The end of Microsoft support for Windows Server 2008 and Windows Server 2008 R2 is imminent and planned for 14 January 2020. As of this date, Microsoft will no longer release free security updates for these platforms in an on-premises environment. Unfortunately, there are still many systems in production that adopt these operating system versions. This article discusses the approaches you can take to address this situation, avoiding exposing your infrastructure to security issues caused by the unavailability of the necessary updates.
The end of the extended support for these platforms implies that Microsoft, unless certain actions are taken, will no longer release its security updates. Under these conditions the exposure to security attacks is considerable and would result in the state of non-compliance with respect to specific regulations, such as the General Data Protection Regulation (GDPR). This condition, certainly not very pleasant for those who find themselves to face it now, given the limited time, it can also be seen as an important opportunity for renewal and innovation of the infrastructure.
To continue receiving security updates for Windows Server 20082008 R2 hosted on on-premises environment, the only possibility is to join to the program Extended Security Update (ESU). The fee program is only available for customers in Software Assurance and ensures the provision of Security Update classified as "critical" and "important" for a further three years, from 14 January 2020.
If the ESU program is not appropriate to their needs you can be assessed two totally different upgrade paths.
Upgrade on-premises
This path provides for the transition to a new version of Windows Server environment on-premises. The advice in this case is to approach at least Windows Server 2016 and not to proceed, whenever possible, with upgrade in place of the operating system, but to manage migration in side-by-side. This method usually requires the involvement of the application provider, to ensure software compatibility with the new version of the operating system. Since the software is not recent, often it require the adoption of updated versions of the same, which may comprise architecture adjustment and an in-depth phase of testing for the new release . By adopting this upgrade process, the time and effort are considerable, but the result you get is critical to complying with the technological renewal.
Migrating to Azure
Migrating Windows Server Systems 2008 and Windows Server 2008 R2 on-premises in Azure environment will continue to receive security updates for another three years, classified as critical and important, without having to join the ESU program. This scenario is not only useful to ensure compliance with its systems, but it opens the way towards hybrid architectures where you can get the cloud advantages. In this regard, Microsoft offers a great solution that can provide a large set of tools needed to best deal with the most common migration scenarios: Azure Migrate, that structure the migration process in different phase (discovery, assessment, and migration). This approach may be more immediate than upgrading systems and gives you more time to deal with software renewal. In this regard, the cloud allows you to have excellent flexibility and agility in testing applications in parallel environments. Before starting the migration path towards Azure is fundamental to structure the hybrid networking environment in a timely manner and evaluate the iterations with the other infrastructure components, to see whether the application can also work well in the cloud.
Regardless of the upgrade path you decide to take the advice is to make a detailed assessment, so you can categorize workloads by type, criticality, complexity and risk. In this way it is possible to prioritize, and proceed with a structured migration plan.
Conclusions
For all those who, inside their own datacenter have Windows Server 2008 or Windows Server 2008 R2 is appropriate to manage the condition that Microsoft will not release more security updates, free of charge, exposing systems to potential security issues. At the same time there are various possibilities offered by Microsoft to address this situation in the best possible ways. The migration path to Azure is definitely a very interesting option to start the journey to expand your datacenter into the Microsoft public cloud.