In the era of Artificial Intelligence and native services for the cloud, organizations continue to rely on Windows Server as a secure and reliable platform for their mission-critical workloads. However, it is important to note that support for Windows Server 2012/R2 will end on 10 October 2023. After that date, Windows Server 2012/R2 systems will become vulnerable if action is not taken, as they will no longer receive regular security updates. Recently, Microsoft has announced that Azure offers new solutions to better manage the end of support of Windows Server 2012/R2. These solutions will be examined in detail in this article, after a brief summary to set the context.
The impact of end of support for Windows Server 2012 R2: what it means for companies?
Microsoft has announced the end of support for Windows Server 2012 and 2012 R2, fixed for 10 October 2023. This event represents a turning point for many organizations that rely on these servers to access applications and data. But what exactly does end of support mean (EOL) and what are the implications for companies?
Understanding end of support
Microsoft has a lifecycle policy that provides support for its products, including Windows Server 2012 and 2012 R2. End of support refers to when a product is no longer supported by Microsoft, which means no more security updates will be provided, patches or technical support.
Why companies should care
Without regular updates and patches, companies using Windows Server 2012 and 2012 R2 are exposed to security vulnerabilities, such as ransomware attacks and data breaches. Furthermore, using an unsupported product such as Windows Server 2012 or 2012 R2 can lead to non-compliance issues. Finally, outdated software can cause compatibility issues with newer applications and hardware, hampering efficiency and productivity.
An opportunity to review IT strategy
Companies should use the EOL event as an opportunity to review their IT strategy and determine the desired business goals for their technology. In this way, they can align the technology with their long-term goals, leveraging the latest cloud solutions and improving operational efficiency.
The strategies that can be adopted to deal with this situation, thus avoiding exposing your IT infrastructure to security issues, have already been addressed in the article: How the End of Support of Windows Server 2012 can be a great opportunity for CTOs.
About this, Microsoft has introduced two new options, provided through Azure, to help manage this situation:
- updating servers with Azure Migrate;
- distribution on Azure Arc-enabled servers of updates deriving from the ESU (Extended Security Updates).
The following paragraphs describe the characteristics of these new options.
Updating Windows servers in end of support phase (EOS) with Azure Migrate
Azure Migrate is a service offered by Microsoft Azure that allows you to assess and migrate on-premises resources, as virtual machines, applications and databases, towards the Azure cloud infrastructure. Recently, Azure Migrate has introduced support for in-place upgrades for Windows Server 2012 and later, when moving to Azure. This allows organizations to move their legacy applications and databases to a fully supported operating system, compatible and compliant as Windows Server 2016, 2019 or 2022.
Key benefits of Azure Migrate's OS update feature
Risk mitigation: Azure Migrate creates a replica of the original server in Azure, allowing the OS to be updated on the replica while the source server remains intact. In case of problems, customers can easily go back to the original operating system.
Compatibility Test: Azure Migrate provides the ability to perform a test migration in an isolated environment in Azure. This is especially useful for OS updates, allowing customers to evaluate the compatibility of their operating system and updated applications without impacting production. This way you can identify and fix any problems in advance.
Reduced effort and downtime: integrating OS updates with cloud migration, customers can significantly save time and effort. With only one additional data, the version of the target operating system, Azure Migrate takes care of the rest, simplifying the process. This integration further reduces downtime of the server and applications hosted on it, increasing efficiency.
No separate Windows licenses: with the Azure Migrate OS update, you do not need to purchase an operating system license separately to upgrade. That the customer uses Azure Hybrid Benefits (AHB) o PAYG, is covered when migrating to an Azure VM using Azure Migrate.
Large-scale server upgrade: Azure Migrate supports large-scale server OS upgrades, allowing customers to upgrade up to 500 server in parallel when migrating to Azure. Using the Azure portal, you will be able to select up to 10 VMs at a time to set up replicas. To replicate multiple VMs you can use the portal and add VMs to be replicated in multiple batches of 10 VMs, or use the Azure Migrate PowerShell interface to configure replication.
Supported OS versions
Azure Migrate can handle:
- Windows Server 2012: supports upgrading to Windows Server 2016;
- Windows Server 2012 R2: supports upgrading to Windows Server 2016, Windows Server 2019;
- Windows Server 2016: supports upgrading to Windows Server 2019, Windows Server 2022;
- Windows Server 2019: supports upgrading to Windows Server 2022.
Deployment of ESU-derived updates on Azure Arc-enabled servers
Azure Arc is a set of Microsoft solutions that help businesses manage, govern and protect assets in various environments, including on premise, edge e multi-cloud, extending the management capabilities of Azure to any infrastructure.
For organizations unable to modernize or migrate before Windows Server 2012/R2 end of support date, Microsoft has announced Extended Security Updates (ESU) enable Azure Arc. With Azure Arc, organizations will be able to purchase and distribute Extended Security Updates seamlessly (ESU) in on-premises or multicloud environments, direct from the Azure Portal.
To get Extended Security Updates (ESU) for Windows Server 2012/R2 and SQL Server 2012 enable Azure Arc, you need to follow the steps below:
- Preparing the Azure Arc environment: first of all, you need an Azure environment and a working Azure Arc infrastructure. Azure Arc can be installed on any server running Windows Server 2012/R2 or SQL Server 2012, provided that the connectivity requirements are met.
- Server registration in Azure Arc: once the Azure Arc environment is set up, you need to register your Windows servers or SQL Server systems in Azure Arc. This process allows systems to become managed resources in Azure, making them eligible for ESUs.
- Purchase of ESUs: once the servers are registered in Azure Arc, ESUs can be purchased, for each server you want to protect, through Azure.
- ESU activation: after the purchase of the ESUs, you need to activate them on the servers. This process involves installing a license key and downloading security updates from Windows Update or your local update distribution infrastructure.
- Installing updates: finally, once the ESUs are activated, you can install security updates on servers. This process can be managed manually or by automating it through update management tools.
Note: ESUs only provide critical and important security updates, they do not include new features or performance improvements. Furthermore, ESUs are only available for a limited time after Microsoft's end of support. Therefore, we recommend that you consider migrating to newer versions of servers to have access to all features, in addition to security updates.
This year, Microsoft celebrates the 30th anniversary of Windows Server, a goal achieved thanks to relentless innovation and customer support. However, customers must commit to keeping their Windows Server systems up-to-date near the end of support. In particular, the end of support for Windows Server 2012 and 2012 R2 poses a significant risk to companies, but it also presents an opportunity to review and improve their IT strategy. Identifying desired business goals, engaging in strategic planning e, if necessary, using these new solutions offered by Azure, companies can ensure a smooth and successful transition, optimizing their IT infrastructure to achieve their long-term goals.