On January 14th, 2020, Microsoft ends support for Windows Server 2008 and 2008 R2. “This means the end of regular security updates”, Microsoft writes

Fair enough, the hugely popular server OS has been in the market for over a decade and 3 new generations have been introduced since. Yet, a very significant amount of Windows Servers still run 2008 or 2008R2. 

We don’t have exact or recent data points, but there are enough reasons to believe that Windows Server 2008/R2 is still pretty popular:

  • Jan 2018, Ned Pyle (Principle PM at Microsoft) writes: “if you consider that Windows Server makes up ~70% of all server instances @ WS2008/R2 makes up ~40% of that pool, there’s a lot of work to be done.” In August of 2016, Spiceworks noted that “[our] research on the On-premises Server OS Market Share shows Windows Server 2008 has a 45,4% market share and is 2x the size of the next in order (Windows Server 2012; 23,6%).”
  • Docker writes “Upgrading will be no small feat as roughly 80% of all enterprise applications run on Windows Server. Of those applications, 70% still run on Windows Server 2008 or earlier versions (Microsoft Inspire, 2018)

Whether today it’s still 40%, or, ‘just’ half at 20% doesn’t really matter: they are still very significant numbers! No wonder the “battle between Microsoft and AWS for the hearts and wallets of its corporate users is underway”, as Ed Scannell wrote for TechTarget. Both companies have migration kits available. 

Why do companies keep Windows Server 2008/R2?

Windows Server 2008 is the last server OS to support 32bit applications. 32bit-based applications are still in use at many organizations. A lot of these applications just don’t have 64bit versions. Theoretically, you can run 32bit applications on 64bit OS’s as they are assumed to be compatible, but the reality is often different. 

32bit you say? some Windows Server 2008 machines will also run 16bit applications. These are only incompatible with 64bit platforms.

Furthermore, these application platforms are often part of the core processes of your organization. Even a ‘lift and shift’ wouldn’t run without hassle, let alone a more drastic migration.

So in a nutshell: there might not be a good (64bit) alternative for you or not having had the resources and time to run migrations or just two of the many (good or bad) reasons to still have Windows Server 2008 running.

Moving forward?

Having core (or non-core) platforms running on Operating Systems without support (read: security patches) is, well, not best practice and should be avoided. The last thing you’ll want is to “expose” your Windows Server 2008-based application to the outside world.

Your options: upgrade the OS, move to a public cloud (and upgrade the OS), or set up isolation security measures.

Awingu can help with the latter use-case. The Awingu gateway will connect in RDP to your Windows Server 2008/R2 instance and will make the application available in HTML5 on the end-user device. Your application will run in complete isolation inside the browser of your end-users. As Awingu connects at the RDP protocol level, the version of the OS as such does not matter. This means you can run 16bit, 32bit or 64bit applications, Awingu wouldn’t ‘see’ it.

How will your security benefit:

  • You can limit the connection between the application to one single IP address (the Awingu Virtual Appliance);
  • You avoid direct network access in the server (Awingu only provides screen refresh data)
  • Block any external data/files to be uploaded or copy-pasted into the application with Awingu’s granular controls
  • End-users leverage an SSL encrypted HTTPS connection
  • End-users authenticate with the built-in Awingu MFA
  • Admins have a full audit log of connections and usage

Furthermore, you’ll have additional Awingu benefits such as any device access and mobile working. Awingu can also aggregate other apps, desktops and file servers.

Find out more about Awingu!

About the author
arnaud square
Arnaud Marliere
Chief Marketing Officer
Sources