypted between VMs that communicate with each other within subnets.


Windows Server 2019 Unique Hybrid Platform

With Windows Server 2019, organizations can extend on-premises to the cloud and add hybrid management capabilities to maximize investments and gain new ones. Extending Active Directory, synchronizing file servers, and backup in the cloud are just a few examples of what customers are already doing today to extend their data centers to the public cloud. Utilizing a hybrid approach allows for apps running on-premises to take advantage of innovation in the cloud such as Artificial Intelligence and IoT. Hybrid Cloud infrastructure enables a future-proof, long-term approach which will pal a central role in cloud strategies for the foreseeable future.

New/improved Windows Server 2019 Hybrid Platform features include:

Storage migration service

Helps to inventory and migrate data, security, and configurations from old legacy systems to Windows Server 2019 and/or Azure.

System insights

Brings local predictive analytics capabilities native to Windows Server. These predictive capabilities, each backed by a machine-learning model, locally analyze Windows Server system data to provide high-accuracy predictions that help reduce the operational expenses associated with reactively managing Windows Server instances.

Azure network adaptor

Easily connects to Azure virtual networks. Windows Admin Center performs the heavy lifting of configuring the VPN to a new network adapter that will connect Windows Server 2019 to a point-to-site Azure virtual network VPN.

Enhanced AD authentication 

Windows Server 2019 will be able to join Active Directory, enabling new scenarios in which the computer account can be used for authentication.


Windows Server 2019 Hyper-Converged Infrastructure (HCI)

Organizations of all sizes are embracing HCI for improved cost and performance benefits. Businesses are understanding the value of using servers, like HPE ProLiant Gen10 Servers, with high performance local disks to run their compute and storage needs at the same time while also being able to easily scale deployments. HPE and Microsoft are working together to help organizations take advantage of HCI. As a Windows Server Software Defined, WSSD, and Azure Stack HCI partner, HPE offers a choice of ready to go solution configurations based on HPE ProLiant servers and components which are tested, optimized, and validated with Windows Server 2019 Datacenter’s Storage Spaces Direct to deliver solid performance, high availability, and improved reliability for HCI.

New/Improved Windows Server 2019 Unprecedented Hyper-Converged Infrastructure (HCI) features

Unified management

Windows Admin Center is an elegant browser-based HCI remote management interface that includes software-defined network configuration and monitoring.

Storage class memory


Support for new generation of server hardware including storage class memory, which drastically improves performance for server applications.

Supports USB thumb drive (as cluster witness) for nested resiliency

Support for USB thumb drive as cluster witness allowing true 2 node HCI deployments, with no additional dependencies. 

Cluster-wide monitoring

Monitors memory and CPU usage, storage capacity, IOPS, throughput, and latency in real-time with clear alerts when something's not right.

Cluster sets

Allows you to create clusters of greater flexibility without sacrificing resiliency.

Kernel soft reboot

Provides WSSD-validated hardware faster reboot time, reducing application downtime.

Persistent memory support

Persistent memory (PM) technology provides byte-level access to non-volatile media while also reducing the latency of storing or retrieving data significantly.

Virtual network peering

Provides high speed connectivity between two virtual networks. Traffic between the virtual networks goes through the underlying fabric network with no gateway. Both virtual networks must be part of the same datacenter stamp.

Distributed firewall and micro-segmentation

Dynamically segments networks based on evolving security or application needs using a stateful firewall and network security groups.

IP address management (IPAM) and DNS

IPAM now supports comprehensive DNS and DHCP management with role-based access control across multiple AD forests. DNS provides for traffic management, load balancing, split-brain deployments, and prevention of DNS amplification attacks.

MultiPoint services role

Enables low cost-per-seat by allowing multiple users to run their own sessions while connected to one machine.

Enhanced storage spaces direct*

Build software-defined storage using industry standard servers with local storage that can scale up to 1PB per storage pool in Windows Server 2016 and 4PB per storage pool and 64TB per volume in Windows Server 2019.

Mirror-accelerated parity*


Lets you create volumes that are part mirror and part parity for 2x better performance on storage spaces direct deployments. Writes land first in the mirrored portion and are gradually moved into the parity portion.

Azure Witness for cluster*

Enables Azure blob storage as a witness in a quorum for a stretched cluster. Additionally, in Windows Server 2019 you can now create a file share witness that does not utilize the Cluster Name Object (CNO), but simply uses a local user account on the server the FSW is connected to.

Improved SDN gateway*

Improvements up to 3x for GRE tunnels and IPSec site-to-site VPN.

Converged RDMA*

Converge RDMA storage traffic and tenant Ethernet traffic on the same underlying NIC team for significant cost savings, while also getting the desired throughput and quality of service.

*Updated from Windows Server 2016


Willa Anderson
Hewlett Packard Enterprise

0 Kudos
About the Author


Willa manages the HPE | Microsoft Coffee Coaching program. Follow along to learn more about the latest HPE OEM Microsoft product releases and how the HPE Microsoft partnership can benefit partners and customers.