Windows 8 : Advanced Features (Part 2)

12/11/2012 11:58:02 PM

Data integrity and security

Professionals and power users often need to add storage to their systems, and safeguard the integrity of their data. Regular backup is part of that equation (perhaps using Windows 8’s

File History feature as mentioned above); but Windows 8’s new Storage Spaces feature kills two birds with one stone. First, it lets you combine any number of drives – regardless of how they’re connected – into a single convenient pool, which can be dynamically extended simply by adding drives at any time. Within this pool, you can configure mirroring or parity to provide transparent tolerance for one or more drive failures. Storage Spaces therefore gives you the peace of mind and flexibility of an extensible RAID enclosure with the effective simplicity of using a single external or internal drive. Setup is simple: you’ll find the new Storage Spaces manager under Settings, and creating, extending and repairing pools is a matter of a few clicks.

“The upgraded Performance tab gives you a closer graphical look at resource usage”

Windows 8 uses a hibernation-style “fast startup” system

Windows 8 uses a hibernation-style “fast startup” system

BitLocker in the Professional and Enterprise editions of Windows 8 now supports hard disks with hardware FDE (full disk encryption) features, making your data unreadable if the disk is stolen. It’s also now possible to use BitLocker’s soft-encryption capabilities to encrypt a drive before installing Windows 8 on it. Microsoft has listened to complaints about how long it took to encrypt disks in previous BitLocker implementations, so in Windows 8 you’re given the option of encrypting only the area that’s in use rather than the entire disk capacity, slashing setup times.

Windows 8 focuses on stability, too. Device drivers must now be digitally signed by a recognised developer, making it harder for dubious code to access your system. This doesn’t mean that legacy hardware is shut out – using the Advanced Startup option in Settings, you can reboot into a less secure mode in which unsigned drivers can be temporarily installed.

For businesses looking to secure desktop clients, Windows 8 also brings support for secure boot on UEFI hardware. This means the hardware will refuse to boot unsigned or unknown OS loaders, closing off an avenue often used by rootkit-type malware to compromise a PC. It’s a feature that’s caused controversy: when Windows 8’s support for secure boot was announced, users of Linuxbased operating systems and similar projects feared that “homebrew” systems would be locked out, as their unrecognised boot loaders would be rejected. In reality, secure boot can be disabled manually by the user in the BIOS settings, so Linux users can simply carry on as before. IT departments wishing to enforce secure boot can password-protect the BIOS to prevent it from being disabled.

Finally, the AppLocker system has been beefed up in Windows 8, so administrators can now allow or deny specific packaged applications and installers, rather than having to rely on the more broad-brush policies supported by the Windows 7 version of AppLocker.

Refresh and reinstall

With the best will in the world, PCs go wrong. Microsoft understands this – hence the introduction of System Restore in Windows XP, to enable you to roll back changes if necessary in order to restore your PC to a previous working state.

“Refresh your PC” removes the need for system restore discs

“Refresh your PC” removes the need for system restore discs

Windows 8 takes this idea much further, introducing two new ways to restore your PC to an earlier state.Under Settings you’ll now find options to “Refresh your PC” and “Remove everything and reinstall Windows”. These options are also found in the Troubleshooting interface that appears at startup if Windows can’t boot properly. These two options are based on the same concept – an automatic, in-place reinstallation of Windows that restores the underlying system to pristine condition. The difference is in the data and settings that are retained. As you’d expect, the “Remove everything” option wipes the system completely, including your data and settings. “Refresh” keeps copies of your personal files and remembers important settings, such as network connections and saved BitLocker keys. It also retains any “modern” tablet-style apps – as these are heavily sandboxed, they’re unlikely to be the cause of the problem.

These features may sound pedestrian, but they mean PC manufacturers no longer need to produce recovery discs and partitions, and ensure that everybody running Windows 8 can easily revert to a fresh installation state without losing their data.

Most helpfully, Windows 8 even allows you to customise your Refresh image. For example, you might choose to take a snapshot of your system with your Outlook mail configured and Visual Studio installed, to which you can easily roll back in case of system failure. You can do this using the new recimg command-line tool. To use it, open a command prompt as Administrator and enter recimg -CreateImage C:\ (or whichever directory you like). This will make an image of your PC, place it in the root of the C drive, and automatically set it as the default Refresh image. Enter recimg /? to see the full list of options for recimg.

Client Hyper-V

Windows 8 marks the first time Microsoft has included its Hyper-V virtualisation host in a client OS, although you need a 64-bit edition of Windows 8 Professional or Enterprise and at least 4GB of RAM to use it. You’ll also need a processor that supports Second-Level Address Translation, which in practice means a CPU no more than around two years old.

Client Hyper-V

Client Hyper-V

The feature isn’t installed by default – you add it by going into the “Turn Windows features on or off” Settings item and ticking the box to download it. Sit through a couple of reboots and when Windows starts up again, the Hyper-V Manager will be available, ready for you to create or import virtual machines.

Hyper-V is a professional virtualisation tool that lets you create any number of virtual machines, each with up to 32 cores and 512GB of memory. You can view running virtual machines in a window, or connect to them through Windows’ remote desktop service to let them take direct advantage of local hardware, including multiple monitors, audio devices and USB-connected peripherals. Whether you’re looking to test a software environment or provide a virtualised service, it will do everything you need.

If your hardware or software doesn’t support Hyper-V, don’t worry – there are free third-party virtualisation hosts you can use in much the same way. Two of the most popular are Oracle VirtualBox ( and VMware Player.

Living in a connected world

Windows 8 is the first version of Windows to link your identity across multiple PCs, using Microsoft Accounts by default as connected user accounts. This doesn’t mean every system you use will work identically, but cosmetic settings such as wallpaper can be synchronised automatically across all the systems you use, as can stored passwords and credentials. To determine what syncs, you can use the “Sync your settings” option.

If you want to synchronise documents, you can use the built-in SkyDrive feature (or a third-party service such as Dropbox). There’s no way of synchronising desktop applications – this would clog up small devices, not to mention violate licence agreements. However, full-screen “Modern” apps are more flexible; if you have the same app installed on multiple systems, its settings and most recently used state can be automatically synchronized across them.

The move to online accounts simplifies matters when it comes to managing home networks. In the past, when parents wanted to use Windows Family Safety, they had to go through a slightly awkward process of associating each child’s local user account with an online identity. Now the single sign-on system manages everything. The Family Safety system itself has been updated, too, so you can now restrict not only web pages but also app downloads from the Windows Store to certain age categories. In addition to the existing “permitted hours settings”, parents have the option of limiting the total time their offspring spend online, or just using the computer, on a given day.

Windows 8 is also the first version of the operating system with a built-in awareness that not all networks are created equal. 3G mobile internet adapters can now be configured as metered connections, which won’t be used automatically to download apps and drivers. To activate this feature, open the Charms menu, select Settings, right-click on the appropriate connection and select “Set as metered connection”. Windows can keep track of your estimated data usage over a metered connection, so you can tell if you’re getting near a data cap; you can also assign different costs to different adapters, enabling Windows to select the cheapest connection automatically (Windows will use this by default in preference to any mobile broadband connection if a Wi-Fi connection is available). If you need to shut down all your wireless communications, a new “airplane mode” toggle makes it easy.

Business-friendly features

“Device drivers must now be digitally signed by a recognised developer”

One novel feature that Microsoft has been eagerly showing off in demonstrations of Windows 8 is the new Windows To Go system, which allows you to install the operating system onto a USB flash drive or external hard disk. The process is fairly automatic – you’re guided through it by a wizard called the Windows To Go Creator. The volume you create can then be used to boot any PC it’s plugged into – a boon for remote workers and hot-deskers.

The process is fairly automatic – you’re guided through it by a wizard called the Windows To Go Creator.

The process is fairly automatic – you’re guided through it by a wizard called the Windows To Go Creator.

The way it works has been well thought out: the first time you start up on new hardware, any necessary drivers are automatically downloaded and then integrated into the image so that subsequent boots take place at full speed. Memory caching is used sensibly, so booting and running over USB 2 is an impressively smooth experience (although USB 3 is recommended for optimum performance). The system is designed to tolerate the accidental removal of the system drive, allowing you to resume by reconnecting the disk within 60 seconds. With full-disk encryption, any security concerns over losing the drive are eliminated.

Windows To Go has limitations, however – once you start using a To Go system, there’s no way of automatically synchronising new documents and desktop applications back to your primary system. It’s also available in only the Enterprise edition of Windows 8 – not the Professional edition, which is a mean decision, in our view.

Businesses operating over a wide-area network will also be pleased by upgrades to the BranchCache feature, which manages local caching of remote documents and resources so that they can be opened and accessed quickly, even if the master copies are located at the other end of the country. When it was introduced in Windows 7 (and its server-side partner, Windows Server 2008 R2), BranchCache’s capabilities were limited. In Windows 8 and Server 2012, BranchCache can support any number of remote branches, and can be silently enabled on client PCs through a group policy. Deduplication is automatically applied, so only one copy of duplicate data is stored and synchronised, which minimises bandwidth and storage requirements. Extensive new configuration options also let administrators manage how much information is cached where, and for how long.

A final convenience for IT departments is a set of improvements to the way group policies are managed. The Group Policy Management Console in Server 2012 now provides a one-click status check, showing details of all active domain controllers and the state of policy replication on each one, so you can easily spot any propagation errors. It’s also now possible to force an immediate group policy update across any Organisation Unit, so that urgent changes take effect within ten minutes, rather than having to wait an hour or more for the clients to refresh themselves. The ten-minute delay is to avoid a sudden bandwidth crunch on large networks, but can be overridden using the new Invoke-GpUpdate PowerShell cmdlet.

Top 10
New App for Women ‘Remix’ Offers Fashion Advice & Style Tips
SG50 Ferrari F12berlinetta : Prancing Horse for Lion City's 50th
The latest Audi TT : New angles for TT
Era of million-dollar luxury cars
Game Review : Hearthstone - Blackrock Mountain
Game Review : Battlefield Hardline
Google Chromecast
Keyboards for Apple iPad Air 2 (part 3) - Logitech Ultrathin Keyboard Cover for iPad Air 2
Keyboards for Apple iPad Air 2 (part 2) - Zagg Slim Book for iPad Air 2
Keyboards for Apple iPad Air 2 (part 1) - Belkin Qode Ultimate Pro Keyboard Case for iPad Air 2
- First look: Apple Watch

- 3 Tips for Maintaining Your Cell Phone Battery (part 1)

- 3 Tips for Maintaining Your Cell Phone Battery (part 2)
Popular Tags
Video Tutorail Microsoft Access Microsoft Excel Microsoft OneNote Microsoft PowerPoint Microsoft Project Microsoft Visio Microsoft Word Active Directory Exchange Server Sharepoint Sql Server Windows Server 2008 Windows Server 2012 Windows 7 Windows 8 Adobe Flash Professional Dreamweaver Adobe Illustrator Adobe Photoshop CorelDRAW X5 CorelDraw 10 windows Phone 7 windows Phone 8 Iphone